diff --git a/src/api/identity.rs b/src/api/identity.rs index 86cdd471..a42250b5 100644 --- a/src/api/identity.rs +++ b/src/api/identity.rs @@ -744,26 +744,25 @@ async fn register_verification_email( let should_send_mail = CONFIG.mail_enabled() && CONFIG.signups_verify(); - if User::find_by_mail(&data.email, &mut conn).await.is_some() { - if should_send_mail { - // There is still a timing side channel here in that the code - // paths that send mail take noticeably longer than ones that - // don't. Add a randomized sleep to mitigate this somewhat. - use rand::{rngs::SmallRng, Rng, SeedableRng}; - let mut rng = SmallRng::from_os_rng(); - let delta: i32 = 100; - let sleep_ms = (1_000 + rng.random_range(-delta..=delta)) as u64; - tokio::time::sleep(tokio::time::Duration::from_millis(sleep_ms)).await; - } - return Ok(RegisterVerificationResponse::NoContent(())); - } - let token_claims = crate::auth::generate_register_verify_claims(data.email.clone(), data.name.clone(), should_send_mail); let token = crate::auth::encode_jwt(&token_claims); if should_send_mail { - mail::send_register_verify_email(&data.email, &token).await?; + if User::find_by_mail(&data.email, &mut conn).await.is_some() { + if should_send_mail { + // There is still a timing side channel here in that the code + // paths that send mail take noticeably longer than ones that + // don't. Add a randomized sleep to mitigate this somewhat. + use rand::{rngs::SmallRng, Rng, SeedableRng}; + let mut rng = SmallRng::from_os_rng(); + let delta: i32 = 100; + let sleep_ms = (1_000 + rng.random_range(-delta..=delta)) as u64; + tokio::time::sleep(tokio::time::Duration::from_millis(sleep_ms)).await; + } + } else { + mail::send_register_verify_email(&data.email, &token).await?; + } Ok(RegisterVerificationResponse::NoContent(())) } else {