💥 breaking: remove password_is_bad from ptth_server

The password checking is not necessary with the new process of generating
high-entropy Base64 passwords and then approving them on the relay.

The password file takes a lot of space and this doesn't need to be part
of ptth_server's public API, if there is one, anyway.

Cargo.lock

@@ -1559,7 +1559,7 @@ dependencies = [
 
 [[package]]
 name = "ptth_server"
-version = "1.2.1"
+version = "2.0.0"
 dependencies = [
  "aho-corasick",
  "always_equal",

crates/ptth_server/Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 
 name = "ptth_server"
-version = "1.2.1"
+version = "2.0.0"
 authors = ["Trish"]
 edition = "2018"
 license = "AGPL-3.0"
@@ -43,7 +43,7 @@ toml = "0.5.7"
 uom = "0.30.0"
 
 always_equal = { path = "../always_equal", version = "1.0.0" }
-ptth_core = { path = "../ptth_core", version = "1.3.0" }
+ptth_core = { path = "../ptth_core", version = "1.4.0" }
 
 [dev-dependencies]
 

crates/ptth_server/src/file_server/internal.rs

@@ -25,7 +25,6 @@ use always_equal::prod::AlwaysEqual;
 
 use ptth_core::{
 	http_serde::Method,
-	prefix_match,
 	prelude::*,
 };
 
@@ -211,7 +210,7 @@ async fn serve_api (
 	// API versioning will be major-only, so I'll keep adding stuff to v1
 	// until I need to deprecate or break something.
 	
-	if let Some (path) = prefix_match ("/v1/dir/", path) {
+	if let Some (path) = path.strip_prefix ("/v1/dir/") {
 		let encoded_path = &path [0..];
 		
 		let path_s = percent_decode (encoded_path.as_bytes ()).decode_utf8 ().map_err (FileServerError::PathNotUtf8)?;
@@ -283,11 +282,11 @@ pub async fn serve_all (
 		return Ok (Root);
 	}
 	
-	if let Some (path) = prefix_match ("/api", path) {
+	if let Some (path) = path.strip_prefix ("/api") {
 		return serve_api (root, &uri, hidden_path, path).await;
 	}
 	
-	let path = match prefix_match ("/files/", path) {
+	let path = match path.strip_prefix ("/files/") {
 		Some (x) => x,
 		None => return Ok (NotFound),
 	};

crates/ptth_server/src/lib.rs

@@ -1,3 +1,9 @@
+//! # PTTH Server
+//! 
+//! The PTTH server makes an outgoing HTTP connection to a
+//! PTTH relay, and then serves incoming HTTP requests through
+//! the relay.
+
 #![warn (clippy::pedantic)]
 
 // I don't see the point in documenting the errors outside of where the
@@ -34,21 +40,6 @@ pub mod load_toml;
 
 use errors::ServerError;
 
-// Thanks to https://github.com/robsheldon/bad-passwords-index
-
-const BAD_PASSWORDS: &[u8] = include_bytes! ("bad_passwords.txt");
-
-#[must_use]
-pub fn password_is_bad (mut password: String) -> bool {
-	password.make_ascii_lowercase ();
-	
-	let ac = aho_corasick::AhoCorasick::new (&[
-		password
-	]);
-	
-	ac.find (BAD_PASSWORDS).is_some ()
-}
-
 struct State {
 	file_server: file_server::State,
 	config: Config,
@@ -223,10 +214,6 @@ pub async fn run_server (
 	
 	let asset_root = asset_root.unwrap_or_else (PathBuf::new);
 	
-	if password_is_bad (config_file.api_key.clone ()) {
-		return Err (ServerError::WeakApiKey);
-	}
-	
 	info! ("Server name is {}", config_file.name);
 	info! ("Tripcode is {}", config_file.tripcode ());
 	
@@ -374,27 +361,4 @@ mod tests {
 		
 		assert_eq! (config.tripcode (), "A9rPwZyY89Ag4TJjMoyYA2NeGOm99Je6rq1s0rg8PfY=".to_string ());
 	}
-	
-	#[test]
-	fn check_bad_passwords () {
-		for pw in &[
-			"",
-			" ",
-			"user",
-			"password",
-			"pAsSwOrD",
-			"secret",
-			"123123",
-		] {
-			assert! (password_is_bad (pw.to_string ()));
-		}
-		
-		use rand::prelude::*;
-		
-		let mut entropy = [0u8; 32];
-		thread_rng ().fill_bytes (&mut entropy);
-		let good_password = base64::encode (entropy);
-		
-		assert! (! password_is_bad (good_password));
-	}
 }