baileytownsend.dev / pds-gatekeeper
Microservice to bring 2FA to self hosted PDSes
fork atom

Crashes again

baileytownsend.dev e9684533 488cee13

options
unified split
Changed files
+3 -4
src
helpers.rs
oauth_provider.rs
+2 -3
src/helpers.rs
··· 134 135 pub enum AuthResult { 136 WrongIdentityOrPassword, 137 - TwoFactorRequired, 138 /// User does not have 2FA enabled, or using an app password, or passes it 139 ProxyThrough, 140 TokenCheckFailed(TokenCheckError), ··· 242 .await? 243 } 244 }; 245 - 246 - //TODO maybe check password first? 247 248 if let Some((did, password_scrypt, email, handle)) = account_row { 249 // Verify password before proceeding to 2FA email step
··· 134 135 pub enum AuthResult { 136 WrongIdentityOrPassword, 137 + /// The string here is the email address to create a hint for oauth 138 + TwoFactorRequired(String), 139 /// User does not have 2FA enabled, or using an app password, or passes it 140 ProxyThrough, 141 TokenCheckFailed(TokenCheckError), ··· 243 .await? 244 } 245 }; 246 247 if let Some((did, password_scrypt, email, handle)) = account_row { 248 // Verify password before proceeding to 2FA email step
+1 -1
src/oauth_provider.rs
··· 36 let identifier = payload.username.clone(); 37 let password = payload.password.clone(); 38 let auth_factor_token = payload.email_otp.clone(); 39 - //TODO need to pass in a flag to ignore app passwords for Oauth 40 41 // Run the shared pre-auth logic to validate and check 2FA requirement 42 match preauth_check(&state, &identifier, &password, auth_factor_token).await { 43 Ok(result) => match result {
··· 36 let identifier = payload.username.clone(); 37 let password = payload.password.clone(); 38 let auth_factor_token = payload.email_otp.clone(); 39 40 + //TODO need to pass in a flag to ignore app passwords for Oauth 41 // Run the shared pre-auth logic to validate and check 2FA requirement 42 match preauth_check(&state, &identifier, &password, auth_factor_token).await { 43 Ok(result) => match result {