From 5e861336515e44be39404238ba8b54c448cd3fb1 Mon Sep 17 00:00:00 2001 From: Jef Roosens Date: Fri, 20 Aug 2021 16:52:58 +0200 Subject: [PATCH] Started some auth stuff --- Cargo.lock | 61 +++++++++++++++++++ Cargo.toml | 12 +++- .../2021-08-20-110251_users-and-auth/down.sql | 3 +- .../2021-08-20-110251_users-and-auth/up.sql | 16 ++++- src/rb/lib.rs | 7 ++- src/rb/schema.rs | 44 +++++++++++++ src/rbs/auth.rs | 17 ++++++ src/rbs/main.rs | 2 + 8 files changed, 153 insertions(+), 9 deletions(-) create mode 100644 src/rb/schema.rs create mode 100644 src/rbs/auth.rs diff --git a/Cargo.lock b/Cargo.lock index 3d92928..c1ae49e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2,6 +2,18 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "arrayref" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544" + +[[package]] +name = "arrayvec" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b" + [[package]] name = "async-stream" version = "0.3.2" @@ -66,6 +78,12 @@ version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4521f3e3d031370679b3b140beb36dfe4801b09ac77e30c61941f97df3ef28b" +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + [[package]] name = "binascii" version = "0.1.4" @@ -78,6 +96,17 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "blake2b_simd" +version = "0.5.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587" +dependencies = [ + "arrayref", + "arrayvec", + "constant_time_eq", +] + [[package]] name = "bumpalo" version = "3.7.0" @@ -114,6 +143,12 @@ version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f92cfa0fd5690b3cf8c1ef2cabbd9b7ef22fa53cf5e1f92b05103f6d5d1cf6e7" +[[package]] +name = "constant_time_eq" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" + [[package]] name = "cookie" version = "0.15.1" @@ -125,6 +160,16 @@ dependencies = [ "version_check", ] +[[package]] +name = "crossbeam-utils" +version = "0.8.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d82cfc11ce7f2c3faef78d8a684447b40d503d9681acebed6cb728d45940c4db" +dependencies = [ + "cfg-if", + "lazy_static", +] + [[package]] name = "devise" version = "0.3.1" @@ -912,6 +957,7 @@ dependencies = [ "rocket_codegen", "rocket_http", "serde", + "serde_json", "state", "tempfile", "time", @@ -991,6 +1037,18 @@ dependencies = [ "quote", ] +[[package]] +name = "rust-argon2" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb" +dependencies = [ + "base64", + "blake2b_simd", + "constant_time_eq", + "crossbeam-utils", +] + [[package]] name = "rustc_version" version = "0.2.3" @@ -1013,8 +1071,11 @@ dependencies = [ "diesel", "diesel_migrations", "openssl", + "rand", "rocket", "rocket_sync_db_pools", + "rust-argon2", + "serde", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 85a4ffa..319fd55 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,8 +15,6 @@ path = "src/rbs/main.rs" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -# Backend web framework -rocket = "0.5.0-rc.1" # ORM diesel = { version = "1.4.7", features = ["postgres"] } diesel_migrations = "1.4.0" @@ -26,6 +24,16 @@ openssl = "0.10.36" rust-argon2 = "0.8.3" rand = "0.8.4" +# Backend web framework +[dependencies.rocket] +version = "0.5.0-rc.1" +features = [ "json" ] + +# Used to (de)serialize JSON +[dependencies.serde] +version = "1.0.127" +features = ["derive"] + # Used to provide Rocket routes with database connections [dependencies.rocket_sync_db_pools] version = "0.1.0-rc.1" diff --git a/migrations/2021-08-20-110251_users-and-auth/down.sql