🐛 Authenticate wrong payload hotfix

This commit is contained in:
LittleSheep 2024-06-26 18:07:07 +08:00
parent ab5130de2a
commit ebdb6f5688
4 changed files with 12 additions and 11 deletions

12
.idea/workspace.xml generated
View File

@ -4,11 +4,11 @@
<option name="autoReloadType" value="ALL" />
</component>
<component name="ChangeListManager">
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix frontend">
<change afterPath="$PROJECT_DIR$/pkg/internal/models/statuses.go" afterDir="false" />
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":card_file_box: Add the status model">
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/database/migrator.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/database/migrator.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/models/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/accounts.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/server/api/auth_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/auth_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/services/factors.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/factors.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/web/src/components/auth/Authenticate.vue" beforeDir="false" afterPath="$PROJECT_DIR$/web/src/components/auth/Authenticate.vue" afterDir="false" />
</list>
<option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -146,7 +146,6 @@
</option>
</component>
<component name="VcsManagerConfiguration">
<MESSAGE value=":bug: Fix APNs pushes no sound" />
<MESSAGE value=":bug: Fix APNs pushes no sound (again)" />
<MESSAGE value=":fire: Remove ws connected does not push notify feature" />
<MESSAGE value=":sparkles: Able to read current user's realm profile" />
@ -171,7 +170,8 @@
<MESSAGE value=":sparkles: Better avatar and banner APIs" />
<MESSAGE value=":bug: Fix avatar and banner APIs" />
<MESSAGE value=":bug: Fix frontend" />
<option name="LAST_COMMIT_MESSAGE" value=":bug: Fix frontend" />
<MESSAGE value=":card_file_box: Add the status model" />
<option name="LAST_COMMIT_MESSAGE" value=":card_file_box: Add the status model" />
</component>
<component name="VgoProject">
<settings-migrated>true</settings-migrated>

View File

@ -12,7 +12,7 @@ import (
func doAuthenticate(c *fiber.Ctx) error {
var data struct {
Username string `json:"username"`
Username string `json:"username" validate:"required"`
Password string `json:"password" validate:"required"`
}
@ -34,7 +34,7 @@ func doAuthenticate(c *fiber.Ctx) error {
ticket, err = services.ActiveTicketWithPassword(ticket, data.Password)
if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("invalid password: %v", err.Error()))
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
}
return c.JSON(fiber.Map{
@ -66,7 +66,7 @@ func doMultiFactorAuthenticate(c *fiber.Ctx) error {
ticket, err = services.ActiveTicketWithMFA(ticket, factor, data.Code)
if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("invalid code: %v", err.Error()))
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
}
return c.JSON(fiber.Map{

View File

@ -3,6 +3,7 @@ package services
import (
"fmt"
"github.com/samber/lo"
"strings"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
@ -99,7 +100,7 @@ func CheckFactor(factor models.AuthFactor, code string) error {
)
case models.EmailPasswordFactor:
return lo.Ternary(
code == factor.Secret,
strings.ToUpper(code) == strings.ToUpper(factor.Secret),
nil,
fmt.Errorf("invalid verification code"),
)

View File

@ -49,7 +49,7 @@ async function submit() {
const res = await request("/api/auth", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ id: probe.value, password: password.value }),
body: JSON.stringify({ username: probe.value, password: password.value }),
})
if (res.status !== 200) {
error.value = await res.text()