Commit 601a43b8 authored by Daniel García Moreno's avatar Daniel García Moreno

Logout cleanups to avoid information leak

I'm removing all the cached information in the logout, to avoid
appearing of the first user data when you login with another account.

Close #67
parent cc20eadd
Pipeline #3745 passed with stage
in 6 minutes and 20 seconds
...@@ -255,6 +255,7 @@ impl Backend { ...@@ -255,6 +255,7 @@ impl Backend {
// Internal commands // Internal commands
Ok(BKCommand::ShutDown) => { Ok(BKCommand::ShutDown) => {
tx.send(BKResponse::ShutDown).unwrap();
return false; return false;
} }
Err(_) => { Err(_) => {
......
...@@ -56,6 +56,7 @@ pub enum BKCommand { ...@@ -56,6 +56,7 @@ pub enum BKCommand {
#[derive(Debug)] #[derive(Debug)]
pub enum BKResponse { pub enum BKResponse {
ShutDown,
Token(String, String), Token(String, String),
Logout, Logout,
Name(String), Name(String),
......
...@@ -192,6 +192,7 @@ impl AppOp { ...@@ -192,6 +192,7 @@ impl AppOp {
pub fn bk_login(&mut self, uid: String) { pub fn bk_login(&mut self, uid: String) {
self.logged_in = true; self.logged_in = true;
self.clean_login();
self.set_state(AppState::Chat); self.set_state(AppState::Chat);
self.set_uid(Some(uid.clone())); self.set_uid(Some(uid.clone()));
...@@ -203,11 +204,27 @@ impl AppOp { ...@@ -203,11 +204,27 @@ impl AppOp {
} }
pub fn bk_logout(&mut self) { pub fn bk_logout(&mut self) {
self.set_rooms(&vec![], None);
if let Err(_) = cache::destroy() {
println!("Error removing cache file");
}
self.logged_in = false; self.logged_in = false;
self.syncing = false;
self.set_state(AppState::Login); self.set_state(AppState::Login);
self.set_uid(None); self.set_uid(None);
self.set_username(None); self.set_username(None);
self.set_avatar(None);
// stoping the backend and starting again, we don't want to receive more messages from
// backend
self.backend.send(BKCommand::ShutDown).unwrap();
let (tx, rx): (Sender<BKResponse>, Receiver<BKResponse>) = channel();
let bk = Backend::new(tx);
self.backend = bk.run();
backend_loop(rx);
} }
pub fn update_rooms(&mut self, rooms: Vec<Room>, default: Option<Room>) { pub fn update_rooms(&mut self, rooms: Vec<Room>, default: Option<Room>) {
...@@ -289,6 +306,26 @@ impl AppOp { ...@@ -289,6 +306,26 @@ impl AppOp {
} }
} }
pub fn clean_login(&self) {
let user_entry: gtk::Entry = self.gtk_builder
.get_object("login_username")
.expect("Can't find login_username in ui file.");
let pass_entry: gtk::Entry = self.gtk_builder
.get_object("login_password")
.expect("Can't find login_password in ui file.");
let server_entry: gtk::Entry = self.gtk_builder
.get_object("login_server")
.expect("Can't find login_server in ui file.");
let idp_entry: gtk::Entry = self.gtk_builder
.get_object("login_idp")
.expect("Can't find login_idp in ui file.");
user_entry.set_text("");
pass_entry.set_text("");
server_entry.set_text("https://matrix.org");
idp_entry.set_text("https://vector.im");
}
pub fn login(&mut self) { pub fn login(&mut self) {
let user_entry: gtk::Entry = self.gtk_builder let user_entry: gtk::Entry = self.gtk_builder
.get_object("login_username") .get_object("login_username")
