2022-11-28 15:29:33 +01:00
|
|
|
use actix_web::web::Data;
|
2023-07-10 15:00:55 +02:00
|
|
|
use base64::{engine::general_purpose::STANDARD_NO_PAD as base64, Engine};
|
2023-06-27 11:38:53 +01:00
|
|
|
use captcha::Captcha;
|
2022-11-28 15:29:33 +01:00
|
|
|
use lemmy_api_common::{context::LemmyContext, utils::local_site_to_slur_regex};
|
2022-10-27 05:24:07 -04:00
|
|
|
use lemmy_db_schema::source::local_site::LocalSite;
|
2023-07-10 16:50:07 +02:00
|
|
|
use lemmy_utils::{
|
|
|
|
error::{LemmyError, LemmyErrorExt, LemmyErrorType},
|
|
|
|
utils::slurs::check_slurs,
|
|
|
|
};
|
2023-06-30 03:36:38 -07:00
|
|
|
use std::io::Cursor;
|
2020-09-24 13:53:21 +00:00
|
|
|
|
2023-07-28 16:39:38 +02:00
|
|
|
pub mod comment;
|
|
|
|
pub mod comment_report;
|
|
|
|
pub mod community;
|
|
|
|
pub mod local_user;
|
|
|
|
pub mod post;
|
|
|
|
pub mod post_report;
|
|
|
|
pub mod private_message;
|
|
|
|
pub mod private_message_report;
|
|
|
|
pub mod site;
|
2020-09-24 13:53:21 +00:00
|
|
|
|
|
|
|
#[async_trait::async_trait(?Send)]
|
|
|
|
pub trait Perform {
|
2023-07-10 12:27:49 +02:00
|
|
|
type Response: serde::ser::Serialize + Send + Clone + Sync;
|
2020-09-24 13:53:21 +00:00
|
|
|
|
2023-06-06 18:27:22 +02:00
|
|
|
async fn perform(&self, context: &Data<LemmyContext>) -> Result<Self::Response, LemmyError>;
|
2020-09-24 13:53:21 +00:00
|
|
|
}
|
|
|
|
|
2023-06-27 11:38:53 +01:00
|
|
|
/// Converts the captcha to a base64 encoded wav audio file
|
2023-06-30 03:36:38 -07:00
|
|
|
pub(crate) fn captcha_as_wav_base64(captcha: &Captcha) -> Result<String, LemmyError> {
|
2023-06-27 11:38:53 +01:00
|
|
|
let letters = captcha.as_wav();
|
|
|
|
|
2023-06-30 03:36:38 -07:00
|
|
|
// Decode each wav file, concatenate the samples
|
|
|
|
let mut concat_samples: Vec<i16> = Vec::new();
|
|
|
|
let mut any_header: Option<wav::Header> = None;
|
2023-06-27 11:38:53 +01:00
|
|
|
for letter in letters {
|
2023-06-30 03:36:38 -07:00
|
|
|
let mut cursor = Cursor::new(letter.unwrap_or_default());
|
|
|
|
let (header, samples) = wav::read(&mut cursor)?;
|
|
|
|
any_header = Some(header);
|
|
|
|
if let Some(samples16) = samples.as_sixteen() {
|
|
|
|
concat_samples.extend(samples16);
|
|
|
|
} else {
|
2023-07-10 16:50:07 +02:00
|
|
|
return Err(LemmyErrorType::CouldntCreateAudioCaptcha)?;
|
2023-06-30 03:36:38 -07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Encode the concatenated result as a wav file
|
|
|
|
let mut output_buffer = Cursor::new(vec![]);
|
|
|
|
let header = match any_header {
|
|
|
|
Some(header) => header,
|
2023-07-10 16:50:07 +02:00
|
|
|
None => return Err(LemmyErrorType::CouldntCreateAudioCaptcha)?,
|
2023-06-30 03:36:38 -07:00
|
|
|
};
|
2023-07-10 16:50:07 +02:00
|
|
|
wav::write(
|
2023-06-30 03:36:38 -07:00
|
|
|
header,
|
|
|
|
&wav::BitDepth::Sixteen(concat_samples),
|
|
|
|
&mut output_buffer,
|
2023-07-10 16:50:07 +02:00
|
|
|
)
|
|
|
|
.with_lemmy_type(LemmyErrorType::CouldntCreateAudioCaptcha)?;
|
2023-06-27 11:38:53 +01:00
|
|
|
|
2023-07-10 15:00:55 +02:00
|
|
|
Ok(base64.encode(output_buffer.into_inner()))
|
2023-06-27 11:38:53 +01:00
|
|
|
}
|
|
|
|
|
2023-07-26 20:01:15 +02:00
|
|
|
/// Check size of report
|
2022-10-27 05:24:07 -04:00
|
|
|
pub(crate) fn check_report_reason(reason: &str, local_site: &LocalSite) -> Result<(), LemmyError> {
|
|
|
|
let slur_regex = &local_site_to_slur_regex(local_site);
|
|
|
|
|
|
|
|
check_slurs(reason, slur_regex)?;
|
2022-09-19 22:58:42 +00:00
|
|
|
if reason.is_empty() {
|
2023-07-10 16:50:07 +02:00
|
|
|
return Err(LemmyErrorType::ReportReasonRequired)?;
|
2022-09-19 22:58:42 +00:00
|
|
|
}
|
|
|
|
if reason.chars().count() > 1000 {
|
2023-07-10 16:50:07 +02:00
|
|
|
return Err(LemmyErrorType::ReportTooLong)?;
|
2022-09-19 22:58:42 +00:00
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-09-24 13:53:21 +00:00
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
2023-07-18 00:34:14 +09:30
|
|
|
#![allow(clippy::unwrap_used)]
|
|
|
|
#![allow(clippy::indexing_slicing)]
|
|
|
|
|
2022-05-03 19:44:13 +02:00
|
|
|
use lemmy_api_common::utils::check_validator_time;
|
2021-10-16 15:33:38 +02:00
|
|
|
use lemmy_db_schema::{
|
|
|
|
source::{
|
2022-10-27 05:24:07 -04:00
|
|
|
instance::Instance,
|
|
|
|
local_user::{LocalUser, LocalUserInsertForm},
|
|
|
|
person::{Person, PersonInsertForm},
|
2021-10-16 15:33:38 +02:00
|
|
|
secret::Secret,
|
|
|
|
},
|
|
|
|
traits::Crud,
|
2022-11-09 05:05:00 -05:00
|
|
|
utils::build_db_pool_for_tests,
|
2021-03-13 20:16:35 +02:00
|
|
|
};
|
2022-06-22 16:24:54 -04:00
|
|
|
use lemmy_utils::{claims::Claims, settings::SETTINGS};
|
2022-11-09 05:05:00 -05:00
|
|
|
use serial_test::serial;
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2022-11-09 05:05:00 -05:00
|
|
|
#[tokio::test]
|
|
|
|
#[serial]
|
|
|
|
async fn test_should_not_validate_user_token_after_password_change() {
|
|
|
|
let pool = &build_db_pool_for_tests().await;
|
2023-07-11 06:09:59 -07:00
|
|
|
let pool = &mut pool.into();
|
2022-11-09 05:05:00 -05:00
|
|
|
let secret = Secret::init(pool).await.unwrap();
|
2022-06-22 16:24:54 -04:00
|
|
|
let settings = &SETTINGS.to_owned();
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2023-03-01 03:36:57 +01:00
|
|
|
let inserted_instance = Instance::read_or_create(pool, "my_domain.tld".to_string())
|
|
|
|
.await
|
|
|
|
.unwrap();
|
2022-10-27 05:24:07 -04:00
|
|
|
|
|
|
|
let new_person = PersonInsertForm::builder()
|
|
|
|
.name("Gerry9812".into())
|
|
|
|
.public_key("pubkey".to_string())
|
|
|
|
.instance_id(inserted_instance.id)
|
|
|
|
.build();
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2022-11-09 05:05:00 -05:00
|
|
|
let inserted_person = Person::create(pool, &new_person).await.unwrap();
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2022-10-27 05:24:07 -04:00
|
|
|
let local_user_form = LocalUserInsertForm::builder()
|
|
|
|
.person_id(inserted_person.id)
|
|
|
|
.password_encrypted("123456".to_string())
|
|
|
|
.build();
|
2021-03-13 22:36:40 +02:00
|
|
|
|
2022-11-09 05:05:00 -05:00
|
|
|
let inserted_local_user = LocalUser::create(pool, &local_user_form).await.unwrap();
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2021-09-22 11:57:09 -04:00
|
|
|
let jwt = Claims::jwt(
|
|
|
|
inserted_local_user.id.0,
|
|
|
|
&secret.jwt_secret,
|
|
|
|
&settings.hostname,
|
|
|
|
)
|
|
|
|
.unwrap();
|
|
|
|
let claims = Claims::decode(&jwt, &secret.jwt_secret).unwrap().claims;
|
2021-03-19 00:31:49 -04:00
|
|
|
let check = check_validator_time(&inserted_local_user.validator_time, &claims);
|
|
|
|
assert!(check.is_ok());
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2021-03-19 00:31:49 -04:00
|
|
|
// The check should fail, since the validator time is now newer than the jwt issue time
|
|
|
|
let updated_local_user =
|
2022-11-09 05:05:00 -05:00
|
|
|
LocalUser::update_password(pool, inserted_local_user.id, "password111")
|
|
|
|
.await
|
|
|
|
.unwrap();
|
2021-03-19 00:31:49 -04:00
|
|
|
let check_after = check_validator_time(&updated_local_user.validator_time, &claims);
|
|
|
|
assert!(check_after.is_err());
|
2021-03-13 20:16:35 +02:00
|
|
|
|
2022-11-09 05:05:00 -05:00
|
|
|
let num_deleted = Person::delete(pool, inserted_person.id).await.unwrap();
|
2021-03-19 00:31:49 -04:00
|
|
|
assert_eq!(1, num_deleted);
|
2021-03-13 20:16:35 +02:00
|
|
|
}
|
2020-09-24 13:53:21 +00:00
|
|
|
}
|