Fix something

2025-12-28 17:23:09 -06:00 · 2021-08-02 14:27:38 +08:00 · 2021-08-02 14:27:38 +08:00 · 96d09c87de
parent c2d4161bce
commit 96d09c87de
5 changed files with 25 additions and 164 deletions
--- a/.gitignore
+++ b/.gitignore
@ -52,7 +52,4 @@ dendrite.yaml
 *.log* 

 # Generated code
-cmd/dendrite-demo-yggdrasil/embed/fs*.go
-
-cmd/sytest/config.json
-cmd/sytest/result
+cmd/dendrite-demo-yggdrasil/embed/fs*.go
--- a/clientapi/auth/password.go
+++ b/clientapi/auth/password.go
@ -54,6 +54,20 @@ func (t *LoginTypePassword) Request() interface{} {
 	return &PasswordRequest{}
 }

+func (t *LoginTypePassword) CheckPassword(ctx context.Context, localpart string,
+	r *PasswordRequest) (*Login, *util.JSONResponse) {
+	_, err := t.GetAccountByPassword(ctx, localpart, r.Password)
+	if err != nil {
+		// Technically we could tell them if the user does not exist by checking if err == sql.ErrNoRows
+		// but that would leak the existence of the user.
+		return nil, &util.JSONResponse{
+			Code: http.StatusForbidden,
+			JSON: jsonerror.Forbidden("username or password was incorrect, or the account does not exist"),
+		}
+	}
+	return &r.Login, nil
+}
+
 func (t *LoginTypePassword) Login(ctx context.Context, req interface{}) (*Login, *util.JSONResponse) {
 	r := req.(*PasswordRequest)
 	username := r.Username()
@ -70,30 +84,19 @@ func (t *LoginTypePassword) Login(ctx context.Context, req interface{}) (*Login,
 			JSON: jsonerror.InvalidUsername(err.Error()),
 		}
 	}
-	if len(t.Config.LDAP.Host) > 0 {
-		addr := ""
-		if t.Config.LDAP.TLS {
-			addr = "ldaps://" + t.Config.LDAP.Host + ":" + t.Config.LDAP.Port
-		} else {
-			addr = "ldap://" + t.Config.LDAP.Host + ":" + t.Config.LDAP.Port
-		}
-
+	if len(t.Config.LDAP.URI) > 0 {
 		var conn *ldap.Conn
-		conn, err = ldap.DialURL(addr)
+		conn, err = ldap.DialURL(t.Config.LDAP.URI)
 		if err != nil {
-			return nil, &util.JSONResponse{
-				Code: http.StatusUnauthorized,
-				JSON: jsonerror.InvalidUsername(err.Error()),
-			}
+			ise := jsonerror.InternalServerError()
+			return nil, &ise
 		}
 		defer conn.Close()

 		e1 := conn.Bind(t.Config.LDAP.BindDN, t.Config.LDAP.BindPSWD)
 		if e1 != nil {
-			return nil, &util.JSONResponse{
-				Code: http.StatusUnauthorized,
-				JSON: jsonerror.InvalidUsername(err.Error()),
-			}
+			ise := jsonerror.InternalServerError()
+			return nil, &ise
 		}
 		filter := fmt.Sprintf("(&%s(%s=%s))", t.Config.LDAP.Filter, "uid", localpart)
 		searchRequest := ldap.NewSearchRequest(t.Config.LDAP.BaseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, []string{"uid"}, nil)
@ -112,14 +115,7 @@ func (t *LoginTypePassword) Login(ctx context.Context, req interface{}) (*Login,
 			}
 		}
 		if len(sr.Entries) == 0 {
-			_, err = t.GetAccountByPassword(ctx, localpart, r.Password)
-			if err != nil {
-				return nil, &util.JSONResponse{
-					Code: http.StatusForbidden,
-					JSON: jsonerror.Forbidden("username or password was incorrect, or the account does not exist"),
-				}
-			}
-			return &r.Login, nil
+			return t.CheckPassword(ctx, localpart, r)
 		}

 		userDN := sr.Entries[0].DN
@ -165,14 +161,6 @@ func (t *LoginTypePassword) Login(ctx context.Context, req interface{}) (*Login,
 		}
 		return &r.Login, nil
 	}
-	_, err = t.GetAccountByPassword(ctx, localpart, r.Password)
-	if err != nil {
-		// Technically we could tell them if the user does not exist by checking if err == sql.ErrNoRows
-		// but that would leak the existence of the user.
-		return nil, &util.JSONResponse{
-			Code: http.StatusForbidden,
-			JSON: jsonerror.Forbidden("username or password was incorrect, or the account does not exist"),
-		}
-	}
-	return &r.Login, nil
+
+	return t.CheckPassword(ctx, localpart, r)
 }
--- a/cmd/sytest/config-example.json
+++ b/cmd/sytest/config-example.json
@ -1,8 +0,0 @@
-{
-    "src": "path of dendrite's source code on your computer, ends with '/'",
-    "send_mail": false,
-    "username": "your email account",
-    "password": "your email password",
-    "host": "your email smtp host",
-    "port": "your email port"
-}
--- a/cmd/sytest/sytest.go
+++ b/cmd/sytest/sytest.go
@ -1,114 +0,0 @@
-package main
-
-import (
-	"crypto/tls"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net"
-	"net/smtp"
-	"os"
-	"os/exec"
-
-	"github.com/sirupsen/logrus"
-)
-
-func main() {
-	err := exec.Command("git", "pull").Run()
-	if err != nil {
-		logrus.WithError(err).Fatalln("Run git pull failed")
-	}
-	logrus.Infoln("Git update done")
-	err = os.RemoveAll("./cmd/sytest/result")
-	if err != nil && !os.IsNotExist(err) {
-		logrus.WithError(err).Fatalln("Remove old result failed")
-	}
-	file, err := ioutil.ReadFile("./cmd/sytest/config.json")
-	if err != nil {
-		logrus.WithError(err).Fatalln("Read config file failed")
-	}
-	var cfg struct {
-		Src      string `json:"src"`
-		SendMail bool   `json:"send_mail"`
-		Username string `json:"username"`
-		Password string `json:"password"`
-		Host     string `json:"host"`
-		Port     string `json:"port"`
-	}
-	err = json.Unmarshal(file, &cfg)
-	if err != nil {
-		logrus.WithError(err).Fatalln("Unmarshal config file failed")
-	}
-	err = exec.Command("docker", "run", "--rm",
-		"-v", cfg.Src+":/src/",
-		"-v", cfg.Src+"cmd/sytest/result:/logs/",
-		"matrixdotorg/sytest-dendrite").Run()
-	if err != nil {
-		logrus.WithError(err).Fatalln("Run sytest docker image failed")
-	}
-	logrus.Infoln("Sytest done")
-	out, err := exec.Command("./are-we-synapse-yet.py",
-		"-v", "./cmd/sytest/result/results.tap").Output()
-	if err != nil {
-		logrus.WithError(err).Fatalln("Run are-we-synapse-yet failed")
-	}
-	if cfg.SendMail {
-		auth := smtp.PlainAuth("",
-			cfg.Username,
-			cfg.Password,
-			cfg.Host)
-		to := []string{"all@workly.ai"}
-		content := []byte(fmt.Sprintf("From:%s\r\nTo:all@workly.ai\r\nSubject:Are We Synapse Yet?\r\nContent-Type:text/plain;charset=utf-8\r\n\r\n%s", cfg.Username, out))
-		err = sendMail(cfg.Host+":"+cfg.Port, auth, cfg.Username, to, content)
-		if err != nil {
-			logrus.WithError(err).Fatalln("Send mail failed")
-		}
-	} else {
-		logrus.Infoln("\n" + string(out))
-	}
-}
-
-func sendMail(addr string, auth smtp.Auth, from string, to []string, msg []byte) (err error) {
-	c, err := dial(addr)
-	if err != nil {
-		return err
-	}
-	if auth != nil {
-		if ok, _ := c.Extension("AUTH"); ok {
-			if err = c.Auth(auth); err != nil {
-				return err
-			}
-		}
-	}
-	if err = c.Mail(from); err != nil {
-		return err
-	}
-	for _, addr := range to {
-		if err = c.Rcpt(addr); err != nil {
-			fmt.Print(err)
-			return err
-		}
-	}
-	w, err := c.Data()
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(msg)
-	if err != nil {
-		return err
-	}
-	err = w.Close()
-	if err != nil {
-		return err
-	}
-	return c.Quit()
-}
-
-func dial(addr string) (*smtp.Client, error) {
-	conn, err := tls.Dial("tcp", addr, nil)
-	if err != nil {
-		return nil, err
-	}
-	host, _, _ := net.SplitHostPort(addr)
-	return smtp.NewClient(conn, host)
-}
--- a/setup/config/config_clientapi.go
+++ b/setup/config/config_clientapi.go
@ -127,9 +127,7 @@ func (r *RateLimiting) Defaults() {
 }

 type LDAP struct {
-	TLS      bool   `yaml:"tls"`
-	Host     string `yaml:"host"`
-	Port     string `yaml:"port"`
+	URI      string `yaml:"uri"`
 	BaseDN   string `yaml:"basedn"`
 	Filter   string `yaml:"filter"`
 	BindDN   string `yaml:"bind_dn"`