From 2e37230d7e4e5b52e7b592fc3ae688c555a5a95a Mon Sep 17 00:00:00 2001 From: Tony Giorgio Date: Mon, 27 Jan 2025 16:06:13 -0600 Subject: [PATCH 1/3] Remove invite code from signup --- src/main.rs | 1 - src/web/login_routes.rs | 12 ----------- src/web/oauth_routes.rs | 47 ++++++----------------------------------- 3 files changed, 7 insertions(+), 53 deletions(-) diff --git a/src/main.rs b/src/main.rs index 2e44152..1302acf 100644 --- a/src/main.rs +++ b/src/main.rs @@ -278,7 +278,6 @@ pub struct RegisterCredentials { pub name: Option, pub email: Option, pub password: String, - pub invite_code: String, } #[derive(Debug, Clone)] diff --git a/src/web/login_routes.rs b/src/web/login_routes.rs index 0417b10..fca75f4 100644 --- a/src/web/login_routes.rs +++ b/src/web/login_routes.rs @@ -1,4 +1,3 @@ -use crate::AppMode; use crate::User; use crate::{ db::DBError, @@ -25,8 +24,6 @@ use tokio::spawn; use tracing::{debug, error, info}; use uuid::Uuid; -pub const VALID_INVITE_CODES: [&str; 3] = ["bearclaw24", "friends24", "hivemind24"]; - #[derive(Deserialize, Clone)] pub struct PasswordResetRequestPayload { email: String, @@ -229,15 +226,6 @@ pub async fn register( debug!("Entering register function"); tracing::trace!("call register"); - // Skip invite code check for preview mode - if data.app_mode != AppMode::Preview { - // Check the invite code (case-insensitive) - let lowercase_invite_code = creds.invite_code.to_lowercase(); - if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) { - return Err(ApiError::InvalidInviteCode); - } - } - let user = match data.register_user(creds.clone()).await { Ok(user) => user, Err(Error::UserAlreadyExists) => { diff --git a/src/web/oauth_routes.rs b/src/web/oauth_routes.rs index eff4cf7..30e3d77 100644 --- a/src/web/oauth_routes.rs +++ b/src/web/oauth_routes.rs @@ -1,8 +1,7 @@ use crate::models::email_verification::NewEmailVerification; use crate::models::oauth::NewUserOAuthConnection; use crate::web::encryption_middleware::{decrypt_request, encrypt_response, EncryptedResponse}; -use crate::web::login_routes::{handle_new_user_registration, VALID_INVITE_CODES}; -use crate::AppMode; +use crate::web::login_routes::handle_new_user_registration; use crate::{encrypt, DBError}; use crate::{ jwt::{NewToken, TokenType}, @@ -69,15 +68,12 @@ struct OAuthOAuthCallbackResponse { } #[derive(Deserialize, Clone)] -struct OAuthAuthRequest { - invite_code: Option, -} +struct OAuthAuthRequest {} #[derive(Deserialize, Clone)] struct OAuthCallbackRequest { code: String, state: String, - invite_code: String, } #[derive(Serialize)] @@ -113,21 +109,12 @@ struct GoogleUser { async fn initiate_oauth( State(app_state): State>, - Extension(auth_request): Extension, + Extension(_auth_request): Extension, Extension(session_id): Extension, provider_name: &str, ) -> Result>, ApiError> { debug!("Entering init {} auth function", provider_name); - // Check the invite code if it's provided (for sign-ups) - if let Some(invite_code) = &auth_request.invite_code { - let lowercase_invite_code = invite_code.to_lowercase(); - if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) { - error!("Invalid invite code: {}", lowercase_invite_code); - return Err(ApiError::InvalidInviteCode); - } - } - let oauth_client = app_state .oauth_manager .get_provider(provider_name) @@ -153,7 +140,6 @@ async fn oauth_callback( debug!("Entering {} callback function", provider_name); trace!("Received code: {}", callback_request.code); trace!("Received state: {}", callback_request.state); - trace!("Received invite code: {}", callback_request.invite_code); let oauth_client = app_state .oauth_manager @@ -205,7 +191,6 @@ async fn oauth_callback( github_user.id.to_string(), "github", token.secret().to_string(), - &callback_request.invite_code, github_user.name.clone().or(Some(github_user.login.clone())), ) .await? @@ -229,7 +214,6 @@ async fn oauth_callback( google_user.sub.clone(), "google", token.secret().to_string(), - &callback_request.invite_code, google_user.name.clone(), ) .await? @@ -252,7 +236,8 @@ async fn oauth_callback( let auth_response = OAuthCallbackResponse { id: user.get_id(), - email: user.get_email() + email: user + .get_email() .expect("OAuth user must have email") .to_string(), access_token: access_token.token, @@ -422,7 +407,6 @@ async fn find_or_create_user_from_oauth( provider_user_id: String, provider_name: &str, access_token: String, - invite_code: &str, user_name: Option, ) -> Result { let provider = app_state @@ -461,26 +445,9 @@ async fn find_or_create_user_from_oauth( } } Err(DBError::UserNotFound) => { - // If invite code is empty and not in preview mode, return UserNotFound error - if invite_code.is_empty() && app_state.app_mode != AppMode::Preview { - return Err(ApiError::UserNotFound); - } - - // Check the invite code for new sign-ups, but skip for preview mode - if app_state.app_mode != AppMode::Preview { - let lowercase_invite_code = invite_code.to_lowercase(); - if !VALID_INVITE_CODES.contains(&lowercase_invite_code.as_str()) { - error!( - "Invalid invite code for new user: {}", - lowercase_invite_code - ); - return Err(ApiError::InvalidInviteCode); - } - } - // Create new user - let new_user = NewUser::new(Some(email.clone()), None) - .with_name(user_name.unwrap_or_default()); + let new_user = + NewUser::new(Some(email.clone()), None).with_name(user_name.unwrap_or_default()); let user = app_state.db.create_user(new_user).map_err(|e| { error!("Failed to create new user: {:?}", e); From ca0a8b7a54941b91155b95746e233afe5806892c Mon Sep 17 00:00:00 2001 From: Tony Giorgio Date: Mon, 27 Jan 2025 16:27:09 -0600 Subject: [PATCH 2/3] Remove beta from email text --- src/email.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/email.rs b/src/email.rs index ecdf38c..455c915 100644 --- a/src/email.rs +++ b/src/email.rs @@ -29,7 +29,7 @@ const WELCOME_EMAIL_HTML: &str = r#"

