The-pack-family
/
APIv3
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move GET /user/:id/requiresTOTP logic into User to make future expansion easier

This commit is contained in:
Colin McDonald 2016-06-21 01:18:06 -04:00
parent 39f0b7d665
commit a5acd2c9ff
2 changed files with 52 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/main/java/net/frozenorb/apiv3/model/User.java
View File

@ -21,10 +21,7 @@ import net.frozenorb.apiv3.serialization.gson.ExcludeFromReplies;
import net.frozenorb.apiv3.serialization.jackson.UuidJsonDeserializer; import net.frozenorb.apiv3.serialization.jackson.UuidJsonDeserializer;
import net.frozenorb.apiv3.serialization.jackson.UuidJsonSerializer; import net.frozenorb.apiv3.serialization.jackson.UuidJsonSerializer;
import net.frozenorb.apiv3.unsorted.BlockingCallback; import net.frozenorb.apiv3.unsorted.BlockingCallback;
import net.frozenorb.apiv3.util.MojangUtils; import net.frozenorb.apiv3.util.*;
import net.frozenorb.apiv3.util.PermissionUtils;
import net.frozenorb.apiv3.util.SyncUtils;
import net.frozenorb.apiv3.util.UuidUtils;
import org.bson.Document; import org.bson.Document;
import java.time.Instant; import java.time.Instant;
@ -216,6 +213,36 @@ public final class User {
return password != null && hashed.equals(password); return password != null && hashed.equals(password);
} }
public void requiresTotpAuthorization(String ip, SingleResultCallback<RequiresTotpResult> callback) {
if (totpSecret == null) {
callback.onResult(RequiresTotpResult.NOT_REQUIRED_NOT_SET, null);
return;
}
if (ip == null || !IpUtils.isValidIp(ip)) {
callback.onResult(RequiresTotpResult.REQUIRED_NO_EXEMPTIONS, null);
return;
}
TotpUtils.isPreAuthorized(this, ip, (ipPreAuth, error) -> {
if (error != null) {
callback.onResult(null, error);
} else if (ipPreAuth) {
callback.onResult(RequiresTotpResult.NOT_REQUIRED_IP_PRE_AUTHORIZED, null);
} else {
callback.onResult(RequiresTotpResult.REQUIRED_NO_EXEMPTIONS, null);
}
});
}
public enum RequiresTotpResult {
NOT_REQUIRED_NOT_SET,
NOT_REQUIRED_IP_PRE_AUTHORIZED,
REQUIRED_NO_EXEMPTIONS
}
public Rank getHighestRankAnywhere() { public Rank getHighestRankAnywhere() {
return getHighestRankScoped(null, Grant.findByUserSync(this)); return getHighestRankScoped(null, Grant.findByUserSync(this));
} }

35
src/main/java/net/frozenorb/apiv3/route/users/GETUserRequiresTOTP.java
View File

@ -13,21 +13,10 @@ import net.frozenorb.apiv3.util.TotpUtils;
public final class GETUserRequiresTOTP implements Handler<RoutingContext> { public final class GETUserRequiresTOTP implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) { public void handle(RoutingContext ctx) {
User user = User.findByIdSync(ctx.request().getParam("id")); User.findById(ctx.request().getParam("id"), (user, error) -> {
if (error != null) {
if (user == null) {
ErrorUtils.respondNotFound(ctx, "User", ctx.request().getParam("id")); ErrorUtils.respondNotFound(ctx, "User", ctx.request().getParam("id"));
return; } else {
}
if (user.getTotpSecret() == null) {
APIv3.respondJson(ctx, ImmutableMap.of(
"required", false,
"message", "User does not have TOTP setup."
));
return;
}
String userIp = ctx.request().getParam("userIp"); String userIp = ctx.request().getParam("userIp");
if (!IpUtils.isValidIp(userIp)) { if (!IpUtils.isValidIp(userIp)) {
@ -35,20 +24,18 @@ public final class GETUserRequiresTOTP implements Handler<RoutingContext> {
return; return;
} }
BlockingCallback<Boolean> preAuthorizedCallback = new BlockingCallback<>(); user.requiresTotpAuthorization(userIp, (requiresTotpResult, error2) -> {
TotpUtils.isPreAuthorized(user, userIp, preAuthorizedCallback); if (error2 != null) {
ErrorUtils.respondInternalError(ctx, error2);
if (preAuthorizedCallback.get()) {
APIv3.respondJson(ctx, ImmutableMap.of(
"required", false,
"message", "User's ip has already been validated"
));
} else { } else {
APIv3.respondJson(ctx, ImmutableMap.of( APIv3.respondJson(ctx, ImmutableMap.of(
"required", true, "required", (requiresTotpResult == User.RequiresTotpResult.REQUIRED_NO_EXEMPTIONS),
"message", "User has no TOTP exemptions." "message", requiresTotpResult.name()
)); ));
} }
});
}
});
} }
} }