[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taldir] 02/02: add support for regex validation of aliases@
From: |
gnunet |
Subject: |
[taldir] 02/02: add support for regex validation of aliases@ |
Date: |
Tue, 21 Jan 2025 22:24:38 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository taldir.
commit dab08e105ccb7aee321c65cf6fceb9c94a1f3f6b
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Tue Jan 21 22:24:33 2025 +0100
add support for regex validation of aliases@
---
pkg/rest/taldir.go | 33 +++++++++++++++++++++++++++++----
1 file changed, 29 insertions(+), 4 deletions(-)
diff --git a/pkg/rest/taldir.go b/pkg/rest/taldir.go
index 55d4063..78f8cf8 100644
--- a/pkg/rest/taldir.go
+++ b/pkg/rest/taldir.go
@@ -35,6 +35,8 @@ import (
"os/exec"
"strings"
"time"
+ "errors"
+ "regexp"
gnunetutil "gnunet/util"
@@ -126,6 +128,9 @@ type Validator struct {
// Validator name
Name string
+ // Validator alias regex
+ ValidAliasRegex string
+
// Validator type
Type ValidatorType
@@ -238,7 +243,7 @@ type validation struct {
// The challenge has been sent already
ChallengeSent bool `json:"-"`
- // true if this validation also requires payment
+ // true if this validation also requires payment
RequiresPayment bool `json:"-"`
// How often was a solution for this validation tried
@@ -307,6 +312,17 @@ const monthDurationUs = 2592000000000
// 1 Month as Go duration
const monthDuration = time.Duration(monthDurationUs * 1000)
+func (v *Validator) isAliasValid(alias string) (err error) {
+ log.Println(v.ValidAliasRegex)
+ if v.ValidAliasRegex != "" {
+ matched, _ := regexp.MatchString(v.ValidAliasRegex, alias)
+ if !matched {
+ return errors.New(fmt.Sprintf("Alias '%s' invalid",
alias)) // TODO i18n
+ }
+ }
+ return
+}
+
// Primary lookup function.
// Allows the caller to query a wallet key using the hash(!) of the
// identity, e.g. SHA512(<email address>)
@@ -634,7 +650,7 @@ func (t *Taldir) validationPage(w http.ResponseWriter, r
*http.Request) {
}
t.ValidationTpl.Execute(w, fullData)
} else {
- expectedSolution := util.GenerateSolution(validation.TargetUri,
validation.Challenge)
+ expectedSolution := util.GenerateSolution(validation.TargetUri,
validation.Challenge)
fullData := map[string]interface{}{
"version": t.Version,
"error": r.URL.Query().Get("error"),
@@ -691,11 +707,18 @@ func (t *Taldir) methodLookupResultPage(w
http.ResponseWriter, r *http.Request)
return
}
+ // Check if alias is valid
+ alias := r.URL.Query().Get("address")
+ err := val.isAliasValid(alias)
+ if nil != err {
+ http.Redirect(w, r, fmt.Sprintf("?error=%s", err),
http.StatusSeeOther)
+ return
+ }
hAddressBin := sha512.Sum512([]byte(r.URL.Query().Get("address")))
hAddress := gnunetutil.EncodeBinaryToString(hAddressBin[:])
hsAddress := saltHAddress(hAddress, t.Salt)
found := false
- var err = t.Db.First(&entry, "hs_address = ?", hsAddress).Error
+ err = t.Db.First(&entry, "hs_address = ?", hsAddress).Error
if err != nil {
log.Printf("`%s` not found.\n", hAddress)
} else {
@@ -749,8 +772,9 @@ func (t *Taldir) setupHandlers() {
/* Config API */
t.Router.HandleFunc("/config", t.configResponse).Methods("GET")
- /* Aissets HTML */
+ /* Assets HTML */
t.Router.PathPrefix("/css").Handler(http.StripPrefix("/css",
http.FileServer(http.Dir("./static/css"))))
+
t.Router.PathPrefix("/fontawesome").Handler(http.StripPrefix("/fontawesome",
http.FileServer(http.Dir("./static/fontawesome"))))
/* Registration API */
t.Router.HandleFunc("/", t.landingPage).Methods("GET")
@@ -819,6 +843,7 @@ func (t *Taldir) Initialize(cfgfile string, version string)
{
PaymentRequired: sec.Key("enabled").MustBool(false),
Command: sec.Key("command").MustString(""),
Type: ValidatorType(sec.Key("type").MustString("")),
+ ValidAliasRegex:
sec.Key("valid_alias_regex").MustString(""),
}
}
t.ChallengeBytes =
t.Cfg.Section("taldir").Key("challenge_bytes").MustInt(16)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.