besaid.zone / pds-gatekeeper
forked from baileytownsend.dev/pds-gatekeeper
Microservice to bring 2FA to self hosted PDSes
fork atom

sign-in subject env, removed log, removed uppercase cast

baileytownsend.dev 31b2279d 5b1ada5e

options
unified split
Changed files
+10 -7
README.md
justfile
src
helpers.rs
xrpc
com_atproto_server.rs
+3
README.md
··· 105 in the pds gateekeper container and it will use them in place of the default ones. Just make sure ot keep the names the 106 same. 107 108 `PDS_BASE_URL` - Base url of the PDS. You most likely want `https://localhost:3000` which is also the default 109 110 `GATEKEEPER_HOST` - Host for pds gatekeeper. Defaults to `127.0.0.1`
··· 105 in the pds gateekeper container and it will use them in place of the default ones. Just make sure ot keep the names the 106 same. 107 108 + `GATEKEEPER_TWO_FACTOR_EMAIL_SUBJECT` - Subject of the email sent to the user when they turn on 2FA. Defaults to 109 + `Sign in to Bluesky` 110 + 111 `PDS_BASE_URL` - Base url of the PDS. You most likely want `https://localhost:3000` which is also the default 112 113 `GATEKEEPER_HOST` - Host for pds gatekeeper. Defaults to `127.0.0.1`
+1 -1
justfile
··· 2 docker buildx build \ 3 --platform linux/arm64,linux/amd64 \ 4 --tag fatfingers23/pds_gatekeeper:latest \ 5 - --tag fatfingers23/pds_gatekeeper:0.1 \ 6 --push .
··· 2 docker buildx build \ 3 --platform linux/arm64,linux/amd64 \ 4 --tag fatfingers23/pds_gatekeeper:latest \ 5 + --tag fatfingers23/pds_gatekeeper:0.1.0.1 \ 6 --push .
+6 -5
src/helpers.rs
··· 15 use serde_json::{Map, Value}; 16 use sha2::{Digest, Sha256}; 17 use sqlx::SqlitePool; 18 use tracing::{error, log}; 19 20 ///Used to generate the email 2fa code ··· 134 full_code.push(UPPERCASE_BASE32_CHARS[idx] as char); 135 } 136 137 - //The PDS implementation creates in lowercase, then converts to uppercase. 138 - //Just going a head and doing uppercase here. 139 - let slice_one = &full_code[0..5].to_ascii_uppercase(); 140 - let slice_two = &full_code[5..10].to_ascii_uppercase(); 141 format!("{slice_one}-{slice_two}") 142 } 143 ··· 334 let email_body = state 335 .template_engine 336 .render("two_factor_code.hbs", email_data)?; 337 338 let email_message = Message::builder() 339 //TODO prob get the proper type in the state 340 .from(state.mailer_from.parse()?) 341 .to(email.parse()?) 342 - .subject("Sign in to Bluesky") 343 .multipart( 344 MultiPart::alternative() // This is composed of two parts. 345 .singlepart(
··· 15 use serde_json::{Map, Value}; 16 use sha2::{Digest, Sha256}; 17 use sqlx::SqlitePool; 18 + use std::env; 19 use tracing::{error, log}; 20 21 ///Used to generate the email 2fa code ··· 135 full_code.push(UPPERCASE_BASE32_CHARS[idx] as char); 136 } 137 138 + let slice_one = &full_code[0..5]; 139 + let slice_two = &full_code[5..10]; 140 format!("{slice_one}-{slice_two}") 141 } 142 ··· 333 let email_body = state 334 .template_engine 335 .render("two_factor_code.hbs", email_data)?; 336 + let email_subject = env::var("GATEKEEPER_TWO_FACTOR_EMAIL_SUBJECT") 337 + .unwrap_or("Sign in to Bluesky".to_string()); 338 339 let email_message = Message::builder() 340 //TODO prob get the proper type in the state 341 .from(state.mailer_from.parse()?) 342 .to(email.parse()?) 343 + .subject(email_subject) 344 .multipart( 345 MultiPart::alternative() // This is composed of two parts. 346 .singlepart(
-1
src/xrpc/com_atproto_server.rs
··· 87 ) 88 } 89 AuthResult::ProxyThrough => { 90 - log::info!("Proxying through"); 91 //No 2FA or already passed 92 let uri = format!( 93 "{}{}",
··· 87 ) 88 } 89 AuthResult::ProxyThrough => { 90 //No 2FA or already passed 91 let uri = format!( 92 "{}{}",