refactor: flatten login function
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
This commit is contained in:
parent
0d07af7d79
commit
bcf857d6b2
1 changed files with 113 additions and 78 deletions
|
|
@ -49,13 +49,27 @@ pub async fn response(
|
||||||
}
|
}
|
||||||
|
|
||||||
if EMAIL_REGEX.is_match(&login_information.username) {
|
if EMAIL_REGEX.is_match(&login_information.username) {
|
||||||
if let Ok(row) =
|
let row =
|
||||||
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE email = $1")
|
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE email = $1")
|
||||||
.bind(login_information.username)
|
.bind(login_information.username)
|
||||||
.fetch_one(&data.pool)
|
.fetch_one(&data.pool)
|
||||||
.await
|
.await;
|
||||||
|
|
||||||
|
if let Err(error) = row {
|
||||||
|
if error.to_string()
|
||||||
|
== "no rows returned by a query that expected to return at least one row"
|
||||||
{
|
{
|
||||||
let (uuid, password): (String, String) = row;
|
return Ok(HttpResponse::Unauthorized().finish());
|
||||||
|
}
|
||||||
|
|
||||||
|
error!("{}", error);
|
||||||
|
return Ok(HttpResponse::InternalServerError().json(
|
||||||
|
r#"{ "error": "Unhandled exception occured, contact the server administrator" }"#,
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
let (uuid, password): (String, String) = row.unwrap();
|
||||||
|
|
||||||
return Ok(login(
|
return Ok(login(
|
||||||
data.clone(),
|
data.clone(),
|
||||||
uuid,
|
uuid,
|
||||||
|
|
@ -64,17 +78,28 @@ pub async fn response(
|
||||||
login_information.device_name,
|
login_information.device_name,
|
||||||
)
|
)
|
||||||
.await);
|
.await);
|
||||||
}
|
|
||||||
|
|
||||||
return Ok(HttpResponse::Unauthorized().finish());
|
|
||||||
} else if USERNAME_REGEX.is_match(&login_information.username) {
|
} else if USERNAME_REGEX.is_match(&login_information.username) {
|
||||||
if let Ok(row) =
|
let row =
|
||||||
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE username = $1")
|
sqlx::query_as("SELECT CAST(uuid as VARCHAR), password FROM users WHERE username = $1")
|
||||||
.bind(login_information.username)
|
.bind(login_information.username)
|
||||||
.fetch_one(&data.pool)
|
.fetch_one(&data.pool)
|
||||||
.await
|
.await;
|
||||||
|
|
||||||
|
if let Err(error) = row {
|
||||||
|
if error.to_string()
|
||||||
|
== "no rows returned by a query that expected to return at least one row"
|
||||||
{
|
{
|
||||||
let (uuid, password): (String, String) = row;
|
return Ok(HttpResponse::Unauthorized().finish());
|
||||||
|
}
|
||||||
|
|
||||||
|
error!("{}", error);
|
||||||
|
return Ok(HttpResponse::InternalServerError().json(
|
||||||
|
r#"{ "error": "Unhandled exception occured, contact the server administrator" }"#,
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
let (uuid, password): (String, String) = row.unwrap();
|
||||||
|
|
||||||
return Ok(login(
|
return Ok(login(
|
||||||
data.clone(),
|
data.clone(),
|
||||||
uuid,
|
uuid,
|
||||||
|
|
@ -85,9 +110,6 @@ pub async fn response(
|
||||||
.await);
|
.await);
|
||||||
}
|
}
|
||||||
|
|
||||||
return Ok(HttpResponse::Unauthorized().finish());
|
|
||||||
}
|
|
||||||
|
|
||||||
Ok(HttpResponse::Unauthorized().finish())
|
Ok(HttpResponse::Unauthorized().finish())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -98,62 +120,75 @@ async fn login(
|
||||||
database_password: String,
|
database_password: String,
|
||||||
device_name: String,
|
device_name: String,
|
||||||
) -> HttpResponse {
|
) -> HttpResponse {
|
||||||
if let Ok(parsed_hash) = PasswordHash::new(&database_password) {
|
let parsed_hash_raw = PasswordHash::new(&database_password);
|
||||||
|
|
||||||
|
if let Err(error) = parsed_hash_raw {
|
||||||
|
error!("{}", error);
