gorb/backend
4
0
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

style: cargo clippy && cargo fmt
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details
ci/woodpecker/push/publish-docs Pipeline was successful
Details

Browse source
This commit is contained in:
Radical 2025-05-30 21:17:30 +02:00
parent c9a3e8c6c4
commit d615f1392e
31 changed files with 288 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

2
build.rs
View file

@ -8,7 +8,7 @@ fn main() {
.output()
.ok()
.and_then(|o| String::from_utf8(o.stdout).ok())
.map(|s| s.trim().to_string()) // Trim newline
.map(|s| s.trim().to_string()) // Trim newline
.unwrap_or_else(|| "UNKNOWN".to_string());
// Tell Cargo to set `GIT_SHORT_HASH` for the main compilation

4
src/api/mod.rs
View file

@ -7,5 +7,7 @@ mod v1;
mod versions;
pub fn web(path: &str) -> Scope {
web::scope(path.trim_end_matches('/')).service(v1::web()).service(versions::get)
web::scope(path.trim_end_matches('/'))
.service(v1::web())
.service(versions::get)
}

4
src/api/v1/auth/login.rs
View file

@ -11,8 +11,8 @@ use crate::{
error::Error,
schema::*,
utils::{
PASSWORD_REGEX, generate_access_token, generate_refresh_token,
refresh_token_cookie, user_uuid_from_identifier
PASSWORD_REGEX, generate_access_token, generate_refresh_token, refresh_token_cookie,
user_uuid_from_identifier,
},
};

2
src/api/v1/auth/mod.rs
View file

@ -11,9 +11,9 @@ use crate::{Conn, error::Error, schema::access_tokens::dsl};
mod login;
mod refresh;
mod register;
mod reset_password;
mod revoke;
mod verify_email;
mod reset_password;
#[derive(Serialize)]
struct Response {

2
src/api/v1/auth/refresh.rs
View file

@ -61,8 +61,6 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
if lifetime > 1987200 {
let new_refresh_token = generate_refresh_token()?;
let new_refresh_token = new_refresh_token;
match update(refresh_tokens::table)
.filter(rdsl::token.eq(&refresh_token))
.set((

24
src/api/v1/auth/reset_password.rs
View file

@ -4,9 +4,7 @@ use actix_web::{HttpResponse, get, post, web};
use chrono::{Duration, Utc};
use serde::Deserialize;
use crate::{
error::Error, structs::PasswordResetToken, Data
};
use crate::{Data, error::Error, structs::PasswordResetToken};
#[derive(Deserialize)]
struct Query {
@ -27,17 +25,18 @@ struct Query {
/// 400 Bad request
///
#[get("/reset-password")]
pub async fn get(
query: web::Query<Query>,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
pub async fn get(query: web::Query<Query>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
if let Ok(password_reset_token) = PasswordResetToken::get_with_identifier(&mut conn, query.identifier.clone()).await {
if let Ok(password_reset_token) =
PasswordResetToken::get_with_identifier(&mut conn, query.identifier.clone()).await
{
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(1) {
password_reset_token.delete(&mut conn).await?;
} else {
return Err(Error::TooManyRequests("Please allow 1 hour before sending a new email".to_string()))
return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(),
));
}
}
@ -77,14 +76,17 @@ pub async fn post(
) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
let password_reset_token = PasswordResetToken::get(&mut conn, reset_password.token.clone()).await?;
let password_reset_token =
PasswordResetToken::get(&mut conn, reset_password.token.clone()).await?;
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(24) {
password_reset_token.delete(&mut conn).await?;
return Ok(HttpResponse::Gone().finish());
}
password_reset_token.set_password(&data, reset_password.password.clone()).await?;
password_reset_token
.set_password(&data, reset_password.password.clone())
.await?;
Ok(HttpResponse::Ok().finish())
}

