2020-08-12 06:12:06 +00:00
|
|
|
use std::io::Write;
|
|
|
|
|
|
|
|
use data_encoding::HEXUPPER;
|
2021-05-19 14:51:36 +00:00
|
|
|
use ring::pbkdf2;
|
2020-08-12 06:12:06 +00:00
|
|
|
use std::num::NonZeroU32;
|
|
|
|
|
|
|
|
use crate::common::message::message::Message;
|
|
|
|
use crate::common::message::message_builder::message_builder;
|
2021-05-19 14:51:36 +00:00
|
|
|
use crate::common::message::message_type::MessageType;
|
2020-09-01 17:49:43 +00:00
|
|
|
use crate::common::misc::return_flags::ReturnFlags;
|
2020-08-12 06:12:06 +00:00
|
|
|
|
|
|
|
use crate::server::db::cmd::get_user_hash::get_user_hash;
|
2020-08-13 09:51:33 +00:00
|
|
|
use crate::server::db::cmd::get_user_id::get_user_id;
|
2021-05-19 14:51:36 +00:00
|
|
|
use crate::server::db::cmd::get_user_salt::get_user_salt;
|
|
|
|
use crate::server::network::tls_connection::TlsConnection;
|
2020-08-12 06:12:06 +00:00
|
|
|
|
|
|
|
use crate::server::network::jwt_wrapper::create_jwt_token;
|
|
|
|
|
2020-09-01 17:49:43 +00:00
|
|
|
pub fn acc_auth(tls_connection: &mut TlsConnection, message: &Message) -> Result<(), ReturnFlags> {
|
2020-08-12 06:12:06 +00:00
|
|
|
/*
|
|
|
|
* Parse account data.
|
|
|
|
* */
|
|
|
|
/* get json data */
|
|
|
|
let stringified_data = std::str::from_utf8(&message.data).unwrap();
|
|
|
|
let data = json::parse(&stringified_data).unwrap();
|
|
|
|
/* get email, password, and username hashes */
|
2021-05-19 14:51:36 +00:00
|
|
|
let email_hash = HEXUPPER
|
|
|
|
.decode(data["hashed_email"].as_str().unwrap().as_bytes())
|
|
|
|
.unwrap();
|
|
|
|
let password_hash = HEXUPPER
|
|
|
|
.decode(data["hashed_password"].as_str().unwrap().as_bytes())
|
|
|
|
.unwrap();
|
2020-08-12 06:12:06 +00:00
|
|
|
let username = data["username"].as_str().unwrap();
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Get server salts
|
|
|
|
* */
|
2021-05-19 14:51:36 +00:00
|
|
|
let email_salt = HEXUPPER
|
|
|
|
.decode(get_user_salt(username, true, true).unwrap().as_bytes())
|
|
|
|
.unwrap();
|
|
|
|
let password_salt = HEXUPPER
|
|
|
|
.decode(get_user_salt(username, false, true).unwrap().as_bytes())
|
|
|
|
.unwrap();
|
2020-08-12 06:12:06 +00:00
|
|
|
|
|
|
|
/*
|
2020-08-13 09:40:29 +00:00
|
|
|
* Get server hashes
|
2020-08-12 06:12:06 +00:00
|
|
|
* */
|
2021-05-19 14:51:36 +00:00
|
|
|
let email_db = HEXUPPER
|
|
|
|
.decode(get_user_hash(username, true).unwrap().as_bytes())
|
|
|
|
.unwrap();
|
|
|
|
let password_db = HEXUPPER
|
|
|
|
.decode(get_user_hash(username, false).unwrap().as_bytes())
|
|
|
|
.unwrap();
|
2020-08-12 06:12:06 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Verify creds
|
|
|
|
* */
|
|
|
|
let email_ret = pbkdf2::verify(
|
|
|
|
pbkdf2::PBKDF2_HMAC_SHA512,
|
|
|
|
NonZeroU32::new(350_000).unwrap(),
|
|
|
|
&email_salt,
|
2020-08-13 09:40:29 +00:00
|
|
|
&email_hash,
|
2021-05-19 14:51:36 +00:00
|
|
|
&email_db,
|
|
|
|
);
|
2020-08-12 06:12:06 +00:00
|
|
|
match email_ret.is_ok() {
|
2021-05-19 14:51:36 +00:00
|
|
|
true => {}
|
|
|
|
false => return Err(ReturnFlags::SERVER_ACC_UNAUTHORIZED),
|
2020-08-12 06:12:06 +00:00
|
|
|
};
|
|
|
|
let pass_ret = pbkdf2::verify(
|
|
|
|
pbkdf2::PBKDF2_HMAC_SHA512,
|
|
|
|
NonZeroU32::new(500_000).unwrap(),
|
|
|
|
&password_salt,
|
2020-08-13 09:40:29 +00:00
|
|
|
&password_hash,
|
2021-05-19 14:51:36 +00:00
|
|
|
&password_db,
|
|
|
|
);
|
2020-08-12 06:12:06 +00:00
|
|
|
match pass_ret.is_ok() {
|
2021-05-19 14:51:36 +00:00
|
|
|
true => {}
|
|
|
|
false => return Err(ReturnFlags::SERVER_ACC_UNAUTHORIZED),
|
2020-08-12 06:12:06 +00:00
|
|
|
};
|
|
|
|
|
2021-05-19 14:51:36 +00:00
|
|
|
/*
|
|
|
|
* Generate JWT token
|
2020-08-12 06:12:06 +00:00
|
|
|
* */
|
|
|
|
/* get user id*/
|
2020-08-13 09:51:33 +00:00
|
|
|
let user_id = get_user_id(username)?;
|
2020-08-12 06:12:06 +00:00
|
|
|
|
|
|
|
/* gen the actual token */
|
2021-05-19 14:51:36 +00:00
|
|
|
use std::time::{Duration, SystemTime, UNIX_EPOCH};
|
|
|
|
let beginning_of_time = SystemTime::now() + Duration::from_secs(4 * 60 * 60);
|
|
|
|
let jwt_token = create_jwt_token(
|
|
|
|
user_id,
|
|
|
|
beginning_of_time
|
|
|
|
.duration_since(UNIX_EPOCH)
|
|
|
|
.unwrap()
|
|
|
|
.as_secs(),
|
|
|
|
)?;
|
2020-08-12 06:12:06 +00:00
|
|
|
|
2021-05-19 14:51:36 +00:00
|
|
|
/*
|
|
|
|
* Send the JWT token
|
2020-08-12 06:12:06 +00:00
|
|
|
* */
|
2021-05-19 14:51:36 +00:00
|
|
|
let message = message_builder(
|
|
|
|
MessageType::ServerReturn,
|
|
|
|
1,
|
|
|
|
1,
|
|
|
|
0,
|
2021-05-21 08:10:37 +00:00
|
|
|
0,
|
2021-05-19 14:51:36 +00:00
|
|
|
jwt_token.as_bytes().to_vec(),
|
|
|
|
);
|
2020-08-19 03:09:02 +00:00
|
|
|
let _ = tls_connection.write(bincode::serialize(&message).unwrap().as_slice());
|
2021-05-19 14:51:36 +00:00
|
|
|
|
|
|
|
Ok(())
|
2020-08-12 06:12:06 +00:00
|
|
|
}
|