Started some auth stuff

2021-08-20 16:52:58 +02:00 · 2021-08-20 16:52:58 +02:00 · 5e86133651
parent eefaf7acaa
commit 5e86133651
8 changed files with 153 additions and 9 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2,6 +2,18 @@
 # It is not intended for manual editing.
 version = 3

+[[package]]
+name = "arrayref"
+version = "0.3.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
+
+[[package]]
+name = "arrayvec"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b"
+
 [[package]]
 name = "async-stream"
 version = "0.3.2"
@ -66,6 +78,12 @@ version = "0.2.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a4521f3e3d031370679b3b140beb36dfe4801b09ac77e30c61941f97df3ef28b"

+[[package]]
+name = "base64"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
+
 [[package]]
 name = "binascii"
 version = "0.1.4"
@ -78,6 +96,17 @@ version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"

+[[package]]
+name = "blake2b_simd"
+version = "0.5.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
+dependencies = [
+ "arrayref",
+ "arrayvec",
+ "constant_time_eq",
+]
+
 [[package]]
 name = "bumpalo"
 version = "3.7.0"
@ -114,6 +143,12 @@ version = "0.4.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f92cfa0fd5690b3cf8c1ef2cabbd9b7ef22fa53cf5e1f92b05103f6d5d1cf6e7"

+[[package]]
+name = "constant_time_eq"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
+
 [[package]]
 name = "cookie"
 version = "0.15.1"
@ -125,6 +160,16 @@ dependencies = [
 "version_check",
 ]

+[[package]]
+name = "crossbeam-utils"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d82cfc11ce7f2c3faef78d8a684447b40d503d9681acebed6cb728d45940c4db"
+dependencies = [
+ "cfg-if",
+ "lazy_static",
+]
+
 [[package]]
 name = "devise"
 version = "0.3.1"
@ -912,6 +957,7 @@ dependencies = [
 "rocket_codegen",
 "rocket_http",
 "serde",
+ "serde_json",
 "state",
 "tempfile",
 "time",
@ -991,6 +1037,18 @@ dependencies = [
 "quote",
 ]

+[[package]]
+name = "rust-argon2"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
+dependencies = [
+ "base64",
+ "blake2b_simd",
+ "constant_time_eq",
+ "crossbeam-utils",
+]
+
 [[package]]
 name = "rustc_version"
 version = "0.2.3"
@ -1013,8 +1071,11 @@ dependencies = [
 "diesel",
 "diesel_migrations",
 "openssl",
+ "rand",
 "rocket",
 "rocket_sync_db_pools",
+ "rust-argon2",
+ "serde",
 ]

 [[package]]
--- a/Cargo.toml
+++ b/Cargo.toml
@ -15,8 +15,6 @@ path = "src/rbs/main.rs"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

 [dependencies]
-# Backend web framework
-rocket = "0.5.0-rc.1"
 # ORM
 diesel = { version = "1.4.7", features = ["postgres"] }
 diesel_migrations = "1.4.0"
@ -26,6 +24,16 @@ openssl = "0.10.36"
 rust-argon2 = "0.8.3"
 rand = "0.8.4"

+# Backend web framework
+[dependencies.rocket]
+version = "0.5.0-rc.1"
+features = [ "json" ]
+
+# Used to (de)serialize JSON
+[dependencies.serde]
+version = "1.0.127"
+features = ["derive"]
+
 # Used to provide Rocket routes with database connections
 [dependencies.rocket_sync_db_pools]
 version = "0.1.0-rc.1"
--- a/migrations/2021-08-20-110251_users-and-auth/down.sql
+++ b/migrations/2021-08-20-110251_users-and-auth/down.sql
@ -1 +1,2 @@
 -- This file should undo anything in `up.sql`
+DROP TABLE IF EXISTS users, permissions, refresh_tokens, security_reports CASCADE;
--- a/migrations/2021-08-20-110251_users-and-auth/up.sql
+++ b/migrations/2021-08-20-110251_users-and-auth/up.sql
@ -6,7 +6,7 @@ CREATE TABLE users (
    -- Hashed + salted representation of the username
    password text NOT NULL,
    -- Wether the user is currently blocked
-    blocked boolean DEFAULT false
+    blocked boolean NOT NULL DEFAULT false
 );

 -- Permissions that a user can have
@ -14,12 +14,22 @@ CREATE TABLE permissions (
    id uuid DEFAULT gen_random_uuid() PRIMARY KEY,

    user_id uuid REFERENCES users (id) NOT NULL,
-    name varchar NOT NULL,
+    name varchar(64) NOT NULL,

    UNIQUE (user_id, name)
 );

-- TODO security reports table (e.g. when a user is blocked)
+-- Security reports (e.g. when a user is blocked)
+CREATE TABLE security_reports (
+    id uuid DEFAULT gen_random_uuid() PRIMARY KEY,
+
+    -- When the report was made
+    report_time timestamp NOT NULL DEFAULT now(),
+    -- What type of report it is
+    report_type varchar(64) NOT NULL,
+    -- Contents of the report
+    content TEXT NOT NULL
+);

 -- Stores refresh tokens
 CREATE TABLE refresh_tokens (
--- a/src/rb/lib.rs
+++ b/src/rb/lib.rs
@ -1,3 +1,4 @@
-pub fn yeet() -> String {
-    String::from("yeet")
-}
+pub const PERM_CODES: [&str; 2] = [
+    "modify-blog-posts",
+    "modify-users"
+];
--- a/src/rb/schema.rs
+++ b/src/rb/schema.rs
@ -0,0 +1,44 @@
+table! {
+    permissions (id) {
+        id -> Uuid,
+        user_id -> Uuid,
+        name -> Varchar,
+    }
+}
+
+table! {
+    refresh_tokens (token) {
+        token -> Bytea,
+        user_id -> Uuid,
+        expires_at -> Timestamp,
+        last_used_at -> Nullable<Timestamp>,
+    }
+}
+
+table! {
+    security_reports (id) {
+        id -> Uuid,
+        report_time -> Timestamp,
+        report_type -> Varchar,
+        content -> Text,
+    }
+}
+
+table! {
+    users (id) {
+        id -> Uuid,
+        username -> Varchar,
+        password -> Text,
+        blocked -> Bool,
+    }
+}
+
+joinable!(permissions -> users (user_id));
+joinable!(refresh_tokens -> users (user_id));
+
+allow_tables_to_appear_in_same_query!(
+    permissions,
+    refresh_tokens,
+    security_reports,
+    users,
+);
--- a/src/rbs/auth.rs
+++ b/src/rbs/auth.rs
@ -0,0 +1,17 @@
+use crate::RbDbConn;
+use serde::Deserialize;
+use rocket::serde::json::Json;
+
+#[derive(Deserialize)]
+struct Credentials {
+    username: String,
+    password: String
+}
+
+#[post("/login", data="<credentials>")]
+async fn login(conn: RbDbConn, credentials: Json<Credentials>) {
+
+}
+
+// /refresh
+// /logout
--- a/src/rbs/main.rs
+++ b/src/rbs/main.rs
@ -8,6 +8,8 @@ extern crate openssl;
 use rocket::{fairing::AdHoc, Build, Rocket};
 use rocket_sync_db_pools::{database, diesel};

+mod auth;
+
 embed_migrations!();

 #[database("postgres_rb")]