17
src/api/v1/auth/verify_email.rs
View file

@ -5,7 +5,11 @@ use chrono::{Duration, Utc};
use serde::Deserialize;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{EmailToken, Me}, utils::get_auth_header, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{EmailToken, Me},
utils::get_auth_header,
};
#[derive(Deserialize)]
@ -71,10 +75,7 @@ pub async fn get(
/// 401 Unauthorized
///
#[post("/verify-email")]
pub async fn post(
req: HttpRequest,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
pub async fn post(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let headers = req.headers();
let auth_header = get_auth_header(headers)?;
@ -86,14 +87,16 @@ pub async fn post(
let me = Me::get(&mut conn, uuid).await?;
if me.email_verified {
return Ok(HttpResponse::NoContent().finish())
return Ok(HttpResponse::NoContent().finish());
}
if let Ok(email_token) = EmailToken::get(&mut conn, me.uuid).await {
if Utc::now().signed_duration_since(email_token.created_at) > Duration::hours(1) {
email_token.delete(&mut conn).await?;
} else {
return Err(Error::TooManyRequests("Please allow 1 hour before sending a new email".to_string()))
return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(),
));
}
}

2
src/api/v1/channels/mod.rs
View file

@ -1,4 +1,4 @@
use actix_web::{web, Scope};
use actix_web::{Scope, web};
mod uuid;

6
src/api/v1/channels/uuid/messages.rs
View file

@ -1,7 +1,11 @@
//! `/api/v1/channels/{uuid}/messages` Endpoints related to channel messages
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Channel, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Channel, Member},
utils::{get_auth_header, global_checks},
};
use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, web};

6
src/api/v1/channels/uuid/mod.rs
View file

@ -2,7 +2,11 @@ pub mod messages;
pub mod socket;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Channel, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Channel, Member},
utils::{get_auth_header, global_checks},
};
use actix_web::{HttpRequest, HttpResponse, delete, get, web};
use uuid::Uuid;

9
src/api/v1/channels/uuid/socket.rs
View file

@ -8,7 +8,10 @@ use futures_util::StreamExt as _;
use uuid::Uuid;
use crate::{
api::v1::auth::check_access_token, structs::{Channel, Member}, utils::{get_ws_protocol_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
structs::{Channel, Member},
utils::{get_ws_protocol_header, global_checks},
};
#[get("/{uuid}/socket")]
@ -71,9 +74,7 @@ pub async fn ws(
Ok(AggregatedMessage::Text(text)) => {
let mut conn = data.cache_pool.get_multiplexed_tokio_connection().await?;
let message = channel
.new_message(&data, uuid, text.to_string())
.await?;
let message = channel.new_message(&data, uuid, text.to_string()).await?;
redis::cmd("PUBLISH")
.arg(&[channel_uuid.to_string(), serde_json::to_string(&message)?])

13
src/api/v1/guilds/mod.rs
View file

@ -6,7 +6,11 @@ use serde::Deserialize;
mod uuid;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Guild, StartAmountQuery}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, StartAmountQuery},
utils::{get_auth_header, global_checks},
};
#[derive(Deserialize)]
@ -59,12 +63,7 @@ pub async fn post(
let uuid = check_access_token(auth_header, &mut conn).await?;
let guild = Guild::new(
&mut conn,
guild_info.name.clone(),
uuid,
)
.await?;
let guild = Guild::new(&mut conn, guild_info.name.clone(), uuid).await?;
Ok(HttpResponse::Ok().json(guild))
}

6
src/api/v1/guilds/uuid/channels.rs
View file

@ -1,5 +1,9 @@
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Channel, Member}, utils::{get_auth_header, global_checks, order_by_is_above}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Channel, Member},
utils::{get_auth_header, global_checks, order_by_is_above},
};
use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, post, web};

6
src/api/v1/guilds/uuid/icon.rs
View file

@ -5,7 +5,11 @@ use futures_util::StreamExt as _;
use uuid::Uuid;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Guild, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Member},
utils::{get_auth_header, global_checks},
};
/// `PUT /api/v1/guilds/{uuid}/icon` Icon upload

6
src/api/v1/guilds/uuid/invites/mod.rs
View file

@ -3,7 +3,11 @@ use serde::Deserialize;
use uuid::Uuid;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Guild, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Member},
utils::{get_auth_header, global_checks},
};
#[derive(Deserialize)]

6
src/api/v1/guilds/uuid/members.rs
View file

@ -1,5 +1,9 @@
use crate::{
api::v1::auth::check_access_token, error::Error, structs::Member, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::Member,
utils::{get_auth_header, global_checks},
};
use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, web};

8
src/api/v1/guilds/uuid/mod.rs
View file

@ -6,11 +6,15 @@ use uuid::Uuid;
mod channels;
mod icon;
mod invites;
mod roles;
mod members;
mod roles;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Guild, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Member},
utils::{get_auth_header, global_checks},
};
pub fn web() -> Scope {

6
src/api/v1/guilds/uuid/roles/mod.rs
View file

@ -3,7 +3,11 @@ use actix_web::{HttpRequest, HttpResponse, get, post, web};
use serde::Deserialize;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Member, Role}, utils::{get_auth_header, global_checks, order_by_is_above}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Member, Role},
utils::{get_auth_header, global_checks, order_by_is_above},
};
pub mod uuid;

6
src/api/v1/guilds/uuid/roles/uuid.rs
View file

@ -1,5 +1,9 @@
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Member, Role}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Member, Role},
utils::{get_auth_header, global_checks},
};
use ::uuid::Uuid;
use actix_web::{HttpRequest, HttpResponse, get, web};

11
src/api/v1/invites/id.rs
View file

@ -1,14 +1,15 @@
use actix_web::{HttpRequest, HttpResponse, get, post, web};
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{Guild, Invite, Member}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{Guild, Invite, Member},
utils::{get_auth_header, global_checks},
};
#[get("{id}")]
pub async fn get(
path: web::Path<(String,)>,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
pub async fn get(path: web::Path<(String,)>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
let invite_id = path.into_inner().0;

11
src/api/v1/me/guilds.rs
View file

@ -1,9 +1,14 @@
//! `/api/v1/me/guilds` Contains endpoint related to guild memberships
use actix_web::{get, web, HttpRequest, HttpResponse};
use crate::{api::v1::auth::check_access_token, error::Error, structs::Me, utils::{get_auth_header, global_checks}, Data};
use actix_web::{HttpRequest, HttpResponse, get, web};
use crate::{
Data,
api::v1::auth::check_access_token,
error::Error,
structs::Me,
utils::{get_auth_header, global_checks},
};
/// `GET /api/v1/me/guilds` Returns all guild memberships in a list
///

14
src/api/v1/me/mod.rs
View file

@ -3,7 +3,11 @@ use actix_web::{HttpRequest, HttpResponse, Scope, get, patch, web};
use serde::Deserialize;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::Me, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::Me,
utils::{get_auth_header, global_checks},
};
mod guilds;
@ -59,7 +63,13 @@ pub async fn update(
let uuid = check_access_token(auth_header, &mut conn).await?;
if form.avatar.is_some() || form.json.0.clone().is_some_and(|ni| ni.username.is_some() || ni.display_name.is_some()) {
if form.avatar.is_some()
|| form
.json
.0
.clone()
.is_some_and(|ni| ni.username.is_some() || ni.display_name.is_some())
{
global_checks(&data, uuid).await?;
}

4
src/api/v1/mod.rs
View file

@ -4,11 +4,11 @@ use actix_web::{Scope, web};
mod auth;
mod channels;
mod invites;
mod guilds;
mod invites;
mod me;
mod stats;
mod users;
mod me;
pub fn web() -> Scope {
web::scope("/v1")

10
src/api/v1/users/mod.rs
View file

@ -3,15 +3,17 @@
use actix_web::{HttpRequest, HttpResponse, Scope, get, web};
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{StartAmountQuery, User}, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{StartAmountQuery, User},
utils::{get_auth_header, global_checks},
};
mod uuid;
pub fn web() -> Scope {
web::scope("/users")
.service(get)
.service(uuid::get)
web::scope("/users").service(get).service(uuid::get)
}
/// `GET /api/v1/users` Returns all users on this instance

6
src/api/v1/users/uuid.rs
View file

@ -4,7 +4,11 @@ use actix_web::{HttpRequest, HttpResponse, get, web};
use uuid::Uuid;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::User, utils::{get_auth_header, global_checks}, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::User,
utils::{get_auth_header, global_checks},
};
/// `GET /api/v1/users/{uuid}` Returns user with the given UUID

