Add-ish support for tags and mentions in new messages

2025-06-05 17:07:04 +02:00 · 2025-06-05 17:07:04 +02:00 · b0f041e7b0
commit b0f041e7b0
parent 94106bb82f
14 changed files with 242 additions and 53 deletions
--- a/auth-new/passkey.go
+++ b/auth-new/passkey.go
@ -146,6 +146,9 @@ func (a *Authenticator) StartPasskeyRegistration(
 	}
 	wrappedAcc := fakeUser{acc}
 	options, session, err := a.webauthn.BeginRegistration(&wrappedAcc)
+	if err != nil {
+		return nil, "", err
+	}
 	jsonSession, err := json.Marshal(session)
 	if err != nil {
 		return nil, "", other.Error("auth", "failed to marshal session to json", err)
--- a/auth-new/password.go
+++ b/auth-new/password.go
@ -8,6 +8,7 @@ import (
 	"gorm.io/gorm"
 	"gorm.io/gorm/clause"

+	"git.mstar.dev/mstar/linstrom/config"
 	"git.mstar.dev/mstar/linstrom/shared"
 	"git.mstar.dev/mstar/linstrom/storage-new/dbgen"
 	"git.mstar.dev/mstar/linstrom/storage-new/models"
@ -42,7 +43,11 @@ func (a *Authenticator) PerformPasswordLogin(
 	if method == nil {
 		return LoginNextFailure, "", ErrUnsupportedAuthMethod
 	}
-	if !comparePassword(password, method.Token) {
+	decrypted, err := Decrypt([]byte(config.GlobalConfig.Storage.EncryptionKey), method.Token)
+	if err != nil {
+		return 0, "", other.Error("auth", "failed to decrypt password hash", err)
+	}
+	if !comparePassword(password, decrypted) {
 		return LoginNextFailure, "", ErrInvalidCombination
 	}
 	nextStates := ConvertNewStorageAuthMethodsToLoginState(
@ -118,6 +123,10 @@ func (a *Authenticator) PerformPasswordRegister(username, password string) error
 	if err != nil {
 		return other.Error("auth", "failed to hash password", err)
 	}
+	encryptedPass, err := Encrypt([]byte(config.GlobalConfig.Storage.EncryptionKey), passwordHash)
+	if err != nil {
+		return other.Error("auth", "failed to encrypt password hash", err)
+	}
 	passwordMethods := sliceutils.Filter(
 		acc.AuthMethods,
 		func(t models.UserAuthMethod) bool { return t.AuthMethod == models.AuthMethodPassword },
@ -129,13 +138,13 @@ func (a *Authenticator) PerformPasswordRegister(username, password string) error
 		// For now, do perform an update
 		dbPass := passwordMethods[0]
 		_, err = dbgen.UserAuthMethod.Where(dbgen.UserAuthMethod.ID.Eq(dbPass.ID)).
-			Update(dbgen.UserAuthMethod.Token, passwordHash)
+			Update(dbgen.UserAuthMethod.Token, encryptedPass)
 		if err != nil {
 			return other.Error("auth", "failed to update password", err)
 		}
 	} else {
 		dbPass := models.UserAuthMethod{
-			Token:      passwordHash,
+			Token:      encryptedPass,
 			AuthMethod: models.AuthMethodPassword,
 			User:       *acc,
 			UserId:     acc.ID,