aboutsummaryrefslogtreecommitdiff
path: root/src/api/identity.rs
diff options
context:
space:
mode:
authorJake Howard <[email protected]>2021-03-31 21:18:35 +0100
committerJake Howard <[email protected]>2021-03-31 21:18:35 +0100
commit0af3956abd2ff9b550130716e41fc14088dac84c (patch)
tree4554f017b29df0b66b9f544cc75030d7eed5d1f3 /src/api/identity.rs
parent15feff3e79b319dcbfd2d775d5521896a6068bc6 (diff)
downloadvaultwarden-0af3956abd2ff9b550130716e41fc14088dac84c.tar.gz
vaultwarden-0af3956abd2ff9b550130716e41fc14088dac84c.zip
Run `cargo fmt` on codebase
Diffstat (limited to 'src/api/identity.rs')
-rw-r--r--src/api/identity.rs33
1 files changed, 23 insertions, 10 deletions
diff --git a/src/api/identity.rs b/src/api/identity.rs
index dcfe607a..22a7a11e 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -114,7 +114,10 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: &ClientIp) -> JsonResult
if user.verified_at.is_none() && CONFIG.mail_enabled() && CONFIG.signups_verify() {
let now = now.naive_utc();
- if user.last_verifying_at.is_none() || now.signed_duration_since(user.last_verifying_at.unwrap()).num_seconds() > CONFIG.signups_verify_resend_time() as i64 {
+ if user.last_verifying_at.is_none()
+ || now.signed_duration_since(user.last_verifying_at.unwrap()).num_seconds()
+ > CONFIG.signups_verify_resend_time() as i64
+ {
let resend_limit = CONFIG.signups_verify_resend_limit() as i32;
if resend_limit == 0 || user.login_verify_count < resend_limit {
// We want to send another email verification if we require signups to verify
@@ -168,7 +171,7 @@ fn _password_login(data: ConnectData, conn: DbConn, ip: &ClientIp) -> JsonResult
"Key": user.akey,
"PrivateKey": user.private_key,
//"TwoFactorToken": "11122233333444555666777888999"
-
+
"Kdf": user.client_kdf_type,
"KdfIterations": user.client_kdf_iter,
"ResetMasterPassword": false,// TODO: Same as above
@@ -231,12 +234,13 @@ fn twofactor_auth(
let twofactor_code = match data.two_factor_token {
Some(ref code) => code,
- None => err_json!(_json_err_twofactor(&twofactor_ids, user_uuid, conn)?, "2FA token not provided"),
+ None => err_json!(
+ _json_err_twofactor(&twofactor_ids, user_uuid, conn)?,
+ "2FA token not provided"
+ ),
};
- let selected_twofactor = twofactors
- .into_iter()
- .find(|tf| tf.atype == selected_id && tf.enabled);
+ let selected_twofactor = twofactors.into_iter().find(|tf| tf.atype == selected_id && tf.enabled);
use crate::api::core::two_factor as _tf;
use crate::crypto::ct_eq;
@@ -245,18 +249,27 @@ fn twofactor_auth(
let mut remember = data.two_factor_remember.unwrap_or(0);
match TwoFactorType::from_i32(selected_id) {
- Some(TwoFactorType::Authenticator) => _tf::authenticator::validate_totp_code_str(user_uuid, twofactor_code, &selected_data?, ip, conn)?,
+ Some(TwoFactorType::Authenticator) => {
+ _tf::authenticator::validate_totp_code_str(user_uuid, twofactor_code, &selected_data?, ip, conn)?
+ }
Some(TwoFactorType::U2f) => _tf::u2f::validate_u2f_login(user_uuid, twofactor_code, conn)?,
Some(TwoFactorType::YubiKey) => _tf::yubikey::validate_yubikey_login(twofactor_code, &selected_data?)?,
- Some(TwoFactorType::Duo) => _tf::duo::validate_duo_login(data.username.as_ref().unwrap(), twofactor_code, conn)?,
- Some(TwoFactorType::Email) => _tf::email::validate_email_code_str(user_uuid, twofactor_code, &selected_data?, conn)?,
+ Some(TwoFactorType::Duo) => {
+ _tf::duo::validate_duo_login(data.username.as_ref().unwrap(), twofactor_code, conn)?
+ }
+ Some(TwoFactorType::Email) => {
+ _tf::email::validate_email_code_str(user_uuid, twofactor_code, &selected_data?, conn)?
+ }
Some(TwoFactorType::Remember) => {
match device.twofactor_remember {
Some(ref code) if !CONFIG.disable_2fa_remember() && ct_eq(code, twofactor_code) => {
remember = 1; // Make sure we also return the token here, otherwise it will only remember the first time
}
- _ => err_json!(_json_err_twofactor(&twofactor_ids, user_uuid, conn)?, "2FA Remember token not provided"),
+ _ => err_json!(
+ _json_err_twofactor(&twofactor_ids, user_uuid, conn)?,
+ "2FA Remember token not provided"
+ ),
}
}
_ => err!("Invalid two factor provider"),