From bb57aec4bedf429dca1ed4ca63176a5190d485b1 Mon Sep 17 00:00:00 2001 From: Swrup Date: Tue, 22 Feb 2022 00:15:30 +0100 Subject: [PATCH] fix db error on bad user name login --- src/user.ml | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/src/user.ml b/src/user.ml index f40b168..f7545b0 100644 --- a/src/user.ml +++ b/src/user.ml @@ -40,7 +40,7 @@ module Q = struct "SELECT nick FROM user;" let get_user = - Caqti_request.find_opt Caqti_type.string + Caqti_request.find Caqti_type.string Caqti_type.(tup4 string string string Caqti_type.(tup2 string string)) "SELECT * FROM user WHERE nick=?;" @@ -70,15 +70,19 @@ let () = (List.map (fun query -> Db.exec query ()) tables) then Dream.error (fun log -> log "can't create table") +let exists nick = Result.is_ok (Db.find Q.get_user nick) + let login ~nick ~password request = - let^? good_password = Db.find_opt Q.get_password nick in - if Bcrypt.verify password (Bcrypt.hash_of_string good_password) then - let _ = - let%lwt () = Dream.invalidate_session request in - Dream.put_session "nick" nick request - in - Ok () - else Error "wrong password" + if exists nick then + let^? good_password = Db.find_opt Q.get_password nick in + if Bcrypt.verify password (Bcrypt.hash_of_string good_password) then + let _ = + let%lwt () = Dream.invalidate_session request in + Dream.put_session "nick" nick request + in + Ok () + else Error "wrong password" + else Error "wrong user name" let register ~email ~nick ~password = (* TODO: remove bad characters (e.g. delthas) *) @@ -168,5 +172,3 @@ let upload_avatar files nick = let^ () = Db.exec Q.upload_avatar (content, nick) in Ok () | _files -> Error "More than one file provided" - -let exists nick = Result.is_ok (Db.find_opt Q.get_user nick)