Skip to content

GitLab

Commit 7f28c0af authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Only ask users with Oauth login for their grade on first login or 60 days after last activity

parent 51770616
Hide whitespace changes
Inline Side-by-side
src/core.rs
View file @ 7f28c0af
......@@ -1338,7 +1338,7 @@ pub struct ForeignUserData {
}
pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData, oauth_provider_id: String)
-> Result<String, (String, json_val::Map<String, json_val::Value>)> {
-> Result<(String, bool), (String, json_val::Map<String, json_val::Value>)> {
match conn.login_foreign(None,
&oauth_provider_id,
&user_data.foreign_id,
......@@ -1351,7 +1351,15 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData, oau
UserSex::Female => Some(2),
UserSex::Unknown => Some(0),
})) {
Ok(session_token) => Ok(session_token),
Ok((session_token, last_activity)) => {
let redirect_profile = if let Some(last_activity) = last_activity {
let now = time::get_time();
now - last_activity > time::Duration::days(60)
} else {
true
};
Ok((session_token, redirect_profile))
}
Err(()) => {
let mut data = json_val::Map::new();
data.insert("reason".to_string(), to_json(&"OAuth-Login failed.".to_string()));
......
src/db_conn.base.rs
View file @ 7f28c0af
......@@ -443,18 +443,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = $1
AND oauth_provider = $2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, is_admin = $5, firstname = $6, lastname = $7, sex = $8
......@@ -471,7 +473,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -494,7 +496,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......
src/db_conn.rs
View file @ 7f28c0af
......@@ -34,7 +34,7 @@ pub trait MedalConnection {
fn login_with_code(&self, session: Option<&str>, logincode: &str) -> Result<String, ()>;
fn login_foreign(&self, session: Option<&str>, provider_id: &str, foreign_id: &str,
_: (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>;
-> Result<(String, Option<time::Timespec>), ()>;
fn create_user_with_groupcode(&self, session: Option<&str>, groupcode: &str) -> Result<String, ()>;
fn create_group_with_users(&self, group: Group);
fn logout(&self, session: &str);
......
src/db_conn_postgres.rs
View file @ 7f28c0af
......@@ -555,18 +555,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = $1
AND oauth_provider = $2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3,
is_teacher = $4, is_admin = $5, firstname = $6, lastname = $7, sex = $8
......@@ -583,7 +585,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -606,7 +608,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......@@ -921,7 +923,6 @@ impl MedalConnection for Connection {
/* Warning: This function makes no use of rusts type safety. Handle with care when changeing */
fn export_contest_results_to_file(&self, contest_id: i32, taskgroups: &[(i32, String)], filename: &str) {
use std::fs::OpenOptions;
// TODO: what to do, if this fails? Function should be fallible
let file = OpenOptions::new().write(true).create(true).truncate(true).open(filename).unwrap();
let mut headers = vec!["id",
"username",
......@@ -1112,7 +1113,6 @@ impl MedalConnection for Connection {
.unwrap();
let mut taskgroupcontest_iter = taskgroupcontest.into_iter();
// TODO: This can fail
let (mut contest, mut taskgroup, task) = taskgroupcontest_iter.next().unwrap();
taskgroup.tasks.push(task);
for tgc in taskgroupcontest_iter {
......
src/db_conn_sqlite_new.rs
View file @ 7f28c0af
......@@ -555,18 +555,20 @@ impl MedalConnection for Connection {
//TODO: use session
fn login_foreign(&self, _session: Option<&str>, provider_id: &str, foreign_id: &str,
(is_teacher, is_admin, firstname, lastname, sex): (bool, bool, &str, &str, Option<i32>))
-> Result<String, ()>
-> Result<(String, Option<time::Timespec>), ()>
{
let session_token = helpers::make_session_token();
let csrf_token = helpers::make_csrf_token();
let now = time::get_time();
let query = "SELECT id
let query = "SELECT id, last_activity
FROM session
WHERE oauth_foreign_id = ?1
AND oauth_provider = ?2";
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> i32 { row.get(0) }) {
Ok(Some(id)) => {
match self.query_map_one(query, &[&foreign_id, &provider_id], |row| -> (i32, time::Timespec) {
(row.get(0), row.get(1))
}) {
Ok(Some((id, last_activity))) => {
let query = "UPDATE session
SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3,
is_teacher = ?4, is_admin = ?5, firstname = ?6, lastname = ?7, sex = ?8
......@@ -583,7 +585,7 @@ impl MedalConnection for Connection {
&id])
.unwrap();
Ok(session_token)
Ok((session_token, Some(last_activity)))
}
// Add!
_ => {
......@@ -606,7 +608,7 @@ impl MedalConnection for Connection {
&lastname])
.unwrap();
Ok(session_token)
Ok((session_token, None))
}
}
}
......
src/webfw_iron.rs
View file @ 7f28c0af
......@@ -1048,6 +1048,7 @@ pub struct OAuthUserData {
userId_int: Option<String>,
}
// TODO: Most of this code should be moved into core:: as a new function
fn oauth<C>(req: &mut Request) -> IronResult<Response>
where C: MedalConnection + std::marker::Send + 'static {
use params::{Params, Value};
......@@ -1141,10 +1142,10 @@ fn oauth<C>(req: &mut Request) -> IronResult<Response>
match oauthloginresult {
// Login successful
Ok(sessionkey) => {
Ok((sessionkey, redirectprofile)) => {
req.session().set(SessionToken { token: sessionkey }).unwrap();
if user_type == UserType::User {
if user_type == UserType::User && redirectprofile {
Ok(Response::with((status::Found,
Redirect(iron::Url::parse(&format!("{}?status=firstlogin",
&url_for!(req, "profile"))).unwrap()))))
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment