mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-05-04 06:53:12 +02:00
cargo fmt
This commit is contained in:
parent
3d6b9f96e8
commit
c1191f3f45
|
@ -1,15 +1,15 @@
|
|||
use actix_web::client::Client;
|
||||
use actix_web::{http, web, HttpRequest, HttpResponse};
|
||||
use base64::URL_SAFE_NO_PAD;
|
||||
use percent_encoding::percent_decode_str;
|
||||
use rand::rngs::OsRng;
|
||||
use rand::Rng;
|
||||
use rand::RngCore;
|
||||
use regex::Regex;
|
||||
use std::time::Duration;
|
||||
use std::collections::HashMap;
|
||||
use percent_encoding::percent_decode_str;
|
||||
use std::time::Duration;
|
||||
|
||||
use crate::config::{PROXY_TIMEOUT, USER_AGENT, ADJ_LIST, NAME_LIST};
|
||||
use crate::config::{ADJ_LIST, NAME_LIST, PROXY_TIMEOUT, USER_AGENT};
|
||||
use crate::debug;
|
||||
use crate::errors::{crash, TrainCrash};
|
||||
use crate::templates::get_lang;
|
||||
|
@ -175,14 +175,16 @@ pub async fn login(
|
|||
//then remove values after ';'
|
||||
let c_str_arr = c_str.split(';').collect::<Vec<&str>>();
|
||||
|
||||
let c_str = c_str_arr.first()
|
||||
let c_str = c_str_arr
|
||||
.first()
|
||||
.expect("error: cookiepair split does not have a first value. shouldn't happen.");
|
||||
|
||||
// split cookie key and cookie value
|
||||
// split_once would work best but it's nightly-only for now
|
||||
let c_str_arr = c_str.split('=').collect::<Vec<&str>>();
|
||||
|
||||
let c_key = c_str_arr.first()
|
||||
let c_key = c_str_arr
|
||||
.first()
|
||||
.expect("error: cookie key split does not have a first value, shouldn't happen.");
|
||||
|
||||
let c_value = c_str.replace(&format!("{}=", c_key), "");
|
||||
|
@ -192,12 +194,10 @@ pub async fn login(
|
|||
// else, insert it
|
||||
if let Some(c_sel) = cookie_map.get_mut(*c_key) {
|
||||
*c_sel = c_value;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
cookie_map.insert(c_key.to_string(), c_value);
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
eprintln!("error_login_cookiepair (2)");
|
||||
return Err(crash(get_lang(&req), "error_login_cookiepair"));
|
||||
}
|
||||
|
|
|
@ -2,13 +2,13 @@ use actix_web::client::{Client, ClientRequest};
|
|||
use actix_web::{http, web, HttpRequest, HttpResponse};
|
||||
use askama::Template;
|
||||
use chrono::Utc;
|
||||
use csrf::{AesGcmCsrfProtection, CsrfProtection};
|
||||
use regex::Regex;
|
||||
use std::time::Duration;
|
||||
use url::Url;
|
||||
use csrf::{AesGcmCsrfProtection, CsrfProtection};
|
||||
|
||||
use crate::config::get_csrf_key;
|
||||
use crate::account::*;
|
||||
use crate::config::get_csrf_key;
|
||||
use crate::config::PAYLOAD_LIMIT;
|
||||
use crate::config::PROXY_TIMEOUT;
|
||||
use crate::database::methods::InsertableForm;
|
||||
|
@ -250,12 +250,17 @@ pub async fn forward_register(
|
|||
})?
|
||||
.as_str();
|
||||
|
||||
let raw_ctoken = base64::decode_config(cookie_csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err(|e| {
|
||||
let raw_ctoken =
|
||||
base64::decode_config(cookie_csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err(
|
||||
|e| {
|
||||
eprintln!("error_csrf_cookie (base64): {}", e);
|
||||
crash(get_lang(&req), "error_csrf_cookie")
|
||||
})?;
|
||||
},
|
||||
)?;
|
||||
|
||||
let raw_token = base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD).map_err(|e| {
|
||||
let raw_token =
|
||||
base64::decode_config(csrf_post.csrf_token.as_bytes(), base64::URL_SAFE_NO_PAD)
|
||||
.map_err(|e| {
|
||||
eprintln!("error_csrf_token (base64): {}", e);
|
||||
crash(get_lang(&req), "error_csrf_token")
|
||||
})?;
|
||||
|
@ -267,8 +272,7 @@ pub async fn forward_register(
|
|||
debug("warn: CSRF token doesn't match.");
|
||||
return Err(crash(lang, "error_csrf_token"));
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
debug("warn: missing CSRF token.");
|
||||
return Err(crash(lang, "error_csrf_cookie"));
|
||||
}
|
||||
|
@ -291,7 +295,8 @@ pub async fn forward_register(
|
|||
let token_mv = token.clone();
|
||||
|
||||
// store the result in DB
|
||||
let form_result = web::block(move || Form::insert(
|
||||
let form_result = web::block(move || {
|
||||
Form::insert(
|
||||
InsertableForm {
|
||||
created_at: Utc::now().naive_utc(),
|
||||
lastvisit_at: Utc::now().naive_utc(),
|
||||
|
@ -300,7 +305,8 @@ pub async fn forward_register(
|
|||
nc_password,
|
||||
},
|
||||
&conn,
|
||||
))
|
||||
)
|
||||
})
|
||||
.await;
|
||||
|
||||
if form_result.is_err() {
|
||||
|
@ -365,17 +371,20 @@ fn web_redir(location: &str) -> HttpResponse {
|
|||
}
|
||||
|
||||
pub async fn index(req: HttpRequest) -> Result<HttpResponse, TrainCrash> {
|
||||
|
||||
let seed = AesGcmCsrfProtection::from_key(get_csrf_key());
|
||||
let (csrf_token, csrf_cookie) = seed.generate_token_pair(None, 43200)
|
||||
let (csrf_token, csrf_cookie) = seed
|
||||
.generate_token_pair(None, 43200)
|
||||
.expect("couldn't generate token/cookie pair");
|
||||
|
||||
Ok(HttpResponse::Ok()
|
||||
.content_type("text/html")
|
||||
.set_header(
|
||||
"Set-Cookie",
|
||||
format!("sncf_csrf_cookie={}; HttpOnly; SameSite=Strict",
|
||||
base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)))
|
||||
format!(
|
||||
"sncf_csrf_cookie={}; HttpOnly; SameSite=Strict",
|
||||
base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)
|
||||
),
|
||||
)
|
||||
.body(
|
||||
TplIndex {
|
||||
lang: &get_lang(&req),
|
||||
|
|
10
src/sniff.rs
10
src/sniff.rs
|
@ -56,15 +56,14 @@ pub fn check_new_form(body: &web::Bytes) -> u64 {
|
|||
&& v["ocs"].is_object()
|
||||
&& v["ocs"]["data"].is_object()
|
||||
&& v["ocs"]["data"]["id"] != Value::Null
|
||||
&& v["ocs"]["data"]["isAnonymous"] == Value::Null {
|
||||
|
||||
&& v["ocs"]["data"]["isAnonymous"] == Value::Null
|
||||
{
|
||||
//getting form id
|
||||
let new_v_id = v["ocs"]["data"]["id"].as_u64().unwrap_or_else(|| {
|
||||
eprintln!("check_new_form: failed to parse formid: {}", v);
|
||||
0
|
||||
});
|
||||
new_v_id
|
||||
|
||||
} else {
|
||||
eprintln!("error: check_new_form: can't find formid: {}", v);
|
||||
0
|
||||
|
@ -83,10 +82,7 @@ const BLOCKED_ROUTES: &[&str] = &[
|
|||
];
|
||||
|
||||
// ...except if they are in this list
|
||||
const ALLOWED_ROUTES: &[&str] = &[
|
||||
"/ocs/v2.php/apps/forms/",
|
||||
"/status.php"
|
||||
];
|
||||
const ALLOWED_ROUTES: &[&str] = &["/ocs/v2.php/apps/forms/", "/status.php"];
|
||||
|
||||
// checks if the accessed route is allowed for the user.
|
||||
// if it returns true, redirects elsewhere
|
||||
|
|
Loading…
Reference in a new issue