2021-08-29 20:30:33 +02:00
|
|
|
use argon2::verify_encoded;
|
2021-09-01 12:50:33 +02:00
|
|
|
use diesel::PgConnection;
|
2021-08-29 20:30:33 +02:00
|
|
|
use rand::{thread_rng, Rng};
|
|
|
|
|
|
|
|
use crate::{
|
2021-09-01 12:50:33 +02:00
|
|
|
db,
|
2021-08-29 20:41:03 +02:00
|
|
|
errors::{RbError, RbResult},
|
2021-08-29 20:30:33 +02:00
|
|
|
};
|
|
|
|
|
2021-09-01 12:50:33 +02:00
|
|
|
pub fn verify_user(conn: &PgConnection, username: &str, password: &str) -> RbResult<db::User>
|
2021-08-29 20:30:33 +02:00
|
|
|
{
|
|
|
|
// TODO handle non-"NotFound" Diesel errors accordingely
|
2021-09-01 12:50:33 +02:00
|
|
|
let user = db::users::find_by_username(conn, username).map_err(|_| RbError::AuthUnknownUser)?;
|
2021-08-29 20:30:33 +02:00
|
|
|
|
|
|
|
// Check if a user is blocked
|
|
|
|
if user.blocked {
|
|
|
|
return Err(RbError::AuthBlockedUser);
|
|
|
|
}
|
|
|
|
|
|
|
|
match verify_encoded(user.password.as_str(), password.as_bytes()) {
|
|
|
|
Ok(true) => Ok(user),
|
|
|
|
_ => Err(RbError::AuthInvalidPassword),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn hash_password(password: &str) -> RbResult<String>
|
|
|
|
{
|
|
|
|
// Generate a random salt
|
|
|
|
let mut salt = [0u8; 64];
|
|
|
|
thread_rng().fill(&mut salt[..]);
|
|
|
|
|
|
|
|
// Encode the actual password
|
|
|
|
let config = argon2::Config::default();
|
|
|
|
argon2::hash_encoded(password.as_bytes(), &salt, &config)
|
|
|
|
.map_err(|_| RbError::Custom("Couldn't hash password."))
|
|
|
|
}
|