gorb/backend
4
0
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

style: cargo clippy && format
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details

Browse source
This commit is contained in:
Radical 2025-05-24 01:09:17 +02:00
parent 860fa7a66e
commit 8605b81e7b
26 changed files with 274 additions and 178 deletions
Download patch file Download diff file Expand all files Collapse all files

33
src/api/v1/auth/login.rs
View file

@ -2,13 +2,17 @@ use std::time::{SystemTime, UNIX_EPOCH};
use actix_web::{HttpResponse, post, web};
use argon2::{PasswordHash, PasswordVerifier};
use diesel::{dsl::insert_into, ExpressionMethods, QueryDsl};
use diesel::{ExpressionMethods, QueryDsl, dsl::insert_into};
use diesel_async::RunQueryDsl;
use serde::Deserialize;
use uuid::Uuid;
use crate::{
error::Error, api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, schema::*, utils::{generate_access_token, generate_refresh_token, refresh_token_cookie}, Data
Data,
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
error::Error,
schema::*,
utils::{generate_access_token, generate_refresh_token, refresh_token_cookie},
};
use super::Response;
@ -79,34 +83,45 @@ async fn login(
) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
let parsed_hash = PasswordHash::new(&database_password).map_err(|e| Error::PasswordHashError(e.to_string()))?;
let parsed_hash = PasswordHash::new(&database_password)
.map_err(|e| Error::PasswordHashError(e.to_string()))?;
if data
.argon2
.verify_password(request_password.as_bytes(), &parsed_hash)
.is_err()
{
return Err(Error::Unauthorized("Wrong username or password".to_string()));
return Err(Error::Unauthorized(
"Wrong username or password".to_string(),
));
}
let refresh_token = generate_refresh_token()?;
let access_token = generate_access_token()?;
let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH)?
.as_secs() as i64;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
use refresh_tokens::dsl as rdsl;
insert_into(refresh_tokens::table)
.values((rdsl::token.eq(&refresh_token), rdsl::uuid.eq(uuid), rdsl::created_at.eq(current_time), rdsl::device_name.eq(device_name)))
.values((
rdsl::token.eq(&refresh_token),
rdsl::uuid.eq(uuid),
rdsl::created_at.eq(current_time),
rdsl::device_name.eq(device_name),
))
.execute(&mut conn)
.await?;
use access_tokens::dsl as adsl;
insert_into(access_tokens::table)
.values((adsl::token.eq(&access_token), adsl::refresh_token.eq(&refresh_token), adsl::uuid.eq(uuid), adsl::created_at.eq(current_time)))
.values((
adsl::token.eq(&access_token),
adsl::refresh_token.eq(&refresh_token),
adsl::uuid.eq(uuid),
adsl::created_at.eq(current_time),
))
.execute(&mut conn)
.await?;

11
src/api/v1/auth/mod.rs
View file

@ -10,7 +10,7 @@ use regex::Regex;
use serde::Serialize;
use uuid::Uuid;
use crate::{error::Error, Conn, schema::access_tokens::dsl};
use crate::{Conn, error::Error, schema::access_tokens::dsl};
mod login;
mod refresh;
@ -39,10 +39,7 @@ pub fn web() -> Scope {
.service(revoke::res)
}
pub async fn check_access_token(
access_token: &str,
conn: &mut Conn,
) -> Result<Uuid, Error> {
pub async fn check_access_token(access_token: &str, conn: &mut Conn) -> Result<Uuid, Error> {
let (uuid, created_at): (Uuid, i64) = dsl::access_tokens
.filter(dsl::token.eq(access_token))
.select((dsl::uuid, dsl::created_at))
@ -56,9 +53,7 @@ pub async fn check_access_token(
}
})?;
let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH)?
.as_secs() as i64;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
let lifetime = current_time - created_at;

18
src/api/v1/auth/refresh.rs
View file

@ -1,11 +1,17 @@
use actix_web::{HttpRequest, HttpResponse, post, web};
use diesel::{delete, update, ExpressionMethods, QueryDsl};
use diesel::{ExpressionMethods, QueryDsl, delete, update};
use diesel_async::RunQueryDsl;
use log::error;
use std::time::{SystemTime, UNIX_EPOCH};
use crate::{
error::Error, schema::{access_tokens::{self, dsl}, refresh_tokens::{self, dsl as rdsl}}, utils::{generate_access_token, generate_refresh_token, refresh_token_cookie}, Data
Data,
error::Error,
schema::{
access_tokens::{self, dsl},
refresh_tokens::{self, dsl as rdsl},
},
utils::{generate_access_token, generate_refresh_token, refresh_token_cookie},
};
use super::Response;
@ -20,9 +26,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
let mut refresh_token = String::from(recv_refresh_token_cookie.unwrap().value());
let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH)?
.as_secs() as i64;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
let mut conn = data.pool.get().await?;
@ -52,9 +56,7 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
.finish());
}
let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH)?
.as_secs() as i64;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
if lifetime > 1987200 {
let new_refresh_token = generate_refresh_token();

18
src/api/v1/auth/register.rs
View file

@ -5,14 +5,22 @@ use argon2::{
PasswordHasher,
password_hash::{SaltString, rand_core::OsRng},
};
use diesel::{dsl::insert_into, ExpressionMethods};
use diesel::{ExpressionMethods, dsl::insert_into};
use diesel_async::RunQueryDsl;
use serde::{Deserialize, Serialize};
use uuid::Uuid;
use super::Response;
use crate::{
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, error::Error, schema::{access_tokens::{self, dsl as adsl}, refresh_tokens::{self, dsl as rdsl}, users::{self, dsl as udsl}}, utils::{generate_access_token, generate_refresh_token, refresh_token_cookie}, Data
Data,
api::v1::auth::{EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX},
error::Error,
schema::{
access_tokens::{self, dsl as adsl},
refresh_tokens::{self, dsl as rdsl},
users::{self, dsl as udsl},
},
utils::{generate_access_token, generate_refresh_token, refresh_token_cookie},
};
#[derive(Deserialize)]
@ -107,9 +115,7 @@ pub async fn res(
let refresh_token = generate_refresh_token()?;
let access_token = generate_access_token()?;
let current_time = SystemTime::now()
.duration_since(UNIX_EPOCH)?
.as_secs() as i64;
let current_time = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs() as i64;
insert_into(refresh_tokens::table)
.values((
@ -133,7 +139,7 @@ pub async fn res(
return Ok(HttpResponse::Ok()
.cookie(refresh_token_cookie(refresh_token))
.json(Response { access_token }))
.json(Response { access_token }));
}
Ok(HttpResponse::InternalServerError().finish())

18
src/api/v1/auth/revoke.rs
View file

@ -1,10 +1,17 @@
use actix_web::{HttpRequest, HttpResponse, post, web};
use argon2::{PasswordHash, PasswordVerifier};
use diesel::{delete, ExpressionMethods, QueryDsl};
use diesel::{ExpressionMethods, QueryDsl, delete};
use diesel_async::RunQueryDsl;
use serde::Deserialize;
use crate::{api::v1::auth::check_access_token, error::Error, schema::users::dsl as udsl, schema::refresh_tokens::{self, dsl as rdsl}, utils::get_auth_header, Data};
use crate::{
Data,
api::v1::auth::check_access_token,
error::Error,
schema::refresh_tokens::{self, dsl as rdsl},
schema::users::dsl as udsl,
utils::get_auth_header,
};
#[derive(Deserialize)]
struct RevokeRequest {
@ -33,14 +40,17 @@ pub async fn res(
.get_result(&mut conn)
.await?;
let hashed_password = PasswordHash::new(&database_password).map_err(|e| Error::PasswordHashError(e.to_string()))?;
let hashed_password = PasswordHash::new(&database_password)
.map_err(|e| Error::PasswordHashError(e.to_string()))?;
if data
.argon2
.verify_password(revoke_request.password.as_bytes(), &hashed_password)
.is_err()
{
return Err(Error::Unauthorized("Wrong username or password".to_string()));
return Err(Error::Unauthorized(
"Wrong username or password".to_string(),
));
}
delete(refresh_tokens::table)