mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-01-07 01:00:08 -05:00
Check email validity before using it for password hint sending
This commit is contained in:
parent
401aa7c699
commit
9e63985b28
4 changed files with 8 additions and 2 deletions
|
@ -61,6 +61,7 @@ num-derive = "0.2.2"
|
||||||
lettre = "0.8.2"
|
lettre = "0.8.2"
|
||||||
lettre_email = "0.8.2"
|
lettre_email = "0.8.2"
|
||||||
native-tls = "0.1.5"
|
native-tls = "0.1.5"
|
||||||
|
fast_chemail = "0.9.5"
|
||||||
|
|
||||||
[patch.crates-io]
|
[patch.crates-io]
|
||||||
# Make jwt use ring 0.11, to match rocket
|
# Make jwt use ring 0.11, to match rocket
|
||||||
|
|
|
@ -5,6 +5,7 @@ use db::models::*;
|
||||||
|
|
||||||
use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
|
use api::{PasswordData, JsonResult, EmptyResult, JsonUpcase, NumberOrString};
|
||||||
use auth::Headers;
|
use auth::Headers;
|
||||||
|
use fast_chemail::is_valid_email;
|
||||||
use mail;
|
use mail;
|
||||||
|
|
||||||
use CONFIG;
|
use CONFIG;
|
||||||
|
@ -259,6 +260,10 @@ struct PasswordHintData {
|
||||||
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
|
fn password_hint(data: JsonUpcase<PasswordHintData>, conn: DbConn) -> EmptyResult {
|
||||||
let data: PasswordHintData = data.into_inner().data;
|
let data: PasswordHintData = data.into_inner().data;
|
||||||
|
|
||||||
|
if !is_valid_email(&data.Email) {
|
||||||
|
return Ok(());
|
||||||
|
}
|
||||||
|
|
||||||
let user = User::find_by_mail(&data.Email, &conn);
|
let user = User::find_by_mail(&data.Email, &conn);
|
||||||
if user.is_none() {
|
if user.is_none() {
|
||||||
return Ok(());
|
return Ok(());
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
use std::error::Error;
|
use std::error::Error;
|
||||||
use native_tls::TlsConnector;
|
use native_tls::{Protocol, TlsConnector};
|
||||||
use native_tls::{Protocol};
|
|
||||||
use lettre::{EmailTransport, SmtpTransport, ClientTlsParameters, ClientSecurity};
|
use lettre::{EmailTransport, SmtpTransport, ClientTlsParameters, ClientSecurity};
|
||||||
use lettre::smtp::{ConnectionReuseParameters, SmtpTransportBuilder};
|
use lettre::smtp::{ConnectionReuseParameters, SmtpTransportBuilder};
|
||||||
use lettre::smtp::authentication::Credentials;
|
use lettre::smtp::authentication::Credentials;
|
||||||
|
|
|
@ -29,6 +29,7 @@ extern crate num_traits;
|
||||||
extern crate lettre;
|
extern crate lettre;
|
||||||
extern crate lettre_email;
|
extern crate lettre_email;
|
||||||
extern crate native_tls;
|
extern crate native_tls;
|
||||||
|
extern crate fast_chemail;
|
||||||
|
|
||||||
use std::{env, path::Path, process::{exit, Command}};
|
use std::{env, path::Path, process::{exit, Command}};
|
||||||
use rocket::Rocket;
|
use rocket::Rocket;
|
||||||
|
|
Loading…
Reference in a new issue