|
||||||
|
return HttpResponse::InternalServerError().finish();
|
||||||
|
}
|
||||||
|
|
||||||
|
let parsed_hash = parsed_hash_raw.unwrap();
|
||||||
|
|
||||||
if data
|
if data
|
||||||
.argon2
|
.argon2
|
||||||
.verify_password(request_password.as_bytes(), &parsed_hash)
|
.verify_password(request_password.as_bytes(), &parsed_hash)
|
||||||
.is_ok()
|
.is_err()
|
||||||
{
|
{
|
||||||
let refresh_token = generate_refresh_token();
|
return HttpResponse::Unauthorized().finish();
|
||||||
let access_token = generate_access_token();
|
}
|
||||||
|
|
||||||
if refresh_token.is_err() {
|
let refresh_token_raw = generate_refresh_token();
|
||||||
error!("{}", refresh_token.unwrap_err());
|
let access_token_raw = generate_access_token();
|
||||||
|
|
||||||
|
if let Err(error) = refresh_token_raw {
|
||||||
|
error!("{}", error);
|
||||||
return HttpResponse::InternalServerError().finish();
|
return HttpResponse::InternalServerError().finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
let refresh_token = refresh_token.unwrap();
|
let refresh_token = refresh_token_raw.unwrap();
|
||||||
|
|
||||||
if access_token.is_err() {
|
if let Err(error) = access_token_raw {
|
||||||
error!("{}", access_token.unwrap_err());
|
error!("{}", error);
|
||||||
return HttpResponse::InternalServerError().finish();
|
return HttpResponse::InternalServerError().finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
let access_token = access_token.unwrap();
|
let access_token = access_token_raw.unwrap();
|
||||||
|
|
||||||
let current_time = SystemTime::now()
|
let current_time = SystemTime::now()
|
||||||
.duration_since(UNIX_EPOCH)
|
.duration_since(UNIX_EPOCH)
|
||||||
.unwrap()
|
.unwrap()
|
||||||
.as_secs() as i64;
|
.as_secs() as i64;
|
||||||
|
|
||||||
if let Err(error) = sqlx::query(&format!("INSERT INTO refresh_tokens (token, uuid, created, device_name) VALUES ($1, '{}', $2, $3 )", uuid))
|
if let Err(error) = sqlx::query(&format!(
|
||||||
|
"INSERT INTO refresh_tokens (token, uuid, created, device_name) VALUES ($1, '{}', $2, $3 )",
|
||||||
|
uuid
|
||||||
|
))
|
||||||
.bind(&refresh_token)
|
.bind(&refresh_token)
|
||||||
.bind(current_time)
|
.bind(current_time)
|
||||||
.bind(device_name)
|
.bind(device_name)
|
||||||
.execute(&data.pool)
|
.execute(&data.pool)
|
||||||
.await {
|
.await
|
||||||
|
{
|
||||||
error!("{}", error);
|
error!("{}", error);
|
||||||
return HttpResponse::InternalServerError().finish()
|
return HttpResponse::InternalServerError().finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
if let Err(error) = sqlx::query(&format!("INSERT INTO access_tokens (token, refresh_token, uuid, created) VALUES ($1, $2, '{}', $3 )", uuid))
|
if let Err(error) = sqlx::query(&format!(
|
||||||
|
"INSERT INTO access_tokens (token, refresh_token, uuid, created) VALUES ($1, $2, '{}', $3 )",
|
||||||
|
uuid
|
||||||
|
))
|
||||||
.bind(&access_token)
|
.bind(&access_token)
|
||||||
.bind(&refresh_token)
|
.bind(&refresh_token)
|
||||||
.bind(current_time)
|
.bind(current_time)
|
||||||
.execute(&data.pool)
|
.execute(&data.pool)
|
||||||
.await {
|
.await
|
||||||
|
{
|
||||||
error!("{}", error);
|
error!("{}", error);
|
||||||
return HttpResponse::InternalServerError().finish()
|
return HttpResponse::InternalServerError().finish()
|
||||||
}
|
}
|
||||||
|
|
||||||
return HttpResponse::Ok().json(Response {
|
HttpResponse::Ok().json(Response {
|
||||||
access_token,
|
access_token,
|
||||||
refresh_token,
|
refresh_token,
|
||||||
});
|
})
|
||||||
}
|
|
||||||
|
|
||||||
return HttpResponse::Unauthorized().finish();
|
|
||||||
}
|
|
||||||
|
|
||||||
HttpResponse::InternalServerError().finish()
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue