Check password

2024-09-27 18:22:51 +02:00
parent bcf3000bcc
commit 0a87f67824
1 changed files with 25 additions and 1 deletions
--- a/src/main.rs
+++ b/src/main.rs
@@ -261,7 +261,6 @@ async fn login(req: Request<Incoming>, db: Arc<Mutex<SqlitePool>>) -> Result<Res
                Ok(()) => {
                    let date: DateTime<Utc> = DateTime::from(SystemTime::now());
                    let date = date.checked_add_days(Days::new(7)).unwrap();
-                    println!("{}", date.to_rfc2822());
                    Ok(Response::builder().header("Set-Cookie", format!("token={}; Expires={}; Secure; HttpOnly; SameSite=Strict", user.token, date.to_rfc2822())).body(Full::new(Bytes::from("Ok"))).unwrap())
                },
                Err(_) => {
@@ -286,6 +285,9 @@ async fn register(req: Request<Incoming>, db: Arc<Mutex<SqlitePool>>) -> Result<
    if !check_username(&data.username) {
        return Ok(Response::builder().status(StatusCode::BAD_REQUEST).body(Full::new(Bytes::from("Bad Request"))).unwrap());
    }
+    if !check_password(&data.password) {
+        return Ok(Response::builder().status(StatusCode::BAD_REQUEST).body(Full::new(Bytes::from("Bad Request"))).unwrap());
+    }
    let pool = db.clone().lock().unwrap().clone();
    let mut conn = pool.acquire().await.unwrap();
    let exists = sqlx::query!(r#"SELECT id FROM users WHERE username=?1"#, data.username).fetch_optional(&mut *conn).await;
@@ -315,6 +317,28 @@ fn check_username(username: &String) -> bool {
    true
 }

+fn check_password(password: &String) -> bool {
+    // one symbol, 10 chars min, one capital letter, one number
+    if password.len() < 10 {
+        return false;
+    }
+    let mut up = false;
+    let mut num = false;
+    let mut sym = false;
+    for c in password.chars() {
+        if c.is_uppercase() {
+            up = true;
+        }
+        if c.is_numeric() {
+            num = true;
+        }
+        if !c.is_alphanumeric() {
+            sym = true;
+        }
+    }
+    up && num && sym
+}
+
 async fn not_found() -> Result<Response<Full<Bytes>>, Error> {
    let mut file_path = env::current_dir().expect("Could not get app directory.");
    file_path.push("static/html/404.html");