iartamonov/mautrix-telegram
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Ignore whitespace in web login input

Browse Source
This commit is contained in:
Tulir Asokan
2019-06-01 22:15:49 +03:00
parent ddfffaf6a2
commit 9591a05361
2 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mautrix_telegram/web/common/auth_api.py
+8 -5
View File
@@ -56,7 +56,7 @@ class AuthAPI(abc.ABC):
error="You have already logged in with your Matrix "
"account.", errcode="already-logged-in")
resp = await puppet.switch_mxid(token, user.mxid)
resp = await puppet.switch_mxid(token.strip(), user.mxid)
if resp == PuppetError.OnlyLoginSelf:
return self.get_mx_login_response(status=403, errcode="only-login-self",
error="You can only log in as your own Matrix user.")
@@ -72,8 +72,12 @@ class AuthAPI(abc.ABC):
errcode="not-yet-implemented")
async def post_login_phone(self, user: User, phone: str) -> web.Response:
if not phone or not phone.strip():
return self.get_login_response(mxid=user.mxid, state="request", status=400,
errcode="phone_number_invalid",
error="Phone number not given.")
try:
await user.client.sign_in(phone or "+123")
await user.client.sign_in(phone.strip())
return self.get_login_response(mxid=user.mxid, state="code", status=200,
message="Code requested successfully.")
except PhoneNumberInvalidError:
@@ -117,10 +121,9 @@ class AuthAPI(abc.ABC):
if user.command_status and user.command_status["action"] == "Login":
user.command_status = None
async def post_login_token(self, user: User, token: str) -> web.Response:
try:
user_info = await user.client.sign_in(bot_token=token)
user_info = await user.client.sign_in(bot_token=token.strip())
await self.postprocess_login(user, user_info)
return self.get_login_response(mxid=user.mxid, state="logged-in", status=200,
username=user_info.username, phone=None,
@@ -174,7 +177,7 @@ class AuthAPI(abc.ABC):
async def post_login_password(self, user: User, password: str) -> web.Response:
try:
user_info = await user.client.sign_in(password=password)
user_info = await user.client.sign_in(password=password.strip())
await self.postprocess_login(user, user_info)
human_tg_id = f"@{user_info.username}" if user_info.username else f"+{user_info.phone}"
return self.get_login_response(mxid=user.mxid, state="logged-in", status=200,
mautrix_telegram/web/public/__init__.py
+11 -3
View File
@@ -87,7 +87,8 @@ class PublicBridgeWebsite(AuthAPI):
return self.get_login_response(mxid=user.mxid, human_tg_id=user.human_tg_id)
async def get_matrix_login(self, request: web.Request) -> web.Response:
mxid = self.verify_token(request.rel_url.query.get("token", None), endpoint="/matrix-login")
mxid = self.verify_token(request.rel_url.query.get("token", None),
endpoint="/matrix-login")
if not mxid:
return self.get_mx_login_response(status=401, state="invalid-token")
user = User.get_by_mxid(mxid, create=False) if mxid else None
@@ -124,7 +125,8 @@ class PublicBridgeWebsite(AuthAPI):
error=error, message=message, mxid=mxid))
async def post_matrix_login(self, request: web.Request) -> web.Response:
mxid = self.verify_token(request.rel_url.query.get("token", None), endpoint="/matrix-login")
mxid = self.verify_token(request.rel_url.query.get("token", None),
endpoint="/matrix-login")
if not mxid:
return self.get_mx_login_response(status=401, state="invalid-token")
@@ -167,7 +169,13 @@ class PublicBridgeWebsite(AuthAPI):
elif "bot_token" in data:
return await self.post_login_token(user, data["bot_token"])
elif "code" in data:
resp = await self.post_login_code(user, data["code"],
try:
code = int(data["code"].strip())
except ValueError:
return self.get_login_response(mxid=user.mxid, state="code", status=400,
errcode="phone_code_invalid",
error="Phone code must be a number.")
resp = await self.post_login_code(user, code,
password_in_data="password" in data)
if resp or "password" not in data:
return resp