Skip to content
Snippets Groups Projects
Commit c031ae9f authored by Jean-Christophe BEGUE's avatar Jean-Christophe BEGUE
Browse files

Make password hints available in the error message #85

parent 56b3afa7
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
.env
+ 3
0
View file @ c031ae9f
...@@ -27,6 +27,9 @@ ...@@ -27,6 +27,9 @@
## The change only applies when the password is changed ## The change only applies when the password is changed
# PASSWORD_ITERATIONS=100000 # PASSWORD_ITERATIONS=100000
## Whether password hint should be sent into the error response when the client request it
# SHOW_PASSWORD_HINT=true
## Domain settings ## Domain settings
## The domain must match the address from where you access the server ## The domain must match the address from where you access the server
## Unless you are using U2F, or having problems with attachments not downloading, there is no need to change this ## Unless you are using U2F, or having problems with attachments not downloading, there is no need to change this
......
src/api/core/accounts.rs
+ 20
0
View file @ c031ae9f
...@@ -247,3 +247,23 @@ fn revision_date(headers: Headers) -> String { ...@@ -247,3 +247,23 @@ fn revision_date(headers: Headers) -> String {
let revision_date = headers.user.updated_at.timestamp(); let revision_date = headers.user.updated_at.timestamp();
revision_date.to_string() revision_date.to_string()
} }
#[derive(Deserialize)]
#[allow(non_snake_case)]
struct PasswordHintData {
Email: String,
}
#[post("/accounts/password-hint", data = "<data>")]
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
let data: PasswordHintData = data.into_inner().data;
if !CONFIG.show_password_hint {
return Ok(())
}
match User::find_by_mail(&data.Email, &conn) {
Some(user) => err!(user.password_hint.to_owned().unwrap_or("".to_string())),
None => Ok(()),
}
}
src/api/core/mod.rs
+ 1
0
View file @ c031ae9f
...@@ -23,6 +23,7 @@ pub fn routes() -> Vec<Route> { ...@@ -23,6 +23,7 @@ pub fn routes() -> Vec<Route> {
post_email, post_email,
delete_account, delete_account,
revision_date, revision_date,
password_hint,
sync, sync,
......
src/main.rs
+ 3
0
View file @ c031ae9f
...@@ -169,6 +169,7 @@ pub struct Config { ...@@ -169,6 +169,7 @@ pub struct Config {
local_icon_extractor: bool, local_icon_extractor: bool,
signups_allowed: bool, signups_allowed: bool,
password_iterations: i32, password_iterations: i32,
show_password_hint: bool,
domain: String, domain: String,
domain_set: bool, domain_set: bool,
} }
...@@ -197,6 +198,8 @@ impl Config { ...@@ -197,6 +198,8 @@ impl Config {
local_icon_extractor: util::parse_option_string(env::var("LOCAL_ICON_EXTRACTOR").ok()).unwrap_or(false), local_icon_extractor: util::parse_option_string(env::var("LOCAL_ICON_EXTRACTOR").ok()).unwrap_or(false),
signups_allowed: util::parse_option_string(env::var("SIGNUPS_ALLOWED").ok()).unwrap_or(true), signups_allowed: util::parse_option_string(env::var("SIGNUPS_ALLOWED").ok()).unwrap_or(true),
password_iterations: util::parse_option_string(env::var("PASSWORD_ITERATIONS").ok()).unwrap_or(100_000), password_iterations: util::parse_option_string(env::var("PASSWORD_ITERATIONS").ok()).unwrap_or(100_000),
show_password_hint: util::parse_option_string(env::var("SHOW_PASSWORD_HINT").ok()).unwrap_or(true),
domain_set: domain.is_ok(), domain_set: domain.is_ok(),
domain: domain.unwrap_or("http://localhost".into()), domain: domain.unwrap_or("http://localhost".into()),
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment