Skip to content

GitLab

medal
medal
Commit 7f28c0af authored by Robert Czechowski's avatar Robert Czechowski
1 Browse files
Options

Only ask users with Oauth login for their grade on first login or 60 days after last activity

parent 51770616
Hide whitespace changes
Inline Side-by-side
Showing with 38 additions and 25 deletions
src/core.rs
View file @ 7f28c0af
......@@ -1338,7 +1338,7 @@ pub struct ForeignUserData {
}
pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData, oauth_provider_id: String)
-> Result<String, (String, json_val::Map<String, json_val::Value>)> {
-> Result<(String, bool), (String, json_val::Map<String, json_val::Value>)> {
match conn.login_foreign(None,
&oauth_provider_id,
&user_data.foreign_id,
......@@ -1351,7 +1351,15 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData, oau
UserSex::Female => Some(2),
UserSex::Unknown => Some(0),
})) {
Ok(session_token) => Ok(session_token),
Ok((session_token, last_activity)) => {
let redirect_profile = if let Some(last_activity) = last_activity {
let now = time::get_time();
now - last_activity > time::Duration::days(60)
} else {
true
};
Ok((session_token, redirect_profile))
}
Err(()) => {
let mut data = json_val::Map::new();
data.insert("reason".to_string(), to_json(&"OAuth-Login failed.".to_string()));
......
src/db_conn.base.rs
View file @ 7f28c0af
......@@ -443,18 +443,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = $1
AND oauth_provider = $2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, is_admin = $5, firstname = $6, lastname = $7, sex = $8
......@@ -471,7 +473,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -494,7 +496,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......
src/db_conn.rs
View file @ 7f28c0af
......@@ -34,7 +34,7 @@ pub trait MedalConnection {
fn login_with_code(&self, session: Option<&str>, logincode: &str) -> Result<String, ()>;
fn login_foreign(&self, session: Option<&str>, provider_id: &str, foreign_id: &str,
_: (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>;
-> Result<(String, Option<time::Timespec>), ()>;
fn create_user_with_groupcode(&self, session: Option<&str>, groupcode: &str) -> Result<String, ()>;
fn create_group_with_users(&self, group: Group);
fn logout(&self, session: &str);
......
src/db_conn_postgres.rs
View file @ 7f28c0af
......@@ -555,18 +555,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = $1
AND oauth_provider = $2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, is_admin = $5, firstname = $6, lastname = $7, sex = $8
......@@ -583,7 +585,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -606,7 +608,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......@@ -921,7 +923,6 @@ impl MedalConnection for Connection {
/* Warning: This function makes no use of rusts type safety. Handle with care when changeing */
fn export_contest_results_to_file(&self, contest_id: i32, taskgroups: &[(i32, String)], filename: &str) {
use std::fs::OpenOptions;
// TODO: what to do, if this fails? Function should be fallible
let file = OpenOptions::new().write(true).create(true).truncate(true).open(filename).unwrap();
let mut headers = vec!["id",
"username",
......@@ -1112,7 +1113,6 @@ impl MedalConnection for Connection {
.unwrap();
let mut taskgroupcontest_iter = taskgroupcontest.into_iter();
// TODO: This can fail
let (mut contest, mut taskgroup, task) = taskgroupcontest_iter.next().unwrap();
taskgroup.tasks.push(task);
for tgc in taskgroupcontest_iter {
......
src/db_conn_sqlite_new.rs
View file @ 7f28c0af
......@@ -555,18 +555,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = ?1
AND oauth_provider = ?2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3,
is_teacher = ?4, is_admin = ?5, firstname = ?6, lastname = ?7, sex = ?8
......@@ -583,7 +585,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -606,7 +608,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......
src/webfw_iron.rs
View file @ 7f28c0af
......@@ -1048,6 +1048,7 @@ pub struct OAuthUserData {
userId_int: Option<String>,
}
// TODO: Most of this code should be moved into core:: as a new function
fn oauth<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
use params::{Params, Value};
......@@ -1141,10 +1142,10 @@ fn oauth<C>(req: &mut Request) -> IronResult<Response>
match oauthloginresult {
// Login successful
Ok(sessionkey) => {
Ok((sessionkey, redirectprofile)) => {
req.session().set(SessionToken { token: sessionkey }).unwrap();
if user_type == UserType::User {
if user_type == UserType::User && redirectprofile {
Ok(Response::with((status::Found,
Redirect(iron::Url::parse(&format!("{}?status=firstlogin",
&url_for!(req, "profile"))).unwrap()))))
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment