Added a user system with no proper user validation but working authorisation. #1
@ -1,36 +1,36 @@
|
|||||||
use validator::ValidateArgs;
|
use crate::schema;
|
||||||
use crate::AppConfig;
|
|
||||||
use rocket::request::Outcome;
|
|
||||||
use jsonwebtoken::decode;
|
|
||||||
use crate::schema::DbConn;
|
use crate::schema::DbConn;
|
||||||
|
use crate::AppConfig;
|
||||||
|
use chrono::Utc;
|
||||||
|
use jsonwebtoken::decode;
|
||||||
|
use jsonwebtoken::encode;
|
||||||
use jsonwebtoken::DecodingKey;
|
use jsonwebtoken::DecodingKey;
|
||||||
use jsonwebtoken::Validation;
|
use jsonwebtoken::Validation;
|
||||||
use rocket::State;
|
use jsonwebtoken::{EncodingKey, Header};
|
||||||
use chrono::Utc;
|
|
||||||
use jsonwebtoken::{Header, EncodingKey};
|
|
||||||
use crate::schema;
|
|
||||||
use std::borrow::Cow;
|
|
||||||
use jsonwebtoken::encode;
|
|
||||||
use rocket::serde::json::{Json, json, Value};
|
|
||||||
use rocket::http::Status;
|
use rocket::http::Status;
|
||||||
use rocket::request::{self, Request, FromRequest};
|
use rocket::outcome::Outcome::{Failure, Success};
|
||||||
use rocket::outcome::Outcome::{Success, Failure};
|
use rocket::request::Outcome;
|
||||||
use serde::{Serialize, Deserialize};
|
use rocket::request::{self, FromRequest, Request};
|
||||||
|
use rocket::serde::json::{json, Json, Value};
|
||||||
|
use rocket::State;
|
||||||
|
use serde::{Deserialize, Serialize};
|
||||||
|
use std::borrow::Cow;
|
||||||
|
use validator::ValidateArgs;
|
||||||
|
|
||||||
pub struct Referer(String);
|
pub struct Referer(String);
|
||||||
|
|||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
pub enum ReferrerError {
|
pub enum ReferrerError {
|
||||||
Missing,
|
Missing,
|
||||||
MoreThanOne
|
MoreThanOne,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Responder)]
|
#[derive(Debug, Responder)]
|
||||||
pub enum ApiResponseVariant {
|
pub enum ApiResponseVariant {
|
||||||
Status(Status),
|
Status(Status),
|
||||||
// Redirect(Redirect),
|
// Redirect(Redirect),
|
||||||
Value(Value),
|
Value(Value),
|
||||||
// Flash(Flash<Redirect>)
|
// Flash(Flash<Redirect>)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[rocket::async_trait]
|
#[rocket::async_trait]
|
||||||
@ -38,7 +38,7 @@ impl<'r> FromRequest<'r> for Referer {
|
|||||||
type Error = ReferrerError;
|
type Error = ReferrerError;
|
||||||
|
|
||||||
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
||||||
let referers : Vec<_> = req.headers().get("Referer").collect();
|
let referers: Vec<_> = req.headers().get("Referer").collect();
|
||||||
match referers.len() {
|
match referers.len() {
|
||||||
0 => Failure((Status::BadRequest, ReferrerError::Missing)),
|
0 => Failure((Status::BadRequest, ReferrerError::Missing)),
|
||||||
1 => Success(Referer(referers[0].to_string())),
|
1 => Success(Referer(referers[0].to_string())),
|
||||||
@ -51,9 +51,9 @@ impl<'r> FromRequest<'r> for Referer {
|
|||||||
struct ApiResponse {
|
struct ApiResponse {
|
||||||
result: Cow<'static, str>,
|
result: Cow<'static, str>,
|
||||||
#[serde(skip_serializing_if = "Option::is_none")]
|
#[serde(skip_serializing_if = "Option::is_none")]
|
||||||
message: Option::<Cow<'static, str>>,
|
message: Option<Cow<'static, str>>,
|
||||||
#[serde(skip_serializing_if = "Option::is_none")]
|
#[serde(skip_serializing_if = "Option::is_none")]
|
||||||
jwt: Option::<Cow<'static, str>>
|
jwt: Option<Cow<'static, str>>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl ApiResponse {
|
impl ApiResponse {
|
||||||
@ -63,14 +63,14 @@ impl ApiResponse {
|
|||||||
const SUCCES: Self = Self {
|
const SUCCES: Self = Self {
|
||||||
result: Self::SUCCES_RESULT,
|
result: Self::SUCCES_RESULT,
|
||||||
message: None,
|
message: None,
|
||||||
jwt: None
|
jwt: None,
|
||||||
};
|
};
|
||||||
|
|
||||||
fn error(message: String) -> Self {
|
fn error(message: String) -> Self {
|
||||||
Self {
|
Self {
|
||||||
result: Self::FAILURE_RESULT,
|
result: Self::FAILURE_RESULT,
|
||||||
message: Some(Cow::Owned(message)),
|
message: Some(Cow::Owned(message)),
|
||||||
jwt: None
|
jwt: None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -78,7 +78,7 @@ impl ApiResponse {
|
|||||||
Self {
|
Self {
|
||||||
result: Self::SUCCES_RESULT,
|
result: Self::SUCCES_RESULT,
|
||||||
message: None,
|
message: None,
|
||||||
jwt: Some(Cow::Owned(jwt))
|
jwt: Some(Cow::Owned(jwt)),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -98,23 +98,40 @@ impl<'r> FromRequest<'r> for schema::User {
|
|||||||
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||||||
let header = match req.headers().get_one(AUTH_HEADER) {
|
let header = match req.headers().get_one(AUTH_HEADER) {
|
||||||
Some(header) => header,
|
Some(header) => header,
|
||||||
None => return Outcome::Failure((Status::BadRequest, ApiError::RequestError("No authorization header found".to_string())))
|
None => {
|
||||||
|
return Outcome::Failure((
|
||||||
|
Status::BadRequest,
|
||||||
|
ApiError::RequestError("No authorization header found".to_string()),
|
||||||
|
))
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
if !header.starts_with(BEARER) {
|
if !header.starts_with(BEARER) {
|
||||||
return Outcome::Failure((Status::BadRequest, ApiError::RequestError("Invalid Authorization header.".to_string())))
|
return Outcome::Failure((
|
||||||
|
Status::BadRequest,
|
||||||
|
ApiError::RequestError("Invalid Authorization header.".to_string()),
|
||||||
|
));
|
||||||
};
|
};
|
||||||
|
|
||||||
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
|
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
|
||||||
Roflin marked this conversation as resolved
Lucus
commented
I think you can use a Request Guard (see https://api.rocket.rs/v0.5-rc/rocket/request/trait.FromRequest.html) to authenticate the user and role: For example, endpoints that require admin privileges could accept a non-optional I think you can use a Request Guard (see https://api.rocket.rs/v0.5-rc/rocket/request/trait.FromRequest.html) to authenticate the user and role: For example, endpoints that require admin privileges could accept a non-optional `Admin` struct containing a user id and the request guard that generates it would only return `Success` if the user is logged and has the admin role.
Lucus
commented
See also the examples under the header "Request-Local State" in the above link. See also the examples under the header "Request-Local State" in the above link.
Lucus
commented
Reading more carefully I see you're already doing this, just that you're accepting an Reading more carefully I see you're already doing this, just that you're accepting an `Option<User>` and then checking it's not `None` while you could accept a `User` and be sure.
|
|||||||
let jwt = header.trim_start_matches(BEARER).to_owned();
|
let jwt = header.trim_start_matches(BEARER).to_owned();
|
||||||
let token = match decode::<Claims>(&jwt, &DecodingKey::from_secret(app_config.jwt_secret.as_bytes()), &Validation::default()) {
|
let token = match decode::<Claims>(
|
||||||
|
&jwt,
|
||||||
|
&DecodingKey::from_secret(app_config.jwt_secret.as_bytes()),
|
||||||
|
&Validation::default(),
|
||||||
|
) {
|
||||||
Ok(token) => token,
|
Ok(token) => token,
|
||||||
Err(error) => return Outcome::Failure((Status::BadRequest, ApiError::RequestError(error.to_string())))
|
Err(error) => {
|
||||||
|
return Outcome::Failure((
|
||||||
|
Status::BadRequest,
|
||||||
|
ApiError::RequestError(error.to_string()),
|
||||||
|
))
|
||||||
|
}
|
||||||
};
|
};
|
||||||
let id = token.claims.uid;
|
let id = token.claims.uid;
|
||||||
|
|
||||||
let conn = req.guard::<DbConn>().await.unwrap();
|
let conn = req.guard::<DbConn>().await.unwrap();
|
||||||
return Outcome::Success(schema::get_user(conn, id).await)
|
return Outcome::Success(schema::get_user(conn, id).await);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -123,38 +140,45 @@ pub async fn gamenights(conn: DbConn, user: Option<schema::User>) -> ApiResponse
|
|||||||
if user.is_some() {
|
if user.is_some() {
|
||||||
let gamenights = schema::get_all_gamenights(conn).await;
|
let gamenights = schema::get_all_gamenights(conn).await;
|
||||||
ApiResponseVariant::Value(json!(gamenights))
|
ApiResponseVariant::Value(json!(gamenights))
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
ApiResponseVariant::Status(Status::Unauthorized)
|
ApiResponseVariant::Status(Status::Unauthorized)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
|
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
|
||||||
pub async fn gamenight_post_json(conn: DbConn, user: Option<schema::User>, gamenight_json: Json<schema::GameNightNoId>) -> ApiResponseVariant {
|
pub async fn gamenight_post_json(
|
||||||
|
conn: DbConn,
|
||||||
|
user: Option<schema::User>,
|
||||||
|
gamenight_json: Json<schema::GameNightNoId>,
|
||||||
|
) -> ApiResponseVariant {
|
||||||
if user.is_some() {
|
if user.is_some() {
|
||||||
schema::insert_gamenight(conn, gamenight_json.into_inner()).await;
|
schema::insert_gamenight(conn, gamenight_json.into_inner()).await;
|
||||||
ApiResponseVariant::Value(json!(ApiResponse::SUCCES))
|
ApiResponseVariant::Value(json!(ApiResponse::SUCCES))
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
ApiResponseVariant::Status(Status::Unauthorized)
|
ApiResponseVariant::Status(Status::Unauthorized)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/register", format = "application/json", data = "<register_json>")]
|
#[post("/register", format = "application/json", data = "<register_json>")]
|
||||||
pub async fn register_post_json(conn: DbConn, register_json: Json<schema::Register>) -> ApiResponseVariant {
|
pub async fn register_post_json(
|
||||||
|
conn: DbConn,
|
||||||
|
register_json: Json<schema::Register>,
|
||||||
|
) -> ApiResponseVariant {
|
||||||
let register = register_json.into_inner();
|
let register = register_json.into_inner();
|
||||||
let register_clone = register.clone();
|
let register_clone = register.clone();
|
||||||
match conn.run(move |c| {
|
match conn
|
||||||
register_clone.validate_args((c,c))
|
.run(move |c| register_clone.validate_args((c, c)))
|
||||||
}).await {
|
.await
|
||||||
|
{
|
||||||
Ok(()) => (),
|
Ok(()) => (),
|
||||||
Err(error) => return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
|
Err(error) => {
|
||||||
|
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
match schema::insert_user(conn, register).await {
|
match schema::insert_user(conn, register).await {
|
||||||
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
|
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
|
||||||
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string())))
|
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -166,24 +190,37 @@ struct Claims {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[post("/login", format = "application/json", data = "<login_json>")]
|
#[post("/login", format = "application/json", data = "<login_json>")]
|
||||||
pub async fn login_post_json(conn: DbConn, config: &State<AppConfig>, login_json: Json<schema::Login>) -> ApiResponseVariant {
|
pub async fn login_post_json(
|
||||||
|
conn: DbConn,
|
||||||
|
config: &State<AppConfig>,
|
||||||
|
login_json: Json<schema::Login>,
|
||||||
|
) -> ApiResponseVariant {
|
||||||
match schema::login(conn, login_json.into_inner()).await {
|
match schema::login(conn, login_json.into_inner()).await {
|
||||||
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
|
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
|
||||||
Ok(login_result) => {
|
Ok(login_result) => {
|
||||||
|
if !login_result.result {
|
||||||
|
return ApiResponseVariant::Value(json!(ApiResponse::error(String::from(
|
||||||
|
"username and password didn't match"
|
||||||
|
))));
|
||||||
|
}
|
||||||
|
|
||||||
let my_claims = Claims {
|
let my_claims = Claims {
|
||||||
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
|
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
|
||||||
uid: login_result.id.unwrap(),
|
uid: login_result.id.unwrap(),
|
||||||
role: login_result.role.unwrap()
|
role: login_result.role.unwrap(),
|
||||||
};
|
};
|
||||||
|
|
||||||
let secret = &config.inner().jwt_secret;
|
let secret = &config.inner().jwt_secret;
|
||||||
match encode(&Header::default(), &my_claims, &EncodingKey::from_secret(secret.as_bytes()))
|
match encode(
|
||||||
{
|
&Header::default(),
|
||||||
|
&my_claims,
|
||||||
|
&EncodingKey::from_secret(secret.as_bytes()),
|
||||||
|
) {
|
||||||
Ok(token) => ApiResponseVariant::Value(json!(ApiResponse::login_response(token))),
|
Ok(token) => ApiResponseVariant::Value(json!(ApiResponse::login_response(token))),
|
||||||
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
|
Err(error) => {
|
||||||
|
ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,8 +1,17 @@
|
|||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
#[macro_use] extern crate diesel_migrations;
|
extern crate rocket;
|
||||||
#[macro_use] extern crate diesel;
|
#[macro_use]
|
||||||
|
extern crate diesel_migrations;
|
||||||
|
#[macro_use]
|
||||||
|
extern crate diesel;
|
||||||
|
|
||||||
use rocket::{fairing::AdHoc, figment::{Figment, providers::{Serialized, Toml, Env, Format}, Profile}};
|
use rocket::{
|
||||||
|
fairing::AdHoc,
|
||||||
|
figment::{
|
||||||
|
providers::{Env, Format, Serialized, Toml},
|
||||||
|
Figment, Profile,
|
||||||
|
},
|
||||||
|
};
|
||||||
use rocket_dyn_templates::Template;
|
use rocket_dyn_templates::Template;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
@ -12,12 +21,14 @@ mod site;
|
|||||||
|
|
||||||
#[derive(Debug, Deserialize, Serialize)]
|
#[derive(Debug, Deserialize, Serialize)]
|
||||||
pub struct AppConfig {
|
pub struct AppConfig {
|
||||||
jwt_secret: String
|
jwt_secret: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Default for AppConfig {
|
impl Default for AppConfig {
|
||||||
fn default() -> AppConfig {
|
fn default() -> AppConfig {
|
||||||
AppConfig { jwt_secret: String::from("secret") }
|
AppConfig {
|
||||||
|
jwt_secret: String::from("secret"),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -34,13 +45,17 @@ fn rocket() -> _ {
|
|||||||
.attach(Template::fairing())
|
.attach(Template::fairing())
|
||||||
.attach(AdHoc::on_ignite("Run Migrations", schema::run_migrations))
|
.attach(AdHoc::on_ignite("Run Migrations", schema::run_migrations))
|
||||||
.attach(AdHoc::config::<AppConfig>())
|
.attach(AdHoc::config::<AppConfig>())
|
||||||
.mount("/", routes![site::index, site::gamenights,
|
.attach(site::make_cors())
|
||||||
site::add_game_night, site::register])
|
.mount("/", routes![site::index, site::files])
|
||||||
.mount("/api", routes![
|
.mount(
|
||||||
api::gamenights, api::gamenight_post_json,
|
"/api",
|
||||||
api::register_post_json,
|
routes![
|
||||||
api::login_post_json
|
api::gamenights,
|
||||||
]);
|
api::gamenight_post_json,
|
||||||
|
api::register_post_json,
|
||||||
|
api::login_post_json
|
||||||
|
],
|
||||||
|
);
|
||||||
|
|
||||||
rocket
|
rocket
|
||||||
}
|
}
|
||||||
|
@ -1,24 +1,21 @@
|
|||||||
use diesel::dsl::count;
|
|
||||||
use std::ops::Deref;
|
|
||||||
use argon2::PasswordVerifier;
|
|
||||||
use argon2::PasswordHash;
|
|
||||||
use diesel_derive_enum::DbEnum;
|
|
||||||
use crate::diesel::QueryDsl;
|
|
||||||
use crate::diesel::BoolExpressionMethods;
|
use crate::diesel::BoolExpressionMethods;
|
||||||
use crate::diesel::ExpressionMethods;
|
|
||||||
use crate::diesel::Connection;
|
use crate::diesel::Connection;
|
||||||
use rocket_sync_db_pools::database;
|
use crate::diesel::ExpressionMethods;
|
||||||
use serde::{Serialize, Deserialize};
|
use crate::diesel::QueryDsl;
|
||||||
use rocket::{Rocket, Build};
|
|
||||||
use diesel::RunQueryDsl;
|
|
||||||
use argon2::{
|
|
||||||
password_hash::{
|
|
||||||
rand_core::OsRng,
|
|
||||||
PasswordHasher
|
|
||||||
},
|
|
||||||
Argon2
|
|
||||||
};
|
|
||||||
use argon2::password_hash::SaltString;
|
use argon2::password_hash::SaltString;
|
||||||
|
use argon2::PasswordHash;
|
||||||
|
use argon2::PasswordVerifier;
|
||||||
|
use argon2::{
|
||||||
|
password_hash::{rand_core::OsRng, PasswordHasher},
|
||||||
|
Argon2,
|
||||||
|
};
|
||||||
|
use diesel::dsl::count;
|
||||||
|
use diesel::RunQueryDsl;
|
||||||
|
use diesel_derive_enum::DbEnum;
|
||||||
|
use rocket::{Build, Rocket};
|
||||||
|
use rocket_sync_db_pools::database;
|
||||||
|
use serde::{Deserialize, Serialize};
|
||||||
|
use std::ops::Deref;
|
||||||
use validator::{Validate, ValidationError};
|
use validator::{Validate, ValidationError};
|
||||||
|
|
||||||
#[database("gamenight_database")]
|
#[database("gamenight_database")]
|
||||||
@ -66,30 +63,25 @@ table! {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
allow_tables_to_appear_in_same_query!(
|
allow_tables_to_appear_in_same_query!(gamenight, known_games,);
|
||||||
gamenight,
|
|
||||||
known_games,
|
|
||||||
);
|
|
||||||
|
|
||||||
pub enum DatabaseError {
|
pub enum DatabaseError {
|
||||||
Hash(password_hash::Error),
|
Hash(password_hash::Error),
|
||||||
Query(String)
|
Query(String),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl std::fmt::Display for DatabaseError {
|
impl std::fmt::Display for DatabaseError {
|
||||||
|
|
||||||
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
|
||||||
match self {
|
match self {
|
||||||
DatabaseError::Hash(err) => write!(f, "{}", err),
|
DatabaseError::Hash(err) => write!(f, "{}", err),
|
||||||
DatabaseError::Query(err) => write!(f, "{}", err)
|
DatabaseError::Query(err) => write!(f, "{}", err),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_all_gamenights(conn: DbConn) -> Vec::<GameNight> {
|
pub async fn get_all_gamenights(conn: DbConn) -> Vec<GameNight> {
|
||||||
conn.run(|c| {
|
conn.run(|c| gamenight::table.load::<GameNight>(c).unwrap())
|
||||||
gamenight::table.load::<GameNight>(c).unwrap()
|
.await
|
||||||
}).await
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn insert_gamenight(conn: DbConn, new_gamenight: GameNightNoId) -> () {
|
pub async fn insert_gamenight(conn: DbConn, new_gamenight: GameNightNoId) -> () {
|
||||||
@ -98,7 +90,8 @@ pub async fn insert_gamenight(conn: DbConn, new_gamenight: GameNightNoId) -> ()
|
|||||||
.values(new_gamenight)
|
.values(new_gamenight)
|
||||||
.execute(c)
|
.execute(c)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
}).await;
|
})
|
||||||
|
.await;
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), DatabaseError> {
|
pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), DatabaseError> {
|
||||||
@ -107,29 +100,41 @@ pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), Databas
|
|||||||
let argon2 = Argon2::default();
|
let argon2 = Argon2::default();
|
||||||
|
|
||||||
let password_hash = match argon2.hash_password(new_user.password.as_bytes(), &salt) {
|
let password_hash = match argon2.hash_password(new_user.password.as_bytes(), &salt) {
|
||||||
Ok(hash) => hash.to_string(),
|
Ok(hash) => hash.to_string(),
|
||||||
Err(error) => return Err(DatabaseError::Hash(error))
|
Err(error) => return Err(DatabaseError::Hash(error)),
|
||||||
};
|
};
|
||||||
|
|
||||||
match conn.run(move |c| {
|
match conn
|
||||||
c.transaction(|| {
|
.run(move |c| {
|
||||||
diesel::insert_into(user::table)
|
c.transaction(|| {
|
||||||
.values((user::username.eq(&new_user.username), user::email.eq(&new_user.email), user::role.eq(Role::User)))
|
diesel::insert_into(user::table)
|
||||||
.execute(c)?;
|
.values((
|
||||||
|
user::username.eq(&new_user.username),
|
||||||
let ids : Vec::<i32> = match user::table
|
user::email.eq(&new_user.email),
|
||||||
.filter(user::username.eq(&new_user.username).and(user::email.eq(&new_user.email)))
|
user::role.eq(Role::User),
|
||||||
.select(user::id)
|
))
|
||||||
.get_results(c) {
|
.execute(c)?;
|
||||||
|
|
||||||
|
let ids: Vec<i32> = match user::table
|
||||||
|
.filter(
|
||||||
|
user::username
|
||||||
|
.eq(&new_user.username)
|
||||||
|
.and(user::email.eq(&new_user.email)),
|
||||||
|
)
|
||||||
|
.select(user::id)
|
||||||
Roflin marked this conversation as resolved
yorick
commented
called called `user_id` now
|
|||||||
|
.get_results(c)
|
||||||
|
{
|
||||||
Ok(id) => id,
|
Ok(id) => id,
|
||||||
Err(e) => return Err(e)
|
Err(e) => return Err(e),
|
||||||
};
|
};
|
||||||
|
|
||||||
diesel::insert_into(pwd::table)
|
diesel::insert_into(pwd::table)
|
||||||
.values((pwd::id.eq(ids[0]), pwd::password.eq(&password_hash)))
|
.values((pwd::id.eq(ids[0]), pwd::password.eq(&password_hash)))
|
||||||
.execute(c)
|
.execute(c)
|
||||||
|
})
|
||||||
})
|
})
|
||||||
}).await {
|
.await
|
||||||
|
{
|
||||||
Err(e) => Err(DatabaseError::Query(e.to_string())),
|
Err(e) => Err(DatabaseError::Query(e.to_string())),
|
||||||
_ => Ok(()),
|
_ => Ok(()),
|
||||||
}
|
}
|
||||||
@ -137,83 +142,94 @@ pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), Databas
|
|||||||
|
|
||||||
pub async fn login(conn: DbConn, login: Login) -> Result<LoginResult, DatabaseError> {
|
pub async fn login(conn: DbConn, login: Login) -> Result<LoginResult, DatabaseError> {
|
||||||
conn.run(move |c| -> Result<LoginResult, DatabaseError> {
|
conn.run(move |c| -> Result<LoginResult, DatabaseError> {
|
||||||
let id : i32 = match user::table
|
let id: i32 = match user::table
|
||||||
.filter(user::username.eq(&login.username))
|
.filter(user::username.eq(&login.username))
|
||||||
.or_filter(user::email.eq(&login.username))
|
.or_filter(user::email.eq(&login.username))
|
||||||
.select(user::id)
|
.select(user::id)
|
||||||
.get_results(c) {
|
.get_results(c)
|
||||||
Ok(id) => id[0],
|
{
|
||||||
Err(error) => return Err(DatabaseError::Query(error.to_string()))
|
Ok(id) => id[0],
|
||||||
};
|
Err(error) => return Err(DatabaseError::Query(error.to_string())),
|
||||||
|
};
|
||||||
let pwd : String = match pwd::table
|
|
||||||
|
let pwd: String = match pwd::table
|
||||||
.filter(pwd::id.eq(id))
|
.filter(pwd::id.eq(id))
|
||||||
.select(pwd::password)
|
.select(pwd::password)
|
||||||
.get_results::<String>(c) {
|
.get_results::<String>(c)
|
||||||
Ok(pwd) => pwd[0].clone(),
|
{
|
||||||
Err(error) => return Err(DatabaseError::Query(error.to_string()))
|
Ok(pwd) => pwd[0].clone(),
|
||||||
};
|
Err(error) => return Err(DatabaseError::Query(error.to_string())),
|
||||||
|
};
|
||||||
|
|
||||||
let parsed_hash = match PasswordHash::new(&pwd) {
|
let parsed_hash = match PasswordHash::new(&pwd) {
|
||||||
Ok(hash) => hash,
|
Ok(hash) => hash,
|
||||||
Err(error) => return Err(DatabaseError::Hash(error))
|
Err(error) => return Err(DatabaseError::Hash(error)),
|
||||||
};
|
};
|
||||||
|
|
||||||
if Argon2::default().verify_password(&login.password.as_bytes(), &parsed_hash).is_ok() {
|
if Argon2::default()
|
||||||
|
.verify_password(&login.password.as_bytes(), &parsed_hash)
|
||||||
let role : Role = match user::table
|
.is_ok()
|
||||||
|
{
|
||||||
|
let role: Role = match user::table
|
||||||
.filter(user::id.eq(id))
|
.filter(user::id.eq(id))
|
||||||
.select(user::role)
|
.select(user::role)
|
||||||
.get_results::<Role>(c) {
|
.get_results::<Role>(c)
|
||||||
Ok(role) => role[0].clone(),
|
{
|
||||||
Err(error) => return Err(DatabaseError::Query(error.to_string()))
|
Ok(role) => role[0].clone(),
|
||||||
};
|
Err(error) => return Err(DatabaseError::Query(error.to_string())),
|
||||||
|
};
|
||||||
|
|
||||||
Ok(LoginResult {
|
Ok(LoginResult {
|
||||||
result: true,
|
result: true,
|
||||||
id: Some(id),
|
id: Some(id),
|
||||||
role: Some(role)
|
role: Some(role),
|
||||||
})
|
})
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
Ok(LoginResult {
|
Ok(LoginResult {
|
||||||
result: false,
|
result: false,
|
||||||
id: None,
|
id: None,
|
||||||
role: None,
|
role: None,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}).await
|
})
|
||||||
|
.await
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_user(conn: DbConn, id: i32) -> User {
|
pub async fn get_user(conn: DbConn, id: i32) -> User {
|
||||||
conn.run(move |c| {
|
conn.run(move |c| user::table.filter(user::id.eq(id)).first(c).unwrap())
|
||||||
user::table
|
.await
|
||||||
.filter(user::id.eq(id))
|
|
||||||
.first(c)
|
|
||||||
.unwrap()
|
|
||||||
}).await
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn unique_username(username: &String, conn: &diesel::SqliteConnection) -> Result<(), ValidationError> {
|
pub fn unique_username(
|
||||||
|
username: &String,
|
||||||
|
conn: &diesel::SqliteConnection,
|
||||||
|
) -> Result<(), ValidationError> {
|
||||||
match user::table
|
match user::table
|
||||||
.select(count(user::username))
|
.select(count(user::username))
|
||||||
.filter(user::username.eq(username))
|
.filter(user::username.eq(username))
|
||||||
.execute(conn) {
|
.execute(conn)
|
||||||
Ok(0) => Ok(()),
|
{
|
||||||
Ok(_) => Err(ValidationError::new("User already exists")),
|
Ok(0) => Ok(()),
|
||||||
Err(_) => Err(ValidationError::new("Database error while validating user"))
|
Ok(_) => Err(ValidationError::new("User already exists")),
|
||||||
}
|
Err(_) => Err(ValidationError::new("Database error while validating user")),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn unique_email(email: &String, conn: &diesel::SqliteConnection) -> Result<(), ValidationError> {
|
pub fn unique_email(
|
||||||
|
email: &String,
|
||||||
|
conn: &diesel::SqliteConnection,
|
||||||
|
) -> Result<(), ValidationError> {
|
||||||
match user::table
|
match user::table
|
||||||
.select(count(user::email))
|
.select(count(user::email))
|
||||||
.filter(user::email.eq(email))
|
.filter(user::email.eq(email))
|
||||||
.execute(conn) {
|
.execute(conn)
|
||||||
Ok(0) => Ok(()),
|
{
|
||||||
Ok(_) => Err(ValidationError::new("email already exists")),
|
Ok(0) => Ok(()),
|
||||||
Err(_) => Err(ValidationError::new("Database error while validating email"))
|
Ok(_) => Err(ValidationError::new("email already exists")),
|
||||||
}
|
Err(_) => Err(ValidationError::new(
|
||||||
|
"Database error while validating email",
|
||||||
|
)),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn run_migrations(rocket: Rocket<Build>) -> Rocket<Build> {
|
pub async fn run_migrations(rocket: Rocket<Build>) -> Rocket<Build> {
|
||||||
@ -223,7 +239,9 @@ pub async fn run_migrations(rocket: Rocket<Build>) -> Rocket<Build> {
|
|||||||
embed_migrations!();
|
embed_migrations!();
|
||||||
|
|
||||||
let conn = DbConn::get_one(&rocket).await.expect("database connection");
|
let conn = DbConn::get_one(&rocket).await.expect("database connection");
|
||||||
conn.run(|c| embedded_migrations::run(c)).await.expect("can run migrations");
|
conn.run(|c| embedded_migrations::run(c))
|
||||||
|
.await
|
||||||
|
.expect("can run migrations");
|
||||||
|
|
||||||
rocket
|
rocket
|
||||||
}
|
}
|
||||||
@ -235,45 +253,51 @@ pub enum Role {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
|
#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
|
||||||
#[table_name="user"]
|
#[table_name = "user"]
|
||||||
pub struct User {
|
pub struct User {
|
||||||
pub id: i32,
|
pub id: i32,
|
||||||
pub username: String,
|
pub username: String,
|
||||||
pub email: String,
|
pub email: String,
|
||||||
pub role: Role
|
pub role: Role,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, FromForm, Insertable)]
|
#[derive(Serialize, Deserialize, Debug, FromForm, Insertable)]
|
||||||
#[table_name="known_games"]
|
#[table_name = "known_games"]
|
||||||
pub struct GameNoId {
|
pub struct GameNoId {
|
||||||
pub game : String,
|
pub game: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, FromForm, Queryable)]
|
#[derive(Serialize, Deserialize, Debug, FromForm, Queryable)]
|
||||||
pub struct Game {
|
pub struct Game {
|
||||||
pub id: i32,
|
pub id: i32,
|
||||||
pub game : String,
|
pub game: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, FromForm, Insertable)]
|
#[derive(Serialize, Deserialize, Debug, FromForm, Insertable)]
|
||||||
#[table_name="gamenight"]
|
#[table_name = "gamenight"]
|
||||||
pub struct GameNightNoId {
|
pub struct GameNightNoId {
|
||||||
pub game : String,
|
pub game: String,
|
||||||
pub datetime : String,
|
pub datetime: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, FromForm, Queryable)]
|
#[derive(Serialize, Deserialize, Debug, FromForm, Queryable)]
|
||||||
pub struct GameNight {
|
pub struct GameNight {
|
||||||
pub id: i32,
|
pub id: i32,
|
||||||
pub game : String,
|
pub game: String,
|
||||||
pub datetime : String,
|
pub datetime: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug, Validate, Clone)]
|
#[derive(Serialize, Deserialize, Debug, Validate, Clone)]
|
||||||
pub struct Register {
|
pub struct Register {
|
||||||
#[validate(length(min = 1), custom( function = "unique_username", arg = "&'v_a diesel::SqliteConnection"))]
|
#[validate(
|
||||||
|
length(min = 1),
|
||||||
|
custom(function = "unique_username", arg = "&'v_a diesel::SqliteConnection")
|
||||||
|
)]
|
||||||
pub username: String,
|
pub username: String,
|
||||||
#[validate(email, custom( function = "unique_email", arg = "&'v_a diesel::SqliteConnection"))]
|
#[validate(
|
||||||
|
email,
|
||||||
|
custom(function = "unique_email", arg = "&'v_a diesel::SqliteConnection")
|
||||||
|
)]
|
||||||
pub email: String,
|
pub email: String,
|
||||||
#[validate(length(min = 10), must_match = "password_repeat")]
|
#[validate(length(min = 10), must_match = "password_repeat")]
|
||||||
pub password: String,
|
pub password: String,
|
||||||
@ -283,12 +307,12 @@ pub struct Register {
|
|||||||
#[derive(Serialize, Deserialize, Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
pub struct Login {
|
pub struct Login {
|
||||||
pub username: String,
|
pub username: String,
|
||||||
pub password: String
|
pub password: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
pub struct LoginResult {
|
pub struct LoginResult {
|
||||||
pub result: bool,
|
pub result: bool,
|
||||||
pub id: Option<i32>,
|
pub id: Option<i32>,
|
||||||
pub role: Option<Role>
|
pub role: Option<Role>,
|
||||||
}
|
}
|
||||||
|
@ -1,88 +1,42 @@
|
|||||||
use std::borrow::Cow;
|
use rocket::fs::NamedFile;
|
||||||
use serde::{Serialize, Deserialize};
|
use rocket::http::Method;
|
||||||
use rocket_dyn_templates::Template;
|
use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors, CorsOptions};
|
||||||
use rocket::response::{Redirect};
|
use std::io;
|
||||||
use rocket::request::{FlashMessage};
|
use std::path::{Path, PathBuf};
|
||||||
use crate::schema;
|
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
pub fn make_cors() -> Cors {
|
||||||
struct FlashData {
|
let allowed_origins = AllowedOrigins::some_exact(&[
|
||||||
has_data: bool,
|
// 4.
