lemmy/crates/api/src/local_user/login.rs

use crate::check_totp_2fa_valid;
use actix_web::web::{Data, Json};
use bcrypt::verify;
use lemmy_api_common::{
  context::LemmyContext,
  person::{Login, LoginResponse},
  utils::{check_registration_application, check_user_valid},
};
use lemmy_db_views::structs::{LocalUserView, SiteView};
use lemmy_utils::{
  claims::Claims,
  error::{LemmyError, LemmyErrorExt, LemmyErrorType},
};

#[tracing::instrument(skip(context))]
pub async fn login(
  data: Json<Login>,
  context: Data<LemmyContext>,
) -> Result<Json<LoginResponse>, LemmyError> {
  let site_view = SiteView::read_local(&mut context.pool()).await?;

  // Fetch that username / email
  let username_or_email = data.username_or_email.clone();
  let local_user_view =
    LocalUserView::find_by_email_or_name(&mut context.pool(), &username_or_email)
      .await
      .with_lemmy_type(LemmyErrorType::IncorrectLogin)?;

  // Verify the password
  let valid: bool = verify(
    &data.password,
    &local_user_view.local_user.password_encrypted,
  )
  .unwrap_or(false);
  if !valid {
    Err(LemmyErrorType::IncorrectLogin)?
  }
  check_user_valid(
    local_user_view.person.banned,
    local_user_view.person.ban_expires,
    local_user_view.person.deleted,
  )?;

  // Check if the user's email is verified if email verification is turned on
  // However, skip checking verification if the user is an admin
  if !local_user_view.local_user.admin
    && site_view.local_site.require_email_verification
    && !local_user_view.local_user.email_verified
  {
    Err(LemmyErrorType::EmailNotVerified)?
  }

  check_registration_application(&local_user_view, &site_view.local_site, &mut context.pool())
    .await?;

  // Check the totp if enabled
  if local_user_view.local_user.totp_2fa_enabled {
    check_totp_2fa_valid(&local_user_view, &data.totp_2fa_token, &site_view.site.name)?;
  }

  // Return the jwt
  Ok(Json(LoginResponse {
    jwt: Some(
      Claims::jwt(
        local_user_view.local_user.id.0,
        &context.secret().jwt_secret,
        &context.settings().hostname,
      )?
      .into(),
    ),
    verify_email_sent: false,
    registration_created: false,
  }))
}
Rework the way 2FA is enabled/disabled (fixes #3309) (#3959) * Rework the way 2FA is enabled/disabled (fixes #3309) * postgres format * change algo to sha1 for better compat * review comments * review * clippy --------- Co-authored-by: Dessalines <dessalines@users.noreply.github.com> 2023-09-20 14:49:54 +00:00			`use crate::check_totp_2fa_valid;`
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`use actix_web::web::{Data, Json};`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`use bcrypt::verify;`
			`use lemmy_api_common::{`
Add SendActivity trait so that api crates compile in parallel with lemmy_apub 2022-11-28 14:29:33 +00:00			`context::LemmyContext,`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`person::{Login, LoginResponse},`
Add diesel_async, get rid of blocking function (#2510) * Moving settings to Database. - Moves many settings into the database. Fixes #2285 - Adds a local_site and instance table. Fixes #2365 . Fixes #2368 - Separates SQL update an insert forms, to avoid runtime errors. - Adds TypedBuilder to all the SQL forms, instead of default. * Fix weird clippy issue. * Removing extra lines. * Some fixes from suggestions. * Fixing apub tests. * Using instance creation helper function. * Move forms to their own line. * Trying to fix local_site_data, still broken. * Testing out async * Testing out async 2 * Fixing federation tests. * Trying to fix check features 1. * Starting on adding diesel async. 1/4th done. * Added async to views and schema. * Adding some more async * Compiling now. * Added diesel async. Fixes #2465 * Running clippy --fix * Trying to fix cargo test on drone. * Trying new muslrust. * Trying a custom dns * Trying a custom dns 2 * Trying a custom dns 3 * Trying a custom dns 4 * Trying a custom dns 5 * Trying a custom dns 6 * Trying a custom dns 7 * Addressing PR comments. * Adding check_apub to all verify functions. * Reverting back drone. * Fixing merge * Fix docker images. * Adding missing discussion_languages. * Trying to fix federation tests. * Fix site setup user creation. * Fix clippy * Fix clippy 2 * Test api faster * Try to fix 1 * Try to fix 2 * What are these lines about * Trying to fix 3 * Moving federation test back to top. * Remove logging cat. 2022-11-09 10:05:00 +00:00			`utils::{check_registration_application, check_user_valid},`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`};`
Adding TOTP / 2FA to lemmy (#2741) * Combine prod and dev docker setups using build-arg - Fixes #2603 * Dont use cache for release build. * Adding 2FA / TOTP support. - Fixes #2363 * Changed name to totp_2fa for clarity. * Switch to sha256 for totp. 2023-03-02 20:37:41 +00:00			`use lemmy_db_views::structs::{LocalUserView, SiteView};`
Error enum fixed (#3487) * Create error type enum * Replace magic string slices with LemmyErrorTypes * Remove unused enum * Add rename snake case to error enum * Rename functions * clippy * Fix merge errors * Serialize in PascalCase instead of snake_case * Revert src/lib * Add serialization tests * Update translations * Fix compilation error in test * Fix another compilation error * Add code for generating typescript types * Various fixes to avoid breaking api * impl From<LemmyErrorType> for LemmyError * with_lemmy_type * trigger ci --------- Co-authored-by: SleeplessOne1917 <abias1122@gmail.com> 2023-07-10 14:50:07 +00:00			`use lemmy_utils::{`
			`claims::Claims,`
			`error::{LemmyError, LemmyErrorExt, LemmyErrorType},`
			`};`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`#[tracing::instrument(skip(context))]`
			`pub async fn login(`
			`data: Json<Login>,`
			`context: Data<LemmyContext>,`
			`) -> Result<Json<LoginResponse>, LemmyError> {`
			`let site_view = SiteView::read_local(&mut context.pool()).await?;`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`// Fetch that username / email`
			`let username_or_email = data.username_or_email.clone();`
			`let local_user_view =`
			`LocalUserView::find_by_email_or_name(&mut context.pool(), &username_or_email)`
			`.await`
			`.with_lemmy_type(LemmyErrorType::IncorrectLogin)?;`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`// Verify the password`
			`let valid: bool = verify(`
			`&data.password,`
			`&local_user_view.local_user.password_encrypted,`
			`)`
			`.unwrap_or(false);`
			`if !valid {`
			`Err(LemmyErrorType::IncorrectLogin)?`
			`}`
			`check_user_valid(`
			`local_user_view.person.banned,`
			`local_user_view.person.ban_expires,`
			`local_user_view.person.deleted,`
			`)?;`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`// Check if the user's email is verified if email verification is turned on`
			`// However, skip checking verification if the user is an admin`
			`if !local_user_view.local_user.admin`
			`&& site_view.local_site.require_email_verification`
			`&& !local_user_view.local_user.email_verified`
			`{`
			`Err(LemmyErrorType::EmailNotVerified)?`
			`}`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`check_registration_application(&local_user_view, &site_view.local_site, &mut context.pool())`
			`.await?;`
Adding TOTP / 2FA to lemmy (#2741) * Combine prod and dev docker setups using build-arg - Fixes #2603 * Dont use cache for release build. * Adding 2FA / TOTP support. - Fixes #2363 * Changed name to totp_2fa for clarity. * Switch to sha256 for totp. 2023-03-02 20:37:41 +00:00
Rework the way 2FA is enabled/disabled (fixes #3309) (#3959) * Rework the way 2FA is enabled/disabled (fixes #3309) * postgres format * change algo to sha1 for better compat * review comments * review * clippy --------- Co-authored-by: Dessalines <dessalines@users.noreply.github.com> 2023-09-20 14:49:54 +00:00			`// Check the totp if enabled`
			`if local_user_view.local_user.totp_2fa_enabled {`
			`check_totp_2fa_valid(&local_user_view, &data.totp_2fa_token, &site_view.site.name)?;`
			`}`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00
Get rid of remaining Perform/SendActivity traits (fixes #3670) (#3926) * Get rid of remaining Perform/SendActivity traits (fixes #3670) * fix api tests * ci 2023-09-05 09:33:46 +00:00			`// Return the jwt`
			`Ok(Json(LoginResponse {`
			`jwt: Some(`
			`Claims::jwt(`
			`local_user_view.local_user.id.0,`
			`&context.secret().jwt_secret,`
			`&context.settings().hostname,`
			`)?`
			`.into(),`
			`),`
			`verify_email_sent: false,`
			`registration_created: false,`
			`}))`
Split apart api files (#2216) 2022-04-13 18:12:25 +00:00			`}`