Browse Source

fix: only allow valid usernames in /register

pull/14/head
Timo Kösters 1 month ago
parent
commit
d08f91d1c3
Signed by: timo <timo@koesters.xyz> GPG Key ID: 24DA7517711A2BA4
3 changed files with 21 additions and 16 deletions
  1. +2
    -0
      .gitignore
  2. +5
    -5
      Rocket.toml
  3. +14
    -11
      src/client_server.rs

+ 2
- 0
.gitignore View File

@@ -1,2 +1,4 @@
/target
**/*.rs.bk

Rocket.toml

+ 5
- 5
Rocket.toml View File

@@ -1,8 +1,8 @@
[global]
hostname = "matrixtesting.koesters.xyz:59003"
port = 59003
server_name = "your.server.name"
port = 8448
address = "0.0.0.0"

[global.tls]
certs = "/etc/letsencrypt/live/matrixtesting.koesters.xyz/fullchain.pem"
key = "/etc/letsencrypt/live/matrixtesting.koesters.xyz/privkey.pem"
#[global.tls]
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem"

+ 14
- 11
src/client_server.rs View File

@@ -65,9 +65,12 @@ pub fn get_register_available_route(
body: Ruma<get_username_availability::Request>,
) -> MatrixResult<get_username_availability::Response> {
// Validate user id
let user_id: UserId =
match (*format!("@{}:{}", body.username.clone(), db.globals.server_name())).try_into() {
Err(_) => {
let user_id =
match UserId::parse_with_server_name(body.username.clone(), db.globals.server_name())
.ok()
.filter(|user_id| !user_id.is_historical())
{
None => {
debug!("Username invalid");
return MatrixResult(Err(Error {
kind: ErrorKind::InvalidUsername,
@@ -75,7 +78,7 @@ pub fn get_register_available_route(
status_code: http::StatusCode::BAD_REQUEST,
}));
}
Ok(user_id) => user_id,
Some(user_id) => user_id,
};

// Check if username is creative enough
@@ -112,16 +115,16 @@ pub fn register_route(
}

// Validate user id
let user_id: UserId = match (*format!(
"@{}:{}",
let user_id = match UserId::parse_with_server_name(
body.username
.clone()
.unwrap_or_else(|| utils::random_string(GUEST_NAME_LENGTH)),
db.globals.server_name()
))
.try_into()
db.globals.server_name(),
)
.ok()
.filter(|user_id| !user_id.is_historical())
{
Err(_) => {
None => {
debug!("Username invalid");
return MatrixResult(Err(UiaaResponse::MatrixError(Error {
kind: ErrorKind::InvalidUsername,
@@ -129,7 +132,7 @@ pub fn register_route(
status_code: http::StatusCode::BAD_REQUEST,
})));
}
Ok(user_id) => user_id,
Some(user_id) => user_id,
};

// Check if username is creative enough


Loading…
Cancel
Save