Welcome to Maple AI!

-

We're thrilled to have you join us during our private beta.

+

We're thrilled to have you join us.

Just as Maple trees thrive through their discreet underground communication network of fungal hyphae, Maple AI empowers you to flourish in the digital world while maintaining your privacy.

@@ -55,7 +55,7 @@ const WELCOME_EMAIL_HTML: &str = r#"

We hope you enjoy using Maple AI, knowing that your sensitive discussions and data are protected at every step. Your privacy is not just a feature – it's our mission.

-

As we're in private beta, your feedback is incredibly valuable. If you encounter any issues or have suggestions, please reach out to us at team@opensecret.cloud.

+

Your feedback is incredibly valuable. If you encounter any issues or have suggestions, please reach out to us at support@opensecret.cloud.

Thank you for being an early adopter and helping us shape the future of secure, AI-powered productivity!

@@ -269,14 +269,14 @@ pub async fn send_password_reset_confirmation_email(

Password Reset Confirmation

Your Maple AI account password has been successfully reset.

-

If you did not initiate this password reset, please contact us immediately at support@trymaple.ai.

+

If you did not initiate this password reset, please contact us immediately at support@opensecret.cloud.

For security reasons, we recommend that you:

  • Change your password again if you suspect any unauthorized access.
  • Review your account activity for any suspicious actions.

If you have any questions or concerns, please don't hesitate to reach out to our support team.

-

Best regards,
The Maple AI Team

+

Best regards,
The OpenSecret Team

From d81e47c66b6fcf39d5833ca2d42c05ca8dcffe44 Mon Sep 17 00:00:00 2001 From: Tony Giorgio Date: Mon, 27 Jan 2025 16:55:11 -0600 Subject: [PATCH 3/3] New PCR hashes --- pcrDev.json | 4 ++-- pcrProd.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pcrDev.json b/pcrDev.json index 1597a80..87ae52b 100644 --- a/pcrDev.json +++ b/pcrDev.json @@ -1,6 +1,6 @@ { "HashAlgorithm": "Sha384 { ... }", - "PCR0": "f58409ae1bc8600c887fef5cc4055149c88c94b41c2b3e268826af7b43a1cdbacffdb2c96bf5972120c6460ab83fe89e", + "PCR0": "6fcdb8086806a96c421c08eaf67cebf164aa898798b6f91b072c884773bc6ed64fe8f5af644fe35411195167b0e4a5f1", "PCR1": "5039fa3d13b95dded883deed58d2a0ac63bee4f05f16e05eda0dd21e54bcd01f5e700505998b5674616ea8346ce94b29", - "PCR2": "1c3dc614330f50cd17f219abb7473d8fea736259aa550de114401b90094d751855fce279b2891c3c978023a5376aafa0" + "PCR2": "f5d12ace797b0537be9f795885a6246ff065def52ba0353d597c61053b1e920c9e4f77d3321b792d504bbce41689dc65" } diff --git a/pcrProd.json b/pcrProd.json index 0925acd..38dd7af 100644 --- a/pcrProd.json +++ b/pcrProd.json @@ -1,6 +1,6 @@ { "HashAlgorithm": "Sha384 { ... }", - "PCR0": "33ffe5cae0f72cfe904bde8019ad98efa0ce5db2800f37c5d4149461023d1f70ea77e4f58ae1327ff46ed6a34045d6e2", + "PCR0": "a1398fa2946b6ed4b96a1a992ee668aef3661329690f87d44cad5b646ce33e3b16a55674b1d6d54d115a5520801b97d6", "PCR1": "5039fa3d13b95dded883deed58d2a0ac63bee4f05f16e05eda0dd21e54bcd01f5e700505998b5674616ea8346ce94b29", - "PCR2": "b594414f4ea52bb0985a41442e85f72996373ec7f12898820277b5e822fa9b3c76ecfffc7068410c0eec3dbdf3072465" + "PCR2": "2d6a4ddf9176cf17a62202bf346e26bb70f1d3ff84f2b235f0a90e805da87050299ffa1483aa1240e7da3f261f955305" }