4
src/error.rs
View file

@ -12,6 +12,9 @@ use bunny_api_tokio::error::Error as BunnyError;
use deadpool::managed::{BuildError, PoolError};
use diesel::{ConnectionError, result::Error as DieselError};
use diesel_async::pooled_connection::PoolError as DieselPoolError;
use lettre::{
address::AddressError, error::Error as EmailError, transport::smtp::Error as SmtpError,
};
use log::{debug, error};
use redis::RedisError;
use serde::Serialize;
@ -19,7 +22,6 @@ use serde_json::Error as JsonError;
use thiserror::Error;
use tokio::task::JoinError;
use toml::de::Error as TomlError;
use lettre::{error::Error as EmailError, address::AddressError, transport::smtp::Error as SmtpError};
#[derive(Debug, Error)]
pub enum Error {

9
src/main.rs
View file

@ -6,8 +6,8 @@ use diesel_async::pooled_connection::AsyncDieselConnectionManager;
use diesel_async::pooled_connection::deadpool::Pool;
use error::Error;
use simple_logger::SimpleLogger;
use structs::MailClient;
use std::time::SystemTime;
use structs::MailClient;
mod config;
use config::{Config, ConfigBuilder};
use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations};
@ -76,7 +76,12 @@ async fn main() -> Result<(), Error> {
let mail = config.mail.clone();
let mail_client = MailClient::new(mail.smtp.credentials(), mail.smtp.server, mail.address, mail.tls)?;
let mail_client = MailClient::new(
mail.smtp.credentials(),
mail.smtp.server,
mail.address,
mail.tls,
)?;
let database_url = config.database.url();

