summaryrefslogtreecommitdiff
path: root/src/api
diff options
context:
space:
mode:
authorpennae <github@quasiparticle.net>2022-07-17 14:30:31 +0200
committerpennae <github@quasiparticle.net>2022-07-17 17:26:24 +0200
commit2743fb077862f9228ca0b7d1b9056b4253cdcc70 (patch)
tree3c4196cf70f7d943446b806f05c739cc5aa657e3 /src/api
parent56499a11ad76afce78f2344ebfcb2b1ce1ee437f (diff)
downloadminor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.tar.gz
minor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.tar.xz
minor-skulk-2743fb077862f9228ca0b7d1b9056b4253cdcc70.zip
remove SecretBytes
there's no benefit to keeping it around, the zeroing behavior it had was never any good and without it it's just a fancy [u8; N]
Diffstat (limited to 'src/api')
-rw-r--r--src/api/auth/account.rs6
-rw-r--r--src/api/auth/invite.rs4
-rw-r--r--src/api/auth/password.rs6
3 files changed, 8 insertions, 8 deletions
diff --git a/src/api/auth/account.rs b/src/api/auth/account.rs
index 56ec717..9d2a19e 100644
--- a/src/api/auth/account.rs
+++ b/src/api/auth/account.rs
@@ -11,7 +11,7 @@ use serde::{Deserialize, Serialize};
use validator::Validate;
use crate::api::{Empty, EMPTY};
-use crate::crypto::{KeyFetchToken, SessionToken};
+use crate::crypto::{random_bytes, KeyFetchToken, SessionToken};
use crate::db::{Db, DbConn};
use crate::mailer::Mailer;
use crate::push::PushClient;
@@ -21,7 +21,7 @@ use crate::Config;
use crate::{
api::{auth, serialize_dt},
auth::{AuthSource, Authenticated},
- crypto::{AuthPW, KeyBundle, KeyFetchReq, SecretBytes, SessionCredentials},
+ crypto::{AuthPW, KeyBundle, KeyFetchReq, SessionCredentials},
types::{KeyFetchID, OauthToken, SecretKey, User, UserID, VerifyHash},
};
@@ -122,7 +122,7 @@ pub(crate) async fn create(
.await?;
let auth_at =
db.add_session(session.token_id.clone(), &uid, session.req_hmac_key, false, None).await?;
- let verify_code = hex::encode(&SecretBytes::<16>::generate().0);
+ let verify_code = hex::encode(&random_bytes::<16>());
db.add_verify_code(&uid, &session.token_id, &verify_code).await?;
// NOTE we send the email in this context rather than a spawn to signal
// send errors to the client.
diff --git a/src/api/auth/invite.rs b/src/api/auth/invite.rs
index f2c6ad8..e70c3d6 100644
--- a/src/api/auth/invite.rs
+++ b/src/api/auth/invite.rs
@@ -3,7 +3,7 @@ use chrono::{Duration, Utc};
use rocket::{http::uri::Reference, serde::json::Json, State};
use serde::{Deserialize, Serialize};
-use crate::{api::auth, auth::Authenticated, crypto::SecretBytes, db::DbConn, Config};
+use crate::{api::auth, auth::Authenticated, crypto::random_bytes, db::DbConn, Config};
use super::WithVerifiedFxaLogin;
@@ -12,7 +12,7 @@ pub(crate) async fn generate_invite_link(
cfg: &Config,
ttl: Duration,
) -> anyhow::Result<Reference<'static>> {
- let code = base64::encode_config(&SecretBytes::<32>::generate().0, URL_SAFE_NO_PAD);
+ let code = base64::encode_config(&random_bytes::<32>(), URL_SAFE_NO_PAD);
db.add_invite_code(&code, Utc::now() + ttl).await?;
Reference::parse_owned(format!("{}/#/register/{}", cfg.location, code))
.map_err(|e| anyhow!("url building failed at {e}"))
diff --git a/src/api/auth/password.rs b/src/api/auth/password.rs
index 79b7587..d1455e4 100644
--- a/src/api/auth/password.rs
+++ b/src/api/auth/password.rs
@@ -10,8 +10,8 @@ use crate::{
api::auth,
auth::{AuthSource, Authenticated},
crypto::{
- AccountResetReq, AccountResetToken, AuthPW, KeyBundle, KeyFetchReq, KeyFetchToken,
- PasswordChangeReq, PasswordChangeToken, SecretBytes,
+ random_bytes, AccountResetReq, AccountResetToken, AuthPW, KeyBundle, KeyFetchReq,
+ KeyFetchToken, PasswordChangeReq, PasswordChangeToken,
},
db::{Db, DbConn},
mailer::Mailer,
@@ -192,7 +192,7 @@ pub(crate) async fn forgot_start(
return Err(auth::Error::UnverifiedAccount);
}
- let forgot_code = hex::encode(SecretBytes::<16>::generate().0);
+ let forgot_code = hex::encode(random_bytes::<16>());
let forgot_token = PasswordChangeToken::generate();
let forgot_req = PasswordChangeReq::derive_from_forgot_token(&forgot_token);
db.add_password_change(