beenull/ente
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Minor refactor

Browse source
This commit is contained in:
Neeraj Gupta 2024-04-09 11:20:45 +05:30
parent 73eacfb30d
commit 46188313ad
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
server/pkg/controller/user/userauth.go
View file

@ -136,23 +136,24 @@ func (c *UserController) SendEmailOTT(context *gin.Context, email string, client
// verifyEmailOtt should be deprecated in favor of verifyEmailOttWithSession once clients are updated.
func (c *UserController) verifyEmailOtt(context *gin.Context, email string, ott string) error {
ott = strings.TrimSpace(ott)
app := auth.GetApp(context)
emailHash, err := crypto.GetHash(email, c.HashingKey)
if err != nil {
return stacktrace.Propagate(err, "")
}
wrongAttempt, err := c.UserAuthRepo.GetMaxWrongAttempts(emailHash, auth.GetApp(context))
wrongAttempt, err := c.UserAuthRepo.GetMaxWrongAttempts(emailHash, app)
if err != nil {
return stacktrace.Propagate(err, "")
}
if wrongAttempt >= OTTWrongAttemptLimit {
msg := "Too many wrong attempts for ott verification"
msg := fmt.Sprintf("Too many wrong ott verification attemp for app %s", app)
go c.DiscordController.NotifyPotentialAbuse(msg)
return stacktrace.Propagate(ente.ErrTooManyBadRequest, "User needs to wait before active ott are expired")
}
otts, err := c.UserAuthRepo.GetValidOTTs(emailHash, auth.GetApp(context))
log.Info("Valid otts for " + emailHash + " are " + strings.Join(otts, ","))
otts, err := c.UserAuthRepo.GetValidOTTs(emailHash, app)
log.Infof("Valid ott (app: %s) for %s are %s", app, emailHash, strings.Join(otts, ","))
if err != nil {
return stacktrace.Propagate(err, "")
}
@ -166,12 +167,12 @@ func (c *UserController) verifyEmailOtt(context *gin.Context, email string, ott
}
}
if !isValidOTT {
if err = c.UserAuthRepo.RecordWrongAttemptForActiveOtt(emailHash, auth.GetApp(context)); err != nil {
if err = c.UserAuthRepo.RecordWrongAttemptForActiveOtt(emailHash, app); err != nil {
log.WithError(err).Warn("Failed to track wrong attempt")
}
return stacktrace.Propagate(ente.ErrIncorrectOTT, "")
}
err = c.UserAuthRepo.RemoveOTT(emailHash, ott, auth.GetApp(context))
err = c.UserAuthRepo.RemoveOTT(emailHash, ott, app)
if err != nil {
return stacktrace.Propagate(err, "")
}