diff options
author | pennae <github@quasiparticle.net> | 2022-07-17 14:30:31 +0200 |
---|---|---|
committer | pennae <github@quasiparticle.net> | 2022-07-17 17:26:24 +0200 |
commit | 2743fb077862f9228ca0b7d1b9056b4253cdcc70 (patch) | |
tree | 3c4196cf70f7d943446b806f05c739cc5aa657e3 /src/api/auth | |
parent | 56499a11ad76afce78f2344ebfcb2b1ce1ee437f (diff) | |
download | minor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.tar.gz minor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.tar.xz minor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.zip |
remove SecretBytes
there's no benefit to keeping it around, the zeroing behavior it had was
never any good and without it it's just a fancy [u8; N]
Diffstat (limited to 'src/api/auth')
-rw-r--r-- | src/api/auth/account.rs | 6 | ||||
-rw-r--r-- | src/api/auth/invite.rs | 4 | ||||
-rw-r--r-- | src/api/auth/password.rs | 6 |
3 files changed, 8 insertions, 8 deletions
diff --git a/src/api/auth/account.rs b/src/api/auth/account.rs index 56ec717..9d2a19e 100644 --- a/src/api/auth/account.rs +++ b/src/api/auth/account.rs @@ -11,7 +11,7 @@ use serde::{Deserialize, Serialize}; use validator::Validate; use crate::api::{Empty, EMPTY}; -use crate::crypto::{KeyFetchToken, SessionToken}; +use crate::crypto::{random_bytes, KeyFetchToken, SessionToken}; use crate::db::{Db, DbConn}; use crate::mailer::Mailer; use crate::push::PushClient; @@ -21,7 +21,7 @@ use crate::Config; use crate::{ api::{auth, serialize_dt}, auth::{AuthSource, Authenticated}, - crypto::{AuthPW, KeyBundle, KeyFetchReq, SecretBytes, SessionCredentials}, + crypto::{AuthPW, KeyBundle, KeyFetchReq, SessionCredentials}, types::{KeyFetchID, OauthToken, SecretKey, User, UserID, VerifyHash}, }; @@ -122,7 +122,7 @@ pub(crate) async fn create( .await?; let auth_at = db.add_session(session.token_id.clone(), &uid, session.req_hmac_key, false, None).await?; - let verify_code = hex::encode(&SecretBytes::<16>::generate().0); + let verify_code = hex::encode(&random_bytes::<16>()); db.add_verify_code(&uid, &session.token_id, &verify_code).await?; // NOTE we send the email in this context rather than a spawn to signal // send errors to the client. diff --git a/src/api/auth/invite.rs b/src/api/auth/invite.rs index f2c6ad8..e70c3d6 100644 --- a/src/api/auth/invite.rs +++ b/src/api/auth/invite.rs @@ -3,7 +3,7 @@ use chrono::{Duration, Utc}; use rocket::{http::uri::Reference, serde::json::Json, State}; use serde::{Deserialize, Serialize}; -use crate::{api::auth, auth::Authenticated, crypto::SecretBytes, db::DbConn, Config}; +use crate::{api::auth, auth::Authenticated, crypto::random_bytes, db::DbConn, Config}; use super::WithVerifiedFxaLogin; @@ -12,7 +12,7 @@ pub(crate) async fn generate_invite_link( cfg: &Config, ttl: Duration, ) -> anyhow::Result<Reference<'static>> { - let code = base64::encode_config(&SecretBytes::<32>::generate().0, URL_SAFE_NO_PAD); + let code = base64::encode_config(&random_bytes::<32>(), URL_SAFE_NO_PAD); db.add_invite_code(&code, Utc::now() + ttl).await?; Reference::parse_owned(format!("{}/#/register/{}", cfg.location, code)) .map_err(|e| anyhow!("url building failed at {e}")) diff --git a/src/api/auth/password.rs b/src/api/auth/password.rs index 79b7587..d1455e4 100644 --- a/src/api/auth/password.rs +++ b/src/api/auth/password.rs @@ -10,8 +10,8 @@ use crate::{ api::auth, auth::{AuthSource, Authenticated}, crypto::{ - AccountResetReq, AccountResetToken, AuthPW, KeyBundle, KeyFetchReq, KeyFetchToken, - PasswordChangeReq, PasswordChangeToken, SecretBytes, + random_bytes, AccountResetReq, AccountResetToken, AuthPW, KeyBundle, KeyFetchReq, + KeyFetchToken, PasswordChangeReq, PasswordChangeToken, }, db::{Db, DbConn}, mailer::Mailer, @@ -192,7 +192,7 @@ pub(crate) async fn forgot_start( return Err(auth::Error::UnverifiedAccount); } - let forgot_code = hex::encode(SecretBytes::<16>::generate().0); + let forgot_code = hex::encode(random_bytes::<16>()); let forgot_token = PasswordChangeToken::generate(); let forgot_req = PasswordChangeReq::derive_from_forgot_token(&forgot_token); db.add_password_change( |