128
src/structs.rs
View file

@ -1,22 +1,36 @@
use actix_web::web::BytesMut;
use argon2::{
PasswordHasher,
password_hash::{SaltString, rand_core::OsRng},
};
use chrono::Utc;
use diesel::{
delete, dsl::now, insert_into, prelude::{Insertable, Queryable}, update, ExpressionMethods, QueryDsl, Selectable, SelectableHelper
ExpressionMethods, QueryDsl, Selectable, SelectableHelper, delete,
dsl::now,
insert_into,
prelude::{Insertable, Queryable},
update,
};
use diesel_async::{RunQueryDsl, pooled_connection::AsyncDieselConnectionManager};
use lettre::{message::{Mailbox, MessageBuilder as EmailBuilder, MultiPart}, transport::smtp::authentication::Credentials, AsyncSmtpTransport, AsyncTransport, Message as Email, Tokio1Executor};
use lettre::{
AsyncSmtpTransport, AsyncTransport, Message as Email, Tokio1Executor,
message::{Mailbox, MessageBuilder as EmailBuilder, MultiPart},
transport::smtp::authentication::Credentials,
};
use log::debug;
use serde::{Deserialize, Serialize};
use tokio::task;
use url::Url;
use uuid::Uuid;
use argon2::{
PasswordHasher,
password_hash::{SaltString, rand_core::OsRng},
};
use crate::{
error::Error, schema::*, utils::{generate_refresh_token, global_checks, image_check, order_by_is_above, user_uuid_from_identifier, EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX}, Conn, Data
Conn, Data,
error::Error,
schema::*,
utils::{
EMAIL_REGEX, PASSWORD_REGEX, USERNAME_REGEX, generate_refresh_token, global_checks,
image_check, order_by_is_above, user_uuid_from_identifier,
},
};
pub trait HasUuid {
@ -61,7 +75,12 @@ pub struct MailClient {
}
impl MailClient {
pub fn new<T: Into<MailTls>>(creds: Credentials, smtp_server: String, mbox: String, tls: T) -> Result<Self, Error> {
pub fn new<T: Into<MailTls>>(
creds: Credentials,
smtp_server: String,
mbox: String,
tls: T,
) -> Result<Self, Error> {
Ok(Self {
creds,
smtp_server,
@ -71,15 +90,16 @@ impl MailClient {
}
pub fn message_builder(&self) -> EmailBuilder {
Email::builder()
.from(self.mbox.clone())
Email::builder().from(self.mbox.clone())
}
pub async fn send_mail(&self, email: Email) -> Result<(), Error> {
let mailer: AsyncSmtpTransport<Tokio1Executor> = match self.tls {
MailTls::StartTls => AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.smtp_server)?
.credentials(self.creds.clone())
.build(),
MailTls::StartTls => {
AsyncSmtpTransport::<Tokio1Executor>::starttls_relay(&self.smtp_server)?
.credentials(self.creds.clone())
.build()
}
MailTls::Tls => AsyncSmtpTransport::<Tokio1Executor>::relay(&self.smtp_server)?
.credentials(self.creds.clone())
.build(),
@ -256,7 +276,11 @@ impl Channel {
data.set_cache_key(channel_uuid.to_string(), channel.clone(), 1800)
.await?;
if let Ok(_) = data.get_cache_key(format!("{}_channels", guild_uuid)).await {
if data
.get_cache_key(format!("{}_channels", guild_uuid))
.await
.is_ok()
{
data.del_cache_key(format!("{}_channels", guild_uuid))
.await?;
}
@ -273,7 +297,7 @@ impl Channel {
.execute(&mut conn)
.await?;
if let Ok(_) = data.get_cache_key(self.uuid.to_string()).await {
if data.get_cache_key(self.uuid.to_string()).await.is_ok() {
data.del_cache_key(self.uuid.to_string()).await?;
}
@ -300,9 +324,7 @@ impl Channel {
.await,
)?;
let message_futures = messages.iter().map(async move |b| {
b.build(data).await
});
let message_futures = messages.iter().map(async move |b| b.build(data).await);
futures::future::try_join_all(message_futures).await
}
@ -708,7 +730,11 @@ impl Member {
Ok(count)
}
pub async fn check_membership(conn: &mut Conn, user_uuid: Uuid, guild_uuid: Uuid) -> Result<(), Error> {
pub async fn check_membership(
conn: &mut Conn,
user_uuid: Uuid,
guild_uuid: Uuid,
) -> Result<(), Error> {
use guild_members::dsl;
dsl::guild_members
.filter(dsl::user_uuid.eq(user_uuid))
@ -720,11 +746,7 @@ impl Member {
Ok(())
}
pub async fn fetch_one(
data: &Data,
user_uuid: Uuid,
guild_uuid: Uuid,
) -> Result<Self, Error> {
pub async fn fetch_one(data: &Data, user_uuid: Uuid, guild_uuid: Uuid) -> Result<Self, Error> {
let mut conn = data.pool.get().await?;
use guild_members::dsl;
@ -747,12 +769,12 @@ impl Member {
.filter(dsl::guild_uuid.eq(guild_uuid))
.select(MemberBuilder::as_select())
.load(&mut conn)
.await
.await,
)?;
let member_futures = member_builders.iter().map(async move |m| {
m.build(data).await
});
let member_futures = member_builders
.iter()
.map(async move |m| m.build(data).await);
futures::future::try_join_all(member_futures).await
}
@ -921,15 +943,16 @@ impl Me {
let user = User::fetch_one(data, self.uuid).await?;
let memberships = member_builders.iter().map(|m| {
Member {
let memberships = member_builders
.iter()
.map(|m| Member {
uuid: m.uuid,
nickname: m.nickname.clone(),
user_uuid: m.user_uuid,
guild_uuid: m.guild_uuid,
user: user.clone(),
}
}).collect();
})
.collect();
Ok(memberships)
}
@ -1070,6 +1093,7 @@ impl EmailToken {
Ok(email_token)
}
#[allow(clippy::new_ret_no_self)]
pub async fn new(data: &Data, me: Me) -> Result<(), Error> {
let token = generate_refresh_token()?;
@ -1077,7 +1101,11 @@ impl EmailToken {
use email_tokens::dsl;
insert_into(email_tokens::table)
.values((dsl::user_uuid.eq(me.uuid), dsl::token.eq(&token), dsl::created_at.eq(now)))
.values((
dsl::user_uuid.eq(me.uuid),
dsl::token.eq(&token),
dsl::created_at.eq(now),
))
.execute(&mut conn)
.await?;
@ -1095,10 +1123,7 @@ impl EmailToken {
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root{{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark){{:root{{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px){{.container{{width: 100%;}}}}body{{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header{{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button{{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover{{background-color: var(--secondary-colour);}}.content{{padding: 20px 30px;}}.footer{{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>Verify your {} Account</h1></div><div class="content"><h2>Hello, {}!</h2><p>Thanks for creating a new account on Gorb.</p><p>The final step to create your account is to verify your email address by clicking the button below, within 24 hours.</p><a href="{}" class="verify-button">VERIFY ACCOUNT</a><p>If you didn't ask to verify this address, you can safely ignore this email.</p><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, me.username, verify_endpoint)
))?;
data
.mail_client
.send_mail(email)
.await?;
data.mail_client.send_mail(email).await?;
Ok(())
}
@ -1136,7 +1161,10 @@ impl PasswordResetToken {
Ok(password_reset_token)
}
pub async fn get_with_identifier(conn: &mut Conn, identifier: String) -> Result<PasswordResetToken, Error> {
pub async fn get_with_identifier(
conn: &mut Conn,
identifier: String,
) -> Result<PasswordResetToken, Error> {
let user_uuid = user_uuid_from_identifier(conn, &identifier).await?;
use password_reset_tokens::dsl;
@ -1149,6 +1177,7 @@ impl PasswordResetToken {
Ok(password_reset_token)
}
#[allow(clippy::new_ret_no_self)]
pub async fn new(data: &Data, identifier: String) -> Result<(), Error> {
let token = generate_refresh_token()?;
@ -1156,7 +1185,7 @@ impl PasswordResetToken {
let user_uuid = user_uuid_from_identifier(&mut conn, &identifier).await?;
global_checks(&data, user_uuid).await?;
global_checks(data, user_uuid).await?;
use users::dsl as udsl;
let (username, email_address): (String, String) = udsl::users
@ -1167,7 +1196,11 @@ impl PasswordResetToken {
use password_reset_tokens::dsl;
insert_into(password_reset_tokens::table)
.values((dsl::user_uuid.eq(user_uuid), dsl::token.eq(&token), dsl::created_at.eq(now)))
.values((
dsl::user_uuid.eq(user_uuid),
dsl::token.eq(&token),
dsl::created_at.eq(now),
))
.execute(&mut conn)
.await?;
@ -1185,17 +1218,16 @@ impl PasswordResetToken {
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root {{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark) {{:root {{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px) {{.container {{width: 100%;}}}}body {{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header {{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button {{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover {{background-color: var(--secondary-colour);}}.content {{padding: 20px 30px;}}.footer {{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>{} Password Reset</h1></div><div class="content"><h2>Hello, {}!</h2><p>Someone requested a password reset for your Gorb account.</p><p>Click the button below within 24 hours to reset your password.</p><a href="{}" class="verify-button">RESET PASSWORD</a><p>If you didn't request a password reset, don't worry, your account is safe and you can safely ignore this email.</p><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, username, reset_endpoint)
))?;
data
.mail_client
.send_mail(email)
.await?;
data.mail_client.send_mail(email).await?;
Ok(())
}
pub async fn set_password(&self, data: &Data, password: String) -> Result<(), Error> {
if !PASSWORD_REGEX.is_match(&password) {
return Err(Error::BadRequest("Please provide a valid password".to_string()))
return Err(Error::BadRequest(
"Please provide a valid password".to_string(),
));
}
let salt = SaltString::generate(&mut OsRng);
@ -1232,10 +1264,7 @@ impl PasswordResetToken {
format!(r#"<html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><style>:root {{--header-text-colour: #ffffff;--footer-text-colour: #7f7f7f;--button-text-colour: #170e08;--text-colour: #170e08;--background-colour: #fbf6f2;--primary-colour: #df5f0b;--secondary-colour: #e8ac84;--accent-colour: #e68b4e;}}@media (prefers-color-scheme: dark) {{:root {{--header-text-colour: #ffffff;--footer-text-colour: #585858;--button-text-colour: #ffffff;--text-colour: #f7eee8;--background-colour: #0c0704;--primary-colour: #f4741f;--secondary-colour: #7c4018;--accent-colour: #b35719;}}}}@media (max-width: 600px) {{.container {{width: 100%;}}}}body {{font-family: Arial, sans-serif;align-content: center;text-align: center;margin: 0;padding: 0;background-color: var(--background-colour);color: var(--text-colour);width: 100%;max-width: 600px;margin: 0 auto;border-radius: 5px;}}.header {{background-color: var(--primary-colour);color: var(--header-text-colour);padding: 20px;}}.verify-button {{background-color: var(--accent-colour);color: var(--button-text-colour);padding: 12px 30px;margin: 16px;font-size: 20px;transition: background-color 0.3s;cursor: pointer;border: none;border-radius: 14px;text-decoration: none;display: inline-block;}}.verify-button:hover {{background-color: var(--secondary-colour);}}.content {{padding: 20px 30px;}}.footer {{padding: 10px;font-size: 12px;color: var(--footer-text-colour);}}</style></head><body><div class="container"><div class="header"><h1>{} Password Reset Confirmation</h1></div><div class="content"><h2>Hello, {}!</h2><p>Your password has been successfully reset for your Gorb account.</p><p>If you did not initiate this change, please click the button below to reset your password <strong>immediately</strong>.</p><a href="{}" class="verify-button">RESET PASSWORD</a><div class="footer"><p>Thanks<br>The gorb team.</p></div></div></div></body></html>"#, data.config.instance.name, username, login_page)
))?;
data
.mail_client
.send_mail(email)
.await?;
data.mail_client.send_mail(email).await?;
self.delete(&mut conn).await
}
@ -1251,4 +1280,3 @@ impl PasswordResetToken {
Ok(())
}
}

