Hypernet/Passport
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

🐛 Authenticate wrong payload hotfix

Browse Source
This commit is contained in:
LittleSheep 2024-06-26 18:07:07 +08:00
parent ab5130de2a
commit ebdb6f5688
4 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.idea/workspace.xml
View File

@ -4,11 +4,11 @@
<option name="autoReloadType" value="ALL" /> <option name="autoReloadType" value="ALL" />
</component> </component>
<component name="ChangeListManager"> <component name="ChangeListManager">
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":bug: Fix frontend"> <list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":card_file_box: Add the status model">
<change afterPath="$PROJECT_DIR$/pkg/internal/models/statuses.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" /> <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/database/migrator.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/database/migrator.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/auth_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/auth_api.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/pkg/internal/models/accounts.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/accounts.go" afterDir="false" /> <change beforePath="$PROJECT_DIR$/pkg/internal/services/factors.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/factors.go" afterDir="false" />
<change beforePath="$PROJECT_DIR$/web/src/components/auth/Authenticate.vue" beforeDir="false" afterPath="$PROJECT_DIR$/web/src/components/auth/Authenticate.vue" afterDir="false" />
</list> </list>
<option name="SHOW_DIALOG" value="false" /> <option name="SHOW_DIALOG" value="false" />
<option name="HIGHLIGHT_CONFLICTS" value="true" /> <option name="HIGHLIGHT_CONFLICTS" value="true" />
@ -146,7 +146,6 @@
</option> </option>
</component> </component>
<component name="VcsManagerConfiguration"> <component name="VcsManagerConfiguration">
<MESSAGE value=":bug: Fix APNs pushes no sound" />
<MESSAGE value=":bug: Fix APNs pushes no sound (again)" /> <MESSAGE value=":bug: Fix APNs pushes no sound (again)" />
<MESSAGE value=":fire: Remove ws connected does not push notify feature" /> <MESSAGE value=":fire: Remove ws connected does not push notify feature" />
<MESSAGE value=":sparkles: Able to read current user's realm profile" /> <MESSAGE value=":sparkles: Able to read current user's realm profile" />
@ -171,7 +170,8 @@
<MESSAGE value=":sparkles: Better avatar and banner APIs" /> <MESSAGE value=":sparkles: Better avatar and banner APIs" />
<MESSAGE value=":bug: Fix avatar and banner APIs" /> <MESSAGE value=":bug: Fix avatar and banner APIs" />
<MESSAGE value=":bug: Fix frontend" /> <MESSAGE value=":bug: Fix frontend" />
<option name="LAST_COMMIT_MESSAGE" value=":bug: Fix frontend" /> <MESSAGE value=":card_file_box: Add the status model" />
<option name="LAST_COMMIT_MESSAGE" value=":card_file_box: Add the status model" />
</component> </component>
<component name="VgoProject"> <component name="VgoProject">
<settings-migrated>true</settings-migrated> <settings-migrated>true</settings-migrated>

6
pkg/internal/server/api/auth_api.go
View File

@ -12,7 +12,7 @@ import (
func doAuthenticate(c *fiber.Ctx) error { func doAuthenticate(c *fiber.Ctx) error {
var data struct { var data struct {
Username string `json:"username"` Username string `json:"username" validate:"required"`
Password string `json:"password" validate:"required"` Password string `json:"password" validate:"required"`
} }
@ -34,7 +34,7 @@ func doAuthenticate(c *fiber.Ctx) error {
ticket, err = services.ActiveTicketWithPassword(ticket, data.Password) ticket, err = services.ActiveTicketWithPassword(ticket, data.Password)
if err != nil { if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("invalid password: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
} }
return c.JSON(fiber.Map{ return c.JSON(fiber.Map{
@ -66,7 +66,7 @@ func doMultiFactorAuthenticate(c *fiber.Ctx) error {
ticket, err = services.ActiveTicketWithMFA(ticket, factor, data.Code) ticket, err = services.ActiveTicketWithMFA(ticket, factor, data.Code)
if err != nil { if err != nil {
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("invalid code: %v", err.Error())) return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("failed to authenticate: %v", err.Error()))
} }
return c.JSON(fiber.Map{ return c.JSON(fiber.Map{

3
pkg/internal/services/factors.go
View File

@ -3,6 +3,7 @@ package services
import ( import (
"fmt" "fmt"
"github.com/samber/lo" "github.com/samber/lo"
"strings"
"git.solsynth.dev/hydrogen/passport/pkg/internal/database" "git.solsynth.dev/hydrogen/passport/pkg/internal/database"
"git.solsynth.dev/hydrogen/passport/pkg/internal/models" "git.solsynth.dev/hydrogen/passport/pkg/internal/models"
@ -99,7 +100,7 @@ func CheckFactor(factor models.AuthFactor, code string) error {
) )
case models.EmailPasswordFactor: case models.EmailPasswordFactor:
return lo.Ternary( return lo.Ternary(
code == factor.Secret, strings.ToUpper(code) == strings.ToUpper(factor.Secret),
nil, nil,
fmt.Errorf("invalid verification code"), fmt.Errorf("invalid verification code"),
) )

2
web/src/components/auth/Authenticate.vue
View File

@ -49,7 +49,7 @@ async function submit() {
const res = await request("/api/auth", { const res = await request("/api/auth", {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ id: probe.value, password: password.value }), body: JSON.stringify({ username: probe.value, password: password.value }),
}) })
if (res.status !== 200) { if (res.status !== 200) {
error.value = await res.text() error.value = await res.text()