ntr/mnml
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge tag '1.12.0' into develop

Browse Source 
1.12.0
This commit is contained in:
ntr 2020-01-10 12:34:29 +10:00
commit e7f2d0261a
13 changed files with 51 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -1 +1 @@
1.11.2
1.12.0

2
acp/package.json
View File

@ -1,6 +1,6 @@
{
"name": "mnml-client",
"version": "1.11.2",
"version": "1.12.0",
"description": "",
"main": "index.js",
"scripts": {

2
client/package.json
View File

@ -1,6 +1,6 @@
{
"name": "mnml-client",
"version": "1.11.2",
"version": "1.12.0",
"description": "",
"main": "index.js",
"scripts": {

22
client/src/components/account.top.jsx
View File

@ -19,8 +19,8 @@ const addState = connect(
} = state;
function sendSetPassword(current, password) {
postData('/account/password', { current, password })
function sendSetPassword(password) {
postData('/account/password', { password })
.then(res => res.json())
.then(data => {
if (data.error) return errorToast(data.error);
@ -74,7 +74,7 @@ class AccountStatus extends Component {
super(props);
this.state = {
passwordState: { current: '', password: '', confirm: ''},
passwordState: { password: '', confirm: ''},
emailState: null,
unsubState: false,
};
@ -105,8 +105,8 @@ class AccountStatus extends Component {
passwordState.password === passwordState.confirm;
const setPasswordDisabled = () => {
const { current, password, confirm } = passwordState;
return !(passwordsEqual() && password && current && confirm);
const { password, confirm } = passwordState;
return !(passwordsEqual() && password && confirm);
}
const tlClick = e => {
@ -173,15 +173,7 @@ class AccountStatus extends Component {
</div>
<div>
<h3>Password</h3>
<label for="current">Password:</label>
<input
class="login-input"
type="password"
name="current"
value={passwordState.current}
onInput={linkState(this, 'passwordState.current')}
placeholder="current"
/>
<label for="current">Set Password:</label>
<input
class="login-input"
type="password"
@ -202,7 +194,7 @@ class AccountStatus extends Component {
/>
<button
disabled={setPasswordDisabled()}
onClick={() => sendSetPassword(passwordState.current, passwordState.password)}>
onClick={() => sendSetPassword(passwordState.password)}>
Set Password
</button>
</div>

2
core/Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "mnml_core"
version = "1.11.2"
version = "1.12.0"
authors = ["ntr <ntr@smokestack.io>", "mashy <mashy@mnml.gg>"]
[dependencies]

1
core/src/game.rs
View File

@ -104,7 +104,6 @@ impl Game {
// let player_description = player.constructs.iter().map(|c| c.name.clone()).collect::<Vec<String>>().join(", ");
// self.log.push(format!("{:} has joined the game. [{:}]", player.name, player_description));
player.constructs.sort_unstable_by_key(|c| c.id);
self.players.push(player);
Ok(self)

4
core/src/player.rs
View File

@ -65,7 +65,9 @@ pub struct Player {
}
impl Player {
pub fn new(account: Uuid, img: Option<Uuid>, name: &String, constructs: Vec<Construct>) -> Player {
pub fn new(account: Uuid, img: Option<Uuid>, name: &String, mut constructs: Vec<Construct>) -> Player {
constructs.sort_unstable_by_key(|c| c.id);
Player {
id: account,
img,

2
ops/package.json
View File

@ -1,6 +1,6 @@
{
"name": "mnml-ops",
"version": "1.11.2",
"version": "1.12.0",
"description": "",
"main": "index.js",
"scripts": {

2
server/Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "mnml"
version = "1.11.2"
version = "1.12.0"
authors = ["ntr <ntr@smokestack.io>"]
[dependencies]