47
src/utils.rs
View file

@ -16,7 +16,10 @@ use serde::Serialize;
use uuid::Uuid;
use crate::{
error::Error, schema::users, structs::{HasIsAbove, HasUuid}, Conn, Data
Conn, Data,
error::Error,
schema::users,
structs::{HasIsAbove, HasUuid},
};
pub static EMAIL_REGEX: LazyLock<Regex> = LazyLock::new(|| {
@ -137,27 +140,32 @@ pub fn image_check(icon: BytesMut) -> Result<String, Error> {
))
}
pub async fn user_uuid_from_identifier(conn: &mut Conn, identifier: &String) -> Result<Uuid, Error> {
pub async fn user_uuid_from_identifier(
conn: &mut Conn,
identifier: &String,
) -> Result<Uuid, Error> {
if EMAIL_REGEX.is_match(identifier) {
use users::dsl;
let user_uuid = dsl::users
.filter(dsl::email.eq(identifier))
.select(dsl::uuid)
.get_result(conn)
.await?;
use users::dsl;
let user_uuid = dsl::users
.filter(dsl::email.eq(identifier))
.select(dsl::uuid)
.get_result(conn)
.await?;
Ok(user_uuid)
Ok(user_uuid)
} else if USERNAME_REGEX.is_match(identifier) {
use users::dsl;
let user_uuid = dsl::users
.filter(dsl::username.eq(identifier))
.select(dsl::uuid)
.get_result(conn)
.await?;
use users::dsl;
let user_uuid = dsl::users
.filter(dsl::username.eq(identifier))
.select(dsl::uuid)
.get_result(conn)
.await?;
Ok(user_uuid)
Ok(user_uuid)
} else {
Err(Error::BadRequest("Please provide a valid username or email".to_string()))
Err(Error::BadRequest(
"Please provide a valid username or email".to_string(),
))
}
}
@ -173,11 +181,12 @@ pub async fn global_checks(data: &Data, user_uuid: Uuid) -> Result<(), Error> {
.await?;
if !email_verified {
return Err(Error::Forbidden("server requires email verification".to_string()))
return Err(Error::Forbidden(
"server requires email verification".to_string(),
));
}
}
Ok(())
}