|
||||||
kind: Cow<'static, str>,
|
//CHANGE THESE TO MATCH YOUR PORTS
|
||||||
message: Cow<'static, str>
|
"http://localhost:3000",
|
||||||
|
"http://127.0.0.1:3000",
|
||||||
|
"http://localhost:8000",
|
||||||
|
"http://0.0.0.0:8000",
|
||||||
|
]);
|
||||||
|
CorsOptions {
|
||||||
|
// 5.
|
||||||
|
allowed_origins,
|
||||||
|
allowed_methods: vec![Method::Get].into_iter().map(From::from).collect(), // 1.
|
||||||
|
allowed_headers: AllowedHeaders::some(&[
|
||||||
|
"Authorization",
|
||||||
|
"Accept",
|
||||||
|
"Access-Control-Allow-Origin", // 6.
|
||||||
|
]),
|
||||||
|
allow_credentials: true,
|
||||||
|
..Default::default()
|
||||||
|
}
|
||||||
|
.to_cors()
|
||||||
|
.expect("error while building CORS")
|
||||||
}
|
}
|
||||||
|
|
||||||
impl FlashData {
|
#[get("/<file..>")]
|
||||||
const EMPTY: Self = Self { has_data: false, message: Cow::Borrowed(""), kind: Cow::Borrowed("") };
|
pub async fn files(file: PathBuf) -> Option<NamedFile> {
|
||||||
}
|
NamedFile::open(Path::new("../frontend/build/").join(file))
|
||||||
|
.await
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
.ok()
|
||||||
struct GameNightsData {
|
|
||||||
gamenights: Vec::<schema::GameNight>,
|
|
||||||
flash: FlashData
|
|
||||||
}
|
|
||||||
|
|
||||||
#[get("/gamenights")]
|
|
||||||
pub async fn gamenights(conn: schema::DbConn) -> Template {
|
|
||||||
let gamenights = schema::get_all_gamenights(conn).await;
|
|
||||||
|
|
||||||
let data = GameNightsData {
|
|
||||||
gamenights: gamenights,
|
|
||||||
flash: FlashData::EMPTY
|
|
||||||
};
|
|
||||||
|
|
||||||
Template::render("gamenights", &data)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/")]
|
#[get("/")]
|
||||||
pub async fn index() -> Redirect {
|
pub async fn index() -> io::Result<NamedFile> {
|
||||||
Redirect::to(uri!(gamenights))
|
NamedFile::open("../frontend/build/index.html").await
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
|
||||||
struct GameNightAddData {
|
|
||||||
post_url: String,
|
|
||||||
flash : FlashData
|
|
||||||
}
|
|
||||||
|
|
||||||
#[get("/gamenight/add")]
|
|
||||||
pub async fn add_game_night(flash: Option<FlashMessage<'_>>) -> Template {
|
|
||||||
let flash_data = match flash {
|
|
||||||
None => FlashData::EMPTY,
|
|
||||||
Some(flash) => FlashData {
|
|
||||||
has_data: true,
|
|
||||||
message: Cow::Owned(flash.message().to_string()),
|
|
||||||
kind: Cow::Owned(flash.kind().to_string())
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
let data = GameNightAddData {
|
|
||||||
post_url: "/api/gamenight".to_string(),
|
|
||||||
flash: flash_data
|
|
||||||
};
|
|
||||||
|
|
||||||
Template::render("gamenight_add", &data)
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
|
||||||
struct RegisterData {
|
|
||||||
flash : FlashData
|
|
||||||
}
|
|
||||||
|
|
||||||
#[get("/register")]
|
|
||||||
pub async fn register(flash: Option<FlashMessage<'_>>) -> Template {
|
|
||||||
let flash_data = match flash {
|
|
||||||
None => FlashData::EMPTY,
|
|
||||||
Some(flash) => FlashData {
|
|
||||||
has_data: true,
|
|
||||||
message: Cow::Owned(flash.message().to_string()),
|
|
||||||
kind: Cow::Owned(flash.kind().to_string())
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
let data = RegisterData {
|
|
||||||
flash: flash_data
|
|
||||||
};
|
|
||||||
|
|
||||||
Template::render("register", &data)
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user
You can probably use a
Result<Value, Status>
for most endpoints and avoid a custom enum. I also recommend usingjson::Value
qualified like that becauseValue
by itself is not very descriptive.True, but in the future we might want to return a status on a non error condition, or return a Redirect, I understand it is a bit overkill now, but in a previous iteration I was also returning Redirects and then this becomes a nice solution imho.