...@@ -413,15 +450,26 @@ impl AppOp { ...@@ -413,15 +450,26 @@ impl AppOp {
self.uid = uid; self.uid = uid;
} }
pub fn set_avatar(&self, fname: String) { pub fn set_avatar(&self, fname: Option<String>) {
let button = self.gtk_builder let button = self.gtk_builder
.get_object::<gtk::MenuButton>("user_menu_button") .get_object::<gtk::MenuButton>("user_menu_button")
.expect("Can't find user_menu_button in ui file."); .expect("Can't find user_menu_button in ui file.");
let eb = gtk::EventBox::new(); let eb = gtk::EventBox::new();
let w = widgets::Avatar::circle_avatar(fname, Some(20)); match fname {
Some(s) => {
let w = widgets::Avatar::circle_avatar(s, Some(20));
eb.add(&w);
}
None => {
let w = gtk::Spinner::new();
w.show();
w.start();
eb.add(&w);
}
};
eb.connect_button_press_event(move |_, _| { Inhibit(false) }); eb.connect_button_press_event(move |_, _| { Inhibit(false) });
eb.add(&w);
button.set_image(&eb); button.set_image(&eb);
} }
...@@ -429,9 +477,10 @@ impl AppOp { ...@@ -429,9 +477,10 @@ impl AppOp {
self.backend.send(BKCommand::ShutDown).unwrap(); self.backend.send(BKCommand::ShutDown).unwrap();
} }
pub fn logout(&self) { pub fn logout(&mut self) {
let _ = self.delete_pass(); let _ = self.delete_pass();
self.backend.send(BKCommand::Logout).unwrap(); self.backend.send(BKCommand::Logout).unwrap();
self.bk_logout();
} }
pub fn delete_pass(&self) -> Result<(), Error> { pub fn delete_pass(&self) -> Result<(), Error> {
...@@ -2685,11 +2734,23 @@ impl App { ...@@ -2685,11 +2734,23 @@ impl App {
fn backend_loop(rx: Receiver<BKResponse>) { fn backend_loop(rx: Receiver<BKResponse>) {
thread::spawn(move || { thread::spawn(move || {
let mut shutting_down = false;
loop { loop {
let recv = rx.recv(); let recv = rx.recv();
if let Err(RecvError) = recv {
// stopping this backend loop thread
break;
}
if shutting_down {
// ignore this event, we're shutting down this thread
continue;
}
match recv { match recv {
Err(RecvError) => { break; } Err(RecvError) => { break; }
Ok(BKResponse::ShutDown) => { shutting_down = true; }
Ok(BKResponse::Token(uid, _)) => { Ok(BKResponse::Token(uid, _)) => {
APPOP!(bk_login, (uid)); APPOP!(bk_login, (uid));
...@@ -2704,7 +2765,8 @@ fn backend_loop(rx: Receiver<BKResponse>) { ...@@ -2704,7 +2765,8 @@ fn backend_loop(rx: Receiver<BKResponse>) {
APPOP!(set_username, (u)); APPOP!(set_username, (u));
} }
Ok(BKResponse::Avatar(path)) => { Ok(BKResponse::Avatar(path)) => {
APPOP!(set_avatar, (path)); let av = Some(path);
APPOP!(set_avatar, (av));
} }
Ok(BKResponse::Sync(since)) => { Ok(BKResponse::Sync(since)) => {
println!("SYNC"); println!("SYNC");
......
extern crate serde_json; extern crate serde_json;
use std::fs::File; use std::fs::File;
use std::fs::remove_dir_all;
use std::io::prelude::*; use std::io::prelude::*;
use types::RoomList; use types::RoomList;
...@@ -54,3 +55,8 @@ pub fn load() -> Result<CacheData, Error> { ...@@ -54,3 +55,8 @@ pub fn load() -> Result<CacheData, Error> {
Ok(deserialized) Ok(deserialized)
} }
pub fn destroy() -> Result<(), Error> {
let fname = cache_path("")?;
remove_dir_all(fname).or_else(|_| Err(Error::CacheError))
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment