2022-04-13 18:12:25 +00:00
|
|
|
use crate::Perform;
|
|
|
|
use actix_web::web::Data;
|
|
|
|
use bcrypt::verify;
|
|
|
|
use lemmy_api_common::{
|
2022-11-28 14:29:33 +00:00
|
|
|
context::LemmyContext,
|
2022-04-13 18:12:25 +00:00
|
|
|
person::{Login, LoginResponse},
|
2022-11-09 10:05:00 +00:00
|
|
|
utils::{check_registration_application, check_user_valid},
|
2022-04-13 18:12:25 +00:00
|
|
|
};
|
2023-03-02 20:37:41 +00:00
|
|
|
use lemmy_db_views::structs::{LocalUserView, SiteView};
|
2023-07-10 14:50:07 +00:00
|
|
|
use lemmy_utils::{
|
|
|
|
claims::Claims,
|
|
|
|
error::{LemmyError, LemmyErrorExt, LemmyErrorType},
|
|
|
|
utils::validation::check_totp_2fa_valid,
|
|
|
|
};
|
2022-04-13 18:12:25 +00:00
|
|
|
|
|
|
|
#[async_trait::async_trait(?Send)]
|
|
|
|
impl Perform for Login {
|
|
|
|
type Response = LoginResponse;
|
|
|
|
|
2023-06-06 16:27:22 +00:00
|
|
|
#[tracing::instrument(skip(context))]
|
|
|
|
async fn perform(&self, context: &Data<LemmyContext>) -> Result<LoginResponse, LemmyError> {
|
2022-04-13 18:12:25 +00:00
|
|
|
let data: &Login = self;
|
|
|
|
|
2023-03-02 20:37:41 +00:00
|
|
|
let site_view = SiteView::read_local(context.pool()).await?;
|
2022-10-27 09:24:07 +00:00
|
|
|
|
2022-04-13 18:12:25 +00:00
|
|
|
// Fetch that username / email
|
|
|
|
let username_or_email = data.username_or_email.clone();
|
2022-11-09 10:05:00 +00:00
|
|
|
let local_user_view = LocalUserView::find_by_email_or_name(context.pool(), &username_or_email)
|
|
|
|
.await
|
2023-07-10 14:50:07 +00:00
|
|
|
.with_lemmy_type(LemmyErrorType::IncorrectLogin)?;
|
2022-04-13 18:12:25 +00:00
|
|
|
|
|
|
|
// Verify the password
|
|
|
|
let valid: bool = verify(
|
|
|
|
&data.password,
|
|
|
|
&local_user_view.local_user.password_encrypted,
|
|
|
|
)
|
|
|
|
.unwrap_or(false);
|
|
|
|
if !valid {
|
2023-07-10 14:50:07 +00:00
|
|
|
return Err(LemmyErrorType::IncorrectLogin)?;
|
2022-04-13 18:12:25 +00:00
|
|
|
}
|
2022-07-28 21:14:07 +00:00
|
|
|
check_user_valid(
|
|
|
|
local_user_view.person.banned,
|
|
|
|
local_user_view.person.ban_expires,
|
|
|
|
local_user_view.person.deleted,
|
|
|
|
)?;
|
2022-04-13 18:12:25 +00:00
|
|
|
|
2023-06-20 12:52:21 +00:00
|
|
|
// Check if the user's email is verified if email verification is turned on
|
|
|
|
// However, skip checking verification if the user is an admin
|
|
|
|
if !local_user_view.person.admin
|
|
|
|
&& site_view.local_site.require_email_verification
|
|
|
|
&& !local_user_view.local_user.email_verified
|
2023-03-02 20:37:41 +00:00
|
|
|
{
|
2023-07-10 14:50:07 +00:00
|
|
|
return Err(LemmyErrorType::EmailNotVerified)?;
|
2022-04-13 18:12:25 +00:00
|
|
|
}
|
|
|
|
|
2023-03-02 20:37:41 +00:00
|
|
|
check_registration_application(&local_user_view, &site_view.local_site, context.pool()).await?;
|
|
|
|
|
|
|
|
// Check the totp
|
|
|
|
check_totp_2fa_valid(
|
|
|
|
&local_user_view.local_user.totp_2fa_secret,
|
|
|
|
&data.totp_2fa_token,
|
|
|
|
&site_view.site.name,
|
|
|
|
&local_user_view.person.name,
|
|
|
|
)?;
|
2022-04-13 18:12:25 +00:00
|
|
|
|
|
|
|
// Return the jwt
|
|
|
|
Ok(LoginResponse {
|
|
|
|
jwt: Some(
|
|
|
|
Claims::jwt(
|
|
|
|
local_user_view.local_user.id.0,
|
|
|
|
&context.secret().jwt_secret,
|
|
|
|
&context.settings().hostname,
|
|
|
|
)?
|
|
|
|
.into(),
|
|
|
|
),
|
|
|
|
verify_email_sent: false,
|
|
|
|
registration_created: false,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|