diff options
| author | Owen Jacobson <owen@grimoire.ca> | 2024-10-19 01:51:30 -0400 |
|---|---|---|
| committer | Owen Jacobson <owen@grimoire.ca> | 2024-10-21 00:49:05 -0400 |
| commit | 379e97c2cb145bc3a495aa14746273d83b508214 (patch) | |
| tree | 218bbe2572af9dd4b165ff05495d084dc0bd8905 /src/invite/app.rs | |
| parent | 98af8ff80da919a1126ba7c6afa65e6654b5ecde (diff) | |
Unicode normalization on input.
This normalizes the following values:
* login names
* passwords
* channel names
* message bodies, because why not
The goal here is to have a canonical representation of these values, so that, for example, the service does not inadvertently host two channels whose names are semantically identical but differ in the specifics of how diacritics are encoded, or two users whose names are identical.
Normalization is done on input from the wire, using Serde hooks, and when reading from the database. The `crate::nfc::String` type implements these normalizations (as well as normalizing whenever converted from a `std::string::String` generally).
This change does not cover:
* Trying to cope with passwords that were created as non-normalized strings, which are now non-verifiable as all the paths to verify passwords normalize the input.
* Trying to ensure that non-normalized data in the database compares reasonably to normalized data. Fortunately, we don't _do_ very many string comparisons (I think only login names), so this isn't a huge deal at this stage. Login names will probably have to Get Fixed later on, when we figure out how to handle case folding for login name verification.
Diffstat (limited to 'src/invite/app.rs')
| -rw-r--r-- | src/invite/app.rs | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/invite/app.rs b/src/invite/app.rs index ee7f74f..285a819 100644 --- a/src/invite/app.rs +++ b/src/invite/app.rs @@ -6,7 +6,7 @@ use crate::{ clock::DateTime, db::{Duplicate as _, NotFound as _}, event::repo::Provider as _, - login::{repo::Provider as _, Login, Password}, + login::{repo::Provider as _, Login, Name, Password}, token::{repo::Provider as _, Secret}, }; @@ -42,7 +42,7 @@ impl<'a> Invites<'a> { pub async fn accept( &self, invite: &Id, - name: &str, + name: &Name, password: &Password, accepted_at: &DateTime, ) -> Result<(Login, Secret), AcceptError> { @@ -68,7 +68,7 @@ impl<'a> Invites<'a> { .logins() .create(name, &password_hash, &created) .await - .duplicate(|| AcceptError::DuplicateLogin(name.into()))?; + .duplicate(|| AcceptError::DuplicateLogin(name.clone()))?; let secret = tx.tokens().issue(&login, accepted_at).await?; tx.commit().await?; @@ -92,7 +92,7 @@ pub enum AcceptError { #[error("invite not found: {0}")] NotFound(Id), #[error("name in use: {0}")] - DuplicateLogin(String), + DuplicateLogin(Name), #[error(transparent)] Database(#[from] sqlx::Error), #[error(transparent)] |