b/migrations/2021-08-20-110251_users-and-auth/down.sql index 291a97c..08e4440 100644 --- a/migrations/2021-08-20-110251_users-and-auth/down.sql +++ b/migrations/2021-08-20-110251_users-and-auth/down.sql @@ -1 +1,2 @@ --- This file should undo anything in `up.sql` \ No newline at end of file +-- This file should undo anything in `up.sql` +DROP TABLE IF EXISTS users, permissions, refresh_tokens, security_reports CASCADE; diff --git a/migrations/2021-08-20-110251_users-and-auth/up.sql b/migrations/2021-08-20-110251_users-and-auth/up.sql index 451d3b3..76de073 100644 --- a/migrations/2021-08-20-110251_users-and-auth/up.sql +++ b/migrations/2021-08-20-110251_users-and-auth/up.sql @@ -6,7 +6,7 @@ CREATE TABLE users ( -- Hashed + salted representation of the username password text NOT NULL, -- Wether the user is currently blocked - blocked boolean DEFAULT false + blocked boolean NOT NULL DEFAULT false ); -- Permissions that a user can have @@ -14,12 +14,22 @@ CREATE TABLE permissions ( id uuid DEFAULT gen_random_uuid() PRIMARY KEY, user_id uuid REFERENCES users (id) NOT NULL, - name varchar NOT NULL, + name varchar(64) NOT NULL, UNIQUE (user_id, name) ); --- TODO security reports table (e.g. when a user is blocked) +-- Security reports (e.g. when a user is blocked) +CREATE TABLE security_reports ( + id uuid DEFAULT gen_random_uuid() PRIMARY KEY, + + -- When the report was made + report_time timestamp NOT NULL DEFAULT now(), + -- What type of report it is + report_type varchar(64) NOT NULL, + -- Contents of the report + content TEXT NOT NULL +); -- Stores refresh tokens CREATE TABLE refresh_tokens ( diff --git a/src/rb/lib.rs b/src/rb/lib.rs index 4cb480e..5dcc829 100644 --- a/src/rb/lib.rs +++ b/src/rb/lib.rs @@ -1,3 +1,4 @@ -pub fn yeet() -> String { - String::from("yeet") -} +pub const PERM_CODES: [&str; 2] = [ + "modify-blog-posts", + "modify-users" +]; diff --git a/src/rb/schema.rs b/src/rb/schema.rs new file mode 100644 index 0000000..6b8f42b --- /dev/null +++ b/src/rb/schema.rs @@ -0,0 +1,44 @@ +table! { + permissions (id) { + id -> Uuid, + user_id -> Uuid, + name -> Varchar, + } +} + +table! { + refresh_tokens (token) { + token -> Bytea, + user_id -> Uuid, + expires_at -> Timestamp, + last_used_at -> Nullable, + } +} + +table! { + security_reports (id) { + id -> Uuid, + report_time -> Timestamp, + report_type -> Varchar, + content -> Text, + } +} + +table! { + users (id) { + id -> Uuid, + username -> Varchar, + password -> Text, + blocked -> Bool, + } +} + +joinable!(permissions -> users (user_id)); +joinable!(refresh_tokens -> users (user_id)); + +allow_tables_to_appear_in_same_query!( + permissions, + refresh_tokens, + security_reports, + users, +); diff --git a/src/rbs/auth.rs b/src/rbs/auth.rs new file mode 100644 index 0000000..b3c3319 --- /dev/null +++ b/src/rbs/auth.rs @@ -0,0 +1,17 @@ +use crate::RbDbConn; +use serde::Deserialize; +use rocket::serde::json::Json; + +#[derive(Deserialize)] +struct Credentials { + username: String, + password: String +} + +#[post("/login", data="")] +async fn login(conn: RbDbConn, credentials: Json) { + +} + +// /refresh +// /logout diff --git a/src/rbs/main.rs b/src/rbs/main.rs index e0186ce..9167d8e 100644 --- a/src/rbs/main.rs +++ b/src/rbs/main.rs @@ -8,6 +8,8 @@ extern crate openssl; use rocket::{fairing::AdHoc, Build, Rocket}; use rocket_sync_db_pools::{database, diesel}; +mod auth; + embed_migrations!(); #[database("postgres_rb")]