Added parameter check and condition check
This commit is contained in:
netkas
parent
e4e07e120a
commit
bda8fdc623
2 changed files with 15 additions and 7 deletions
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
use Gregwar\Captcha\CaptchaBuilder;
|
||||
use Socialbox\Abstracts\Method;
|
||||
use Socialbox\Classes\Logger;
|
||||
use Socialbox\Enums\Flags\SessionFlags;
|
||||
use Socialbox\Enums\StandardError;
|
||||
use Socialbox\Exceptions\DatabaseOperationException;
|
||||
use Socialbox\Exceptions\StandardException;
|
||||
|
|
@ -22,18 +22,16 @@
|
|||
public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
|
||||
{
|
||||
$session = $request->getSession();
|
||||
|
||||
// Check for session conditions
|
||||
if($session->getPeerUuid() === null)
|
||||
if(!$session->flagExists(SessionFlags::VER_IMAGE_CAPTCHA))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::AUTHENTICATION_REQUIRED);
|
||||
return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, 'Solving an image captcha is not required at this time');
|
||||
}
|
||||
|
||||
$peer = $request->getPeer();
|
||||
|
||||
try
|
||||
{
|
||||
Logger::getLogger()->debug('Creating a new captcha for peer ' . $peer->getUuid());
|
||||
if(CaptchaManager::captchaExists($peer))
|
||||
{
|
||||
$captchaRecord = CaptchaManager::getCaptcha($peer);
|
||||
|
|
|
|||
|
|
@ -6,11 +6,13 @@
|
|||
use Socialbox\Abstracts\Method;
|
||||
use Socialbox\Classes\Cryptography;
|
||||
use Socialbox\Classes\Logger;
|
||||
use Socialbox\Enums\Flags\SessionFlags;
|
||||
use Socialbox\Enums\StandardError;
|
||||
use Socialbox\Exceptions\CryptographyException;
|
||||
use Socialbox\Exceptions\StandardException;
|
||||
use Socialbox\Interfaces\SerializableInterface;
|
||||
use Socialbox\Managers\PasswordManager;
|
||||
use Socialbox\Managers\SessionManager;
|
||||
use Socialbox\Objects\ClientRequest;
|
||||
use Socialbox\Objects\RpcRequest;
|
||||
|
||||
|
|
@ -32,9 +34,16 @@
|
|||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Invalid 'password' parameter, must be a valid SHA-512 hash");
|
||||
}
|
||||
|
||||
$session = $request->getSession();
|
||||
if(!$session->flagExists(SessionFlags::VER_PASSWORD))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::FORBIDDEN, 'Password verification is not required at this time');
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
return $rpcRequest->produceResponse(PasswordManager::verifyPassword($request->getPeer()->getUuid(), $rpcRequest->getParameter('password')));
|
||||
$result = PasswordManager::verifyPassword($request->getPeer()->getUuid(), $rpcRequest->getParameter('password'));
|
||||
SessionManager::updateFlow($request->getSession(), [SessionFlags::VER_PASSWORD]);
|
||||
}
|
||||
catch (CryptographyException)
|
||||
{
|
||||
|
|
@ -42,8 +51,9 @@
|
|||
}
|
||||
catch (Exception $e)
|
||||
{
|
||||
Logger::getLogger()->error('Failed to verify password due to an internal exception', $e);
|
||||
throw new StandardException('Failed to verify password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
||||
}
|
||||
|
||||
return $rpcRequest->produceResponse($result);
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue