pass all unit tests

element-hq · Sep 11, 2024 · b174586 · b174586
1 parent b2b1d6d
commit b174586
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 8 deletions.
diff --git a/crates/handlers/src/compat/login.rs b/crates/handlers/src/compat/login.rs
@@ -587,7 +587,10 @@ pub async fn user_password_login(
         .ok_or(RouteError::UserNotFound)?;
 
     // Check the rate limit
-    limiter.check_password(requester, &user)?;
+    limiter.check_password(requester, &user).map_err(|e| {
+        tracing::warn!(error = &e as &dyn std::error::Error);
+        RouteError::RateLimited(e)
+    })?;
 
     // Lookup its password
     let user_password = repo
@@ -863,7 +866,7 @@ mod tests {
             .create_async()
             .await;
 
-        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v1".to_string());
+        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v2".to_string());
         let result = authenticate_via_rest_api(
             "@alice:example.com".to_string(),
             "password123".to_string(),
@@ -898,7 +901,7 @@ mod tests {
             .create_async()
             .await;
 
-        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v1".to_string());
+        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v2".to_string());
         let result = authenticate_via_rest_api(
             "@alice:example.com".to_string(),
             "wrongpassword".to_string(),
@@ -918,7 +921,7 @@ mod tests {
             .create_async()
             .await;
 
-        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v1".to_string());
+        let rest_auth_provider = RestAuthProviderConfig::new(server.url(), "v2".to_string());
         let result = authenticate_via_rest_api(
             "@alice:example.com".to_string(),
             "password123".to_string(),

diff --git a/crates/handlers/src/passwords.rs b/crates/handlers/src/passwords.rs
@@ -51,7 +51,7 @@ impl PasswordManager {
     /// ```rust
     /// pub use mas_handlers::passwords::{PasswordManager, Hasher};
     ///
-    /// PasswordManager::new(3, [
+    /// PasswordManager::new(3, None, [
     ///     (3, Hasher::argon2id(Some(b"a-secret-pepper".to_vec()))),
     ///     (2, Hasher::argon2id(None)),
     ///     (1, Hasher::bcrypt(Some(10), None)),

diff --git a/crates/handlers/src/views/login.rs b/crates/handlers/src/views/login.rs
@@ -32,7 +32,9 @@ use serde::{Deserialize, Serialize};
 
 use super::shared::OptionalPostAuthAction;
 use crate::{
-    compat::login::{authenticate_via_rest_api, start_new_session, user_password_login},
+    compat::login::{
+        authenticate_via_rest_api, start_new_session, user_password_login, RouteError,
+    },
     passwords::PasswordManager,
     BoundActivityTracker, Limiter, PreferredLanguage, RequesterFingerprint, SiteConfig,
 };
@@ -285,7 +287,7 @@ async fn login(
         }
     } else {
         // If rest_auth_provider is not enabled, proceed with the normal authentication
-        user_password_login(
+        let user = user_password_login(
             &mut rng,
             clock,
             &password_manager,
@@ -296,7 +298,14 @@ async fn login(
             password.to_string(),
         )
         .await
-        .map_err(|_err| FormError::InvalidCredentials)?
+        .map_err(|err| match err {
+            RouteError::RateLimited(_) => FormError::RateLimitExceeded,
+            RouteError::PasswordVerificationFailed(_)
+            | RouteError::UserNotFound
+            | RouteError::NoPassword => FormError::InvalidCredentials,
+            _ => FormError::Internal,
+        })?;
+        user
     };
 
     // Start a new compat session without verifying the password again