159 lines
3.8 KiB
Rust
159 lines
3.8 KiB
Rust
use diesel::Connection;
|
|
use serde::{Serialize, Deserialize};
|
|
use uuid::Uuid;
|
|
use diesel::{PgConnection, ExpressionMethods, QueryDsl, RunQueryDsl, table, Insertable, Queryable};
|
|
use diesel_derive_enum::DbEnum;
|
|
use argon2::password_hash::SaltString;
|
|
use argon2::PasswordHash;
|
|
use argon2::PasswordVerifier;
|
|
use argon2::{
|
|
password_hash::{rand_core::OsRng, PasswordHasher},
|
|
Argon2,
|
|
};
|
|
use validator::ValidationError;
|
|
|
|
pub use super::error::DatabaseError;
|
|
|
|
#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
|
|
#[diesel(table_name = pwd)]
|
|
struct Pwd {
|
|
user_id: Uuid,
|
|
password: String,
|
|
}
|
|
|
|
#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
|
|
#[diesel(table_name = users)]
|
|
pub struct User {
|
|
pub id: Uuid,
|
|
pub username: String,
|
|
pub email: String,
|
|
pub role: Role,
|
|
}
|
|
|
|
#[derive(Debug, Serialize, Deserialize, DbEnum, Clone, Copy, PartialEq)]
|
|
pub enum Role {
|
|
Admin,
|
|
User,
|
|
}
|
|
|
|
pub struct LoginUser {
|
|
pub username: String,
|
|
pub password: String
|
|
}
|
|
|
|
#[derive(Serialize, Deserialize)]
|
|
pub struct LoginResult {
|
|
pub result: bool,
|
|
pub user: Option<User>,
|
|
}
|
|
|
|
#[derive(Serialize, Deserialize)]
|
|
pub struct RegisterResult {
|
|
pub result: bool,
|
|
}
|
|
|
|
#[derive(Serialize, Deserialize)]
|
|
pub struct Register {
|
|
pub username: String,
|
|
pub email: String,
|
|
pub password: String
|
|
}
|
|
|
|
|
|
table! {
|
|
users(id) {
|
|
id -> diesel::sql_types::Uuid,
|
|
username -> VarChar,
|
|
email -> VarChar,
|
|
role -> crate::schema::user::RoleMapping,
|
|
}
|
|
}
|
|
|
|
table! {
|
|
pwd(user_id) {
|
|
user_id -> diesel::sql_types::Uuid,
|
|
password -> VarChar,
|
|
}
|
|
}
|
|
|
|
pub fn login(conn: &mut PgConnection, user: LoginUser) -> Result<Option<User>, DatabaseError> {
|
|
let id: Uuid = users::table
|
|
.filter(users::username.eq(&user.username))
|
|
.or_filter(users::email.eq(&user.username))
|
|
.select(users::id)
|
|
.first(conn)?;
|
|
|
|
let pwd: String = pwd::table
|
|
.filter(pwd::user_id.eq(id))
|
|
.select(pwd::password)
|
|
.first(conn)?;
|
|
|
|
let parsed_hash = PasswordHash::new(&pwd)?;
|
|
|
|
if Argon2::default()
|
|
.verify_password(&user.password.as_bytes(), &parsed_hash)
|
|
.is_ok()
|
|
{
|
|
Ok(Some(users::table.find(id).first(conn)?))
|
|
} else {
|
|
Ok(None)
|
|
}
|
|
}
|
|
|
|
pub fn unique_username(username: &String, conn: &mut PgConnection) -> Result<(), ValidationError> {
|
|
match users::table
|
|
.count()
|
|
.filter(users::username.eq(username))
|
|
.get_result(conn)
|
|
{
|
|
Ok(0) => Ok(()),
|
|
Ok(_) => Err(ValidationError::new("User already exists")),
|
|
Err(_) => Err(ValidationError::new("Database error while validating user")),
|
|
}
|
|
}
|
|
|
|
pub fn unique_email(email: &String, conn: &mut PgConnection) -> Result<(), ValidationError> {
|
|
match users::table
|
|
.count()
|
|
.filter(users::email.eq(email))
|
|
.get_result(conn)
|
|
{
|
|
Ok(0) => Ok(()),
|
|
Ok(_) => Err(ValidationError::new("email already exists")),
|
|
Err(_) => Err(ValidationError::new(
|
|
"Database error while validating email",
|
|
)),
|
|
}
|
|
}
|
|
|
|
pub fn register(conn: &mut PgConnection, register: Register) -> Result<(), DatabaseError> {
|
|
let salt = SaltString::generate(&mut OsRng);
|
|
|
|
let argon2 = Argon2::default();
|
|
|
|
let password_hash = argon2
|
|
.hash_password(register.password.as_bytes(), &salt)?
|
|
.to_string();
|
|
|
|
conn.transaction(|c| {
|
|
let id = Uuid::new_v4();
|
|
|
|
diesel::insert_into(users::table)
|
|
.values(User {
|
|
id: id.clone(),
|
|
username: register.username,
|
|
email: register.email,
|
|
role: Role::User,
|
|
})
|
|
.execute(c)?;
|
|
|
|
diesel::insert_into(pwd::table)
|
|
.values(Pwd {
|
|
user_id: id,
|
|
password: password_hash,
|
|
})
|
|
.execute(c)?;
|
|
|
|
Ok(())
|
|
})
|
|
} |