54
server/src/account.rs
View File

@ -213,42 +213,42 @@ pub fn new_img(tx: &mut Transaction, id: Uuid) -> Result<Account, Error> {
Account::try_from(row)
}
pub fn set_password(tx: &mut Transaction, id: Uuid, current: &String, password: &String) -> Result<String, MnmlHttpError> {
pub fn set_password(tx: &mut Transaction, id: Uuid, password: &String) -> Result<String, MnmlHttpError> {
if password.len() < PASSWORD_MIN_LEN || password.len() > 100 {
return Err(MnmlHttpError::PasswordUnacceptable);
}
let query = "
SELECT id, password
FROM accounts
WHERE id = $1
";
// let query = "
// SELECT id, password
// FROM accounts
// WHERE id = $1
// ";
let result = tx
.query(query, &[&id])?;
// let result = tx
// .query(query, &[&id])?;
let row = match result.iter().next() {
Some(row) => row,
None => {
let mut rng = thread_rng();
let garbage: String = iter::repeat(())
.map(|()| rng.sample(Alphanumeric))
.take(64)
.collect();
// let row = match result.iter().next() {
// Some(row) => row,
// None => {
// let mut rng = thread_rng();
// let garbage: String = iter::repeat(())
// .map(|()| rng.sample(Alphanumeric))
// .take(64)
// .collect();
// verify garbage to prevent timing attacks
verify(garbage.clone(), &garbage).ok();
return Err(MnmlHttpError::AccountNotFound);
},
};
// // verify garbage to prevent timing attacks
// verify(garbage.clone(), &garbage).ok();
// return Err(MnmlHttpError::AccountNotFound);
// },
// };
let id: Uuid = row.get(0);
let db_pw: String = row.get(1);
// let id: Uuid = row.get(0);
// let db_pw: String = row.get(1);
// return bad request to prevent being logged out
if !verify(current, &db_pw)? {
return Err(MnmlHttpError::BadRequest);
}
// // return bad request to prevent being logged out
// if !verify(current, &db_pw)? {
// return Err(MnmlHttpError::BadRequest);
// }
let password = hash(&password, PASSWORD_ROUNDS)?;

4
server/src/http.rs
View File

@ -369,7 +369,7 @@ fn recover(req: &mut Request) -> IronResult<Response> {
#[derive(Debug,Clone,Deserialize)]
struct SetPassword {
current: String,
// current: String,
password: String,
}
@ -385,7 +385,7 @@ fn set_password(req: &mut Request) -> IronResult<Response> {
let db = state.pool.get().or(Err(MnmlHttpError::DbError))?;
let mut tx = db.transaction().or(Err(MnmlHttpError::DbError))?;
let token = account::set_password(&mut tx, a.id, &params.current, &params.password)?;
let token = account::set_password(&mut tx, a.id, &params.password)?;
tx.commit().or(Err(MnmlHttpError::ServerError))?;

8
server/src/mail.rs
View File

@ -42,10 +42,10 @@ pub enum Mail {
fn recover(email: &String, name: &String, token: &String) -> SendableEmail {
let body = format!("{:},
the link below will recover your account.
please change your password immediately in the account page.
this link will expire in 48 hours or once used.
please change your password immediately in the account page
as this link will expire in 48 hours or once used.
http://mnml.gg/api/account/recover?recover_token={:}
https://mnml.gg/api/account/recover?recover_token={:}
glhf
--mnml", name, token);
@ -63,7 +63,7 @@ glhf
fn confirm(email: &String, name: &String, token: &String) -> SendableEmail {
let confirm_body = format!("{:},
please click the link below to confirm your email
http://mnml.gg/api/account/email/confirm?confirm_token={:}
https://mnml.gg/api/account/email/confirm?confirm_token={:}
glhf
--mnml", name, token);

2
studios/package.json
View File

@ -1,6 +1,6 @@
{
"name": "mnml-studios",
"version": "1.11.2",
"version": "1.12.0",
"description": "",
"main": "index.js",
"scripts": {