mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-06-02 07:42:13 +02:00
fixing sncf_admin_token parsing error
This commit is contained in:
parent
249aeff8fe
commit
bdba48acf2
|
@ -291,6 +291,10 @@
|
||||||
"en": "Failed adding the Nextcloud account in the local database.",
|
"en": "Failed adding the Nextcloud account in the local database.",
|
||||||
"fr": "L'ajout du compte Nextcloud dans la base de données locale a échoué."
|
"fr": "L'ajout du compte Nextcloud dans la base de données locale a échoué."
|
||||||
},
|
},
|
||||||
|
"error_forwardregister_tokenparse": {
|
||||||
|
"en": "Failed parsing the admin token.",
|
||||||
|
"fr": "Échec lors de la lecture du token administrateur."
|
||||||
|
},
|
||||||
"error_login_cookiepair": {
|
"error_login_cookiepair": {
|
||||||
"en": "Couldn't read cookies.",
|
"en": "Couldn't read cookies.",
|
||||||
"fr": "Échec lors de la lecture de cookies."
|
"fr": "Échec lors de la lecture de cookies."
|
||||||
|
|
|
@ -3,6 +3,7 @@ use actix_web::{http, web, HttpRequest, HttpResponse};
|
||||||
use askama::Template;
|
use askama::Template;
|
||||||
use chrono::Utc;
|
use chrono::Utc;
|
||||||
use url::Url;
|
use url::Url;
|
||||||
|
use regex::Regex;
|
||||||
|
|
||||||
use crate::account::*;
|
use crate::account::*;
|
||||||
use crate::config::PAYLOAD_LIMIT;
|
use crate::config::PAYLOAD_LIMIT;
|
||||||
|
@ -158,8 +159,20 @@ pub async fn forward_register(
|
||||||
|
|
||||||
// if the user has already generated an admin token, redirect too
|
// if the user has already generated an admin token, redirect too
|
||||||
if let Some(token) = has_admintoken(&req) {
|
if let Some(token) = has_admintoken(&req) {
|
||||||
let admin_token =
|
lazy_static! {
|
||||||
token.splitn(2, ';').collect::<Vec<&str>>()[0].replace("sncf_admin_token=", "");
|
static ref RE: Regex = Regex::new(r#"sncf_admin_token=(?P<token>[0-9A-Za-z]*)"#).expect("Error while parsing the sncf_admin_token regex");
|
||||||
|
}
|
||||||
|
let admin_token = RE.captures(&token)
|
||||||
|
.ok_or_else(|| {
|
||||||
|
eprintln!("error_forwardregister_tokenparse (no capture)");
|
||||||
|
crash(get_lang(&req), "error_forwardregister_tokenparse")
|
||||||
|
})?
|
||||||
|
.name("token")
|
||||||
|
.ok_or_else(|| {
|
||||||
|
eprintln!("error_forwardregister_tokenparse (no capture named token)");
|
||||||
|
crash(get_lang(&req), "error_forwardregister_tokenparse")
|
||||||
|
})?
|
||||||
|
.as_str();
|
||||||
// sanitize the token beforehand, cookies are unsafe
|
// sanitize the token beforehand, cookies are unsafe
|
||||||
if check_token(&admin_token) {
|
if check_token(&admin_token) {
|
||||||
return Ok(web_redir(&format!(
|
return Ok(web_redir(&format!(
|
||||||
|
|
Loading…
Reference in a new issue