From d90dbcdc2aa84b27bfeb1eadbb9c7037c4b89835 Mon Sep 17 00:00:00 2001
From: Jef Roosens <roosensjef@gmail.com>
Date: Fri, 20 Aug 2021 23:09:22 +0200
Subject: [PATCH] Some broken shit

---
 Cargo.lock       |  8 ++++++++
 Cargo.toml       |  5 +++--
 src/rb/auth.rs   | 22 ++++++++++++++++++++++
 src/rb/errors.rs |  4 ++++
 src/rb/lib.rs    |  7 +++++++
 src/rb/models.rs | 11 +++++++++++
 src/rb/schema.rs |  5 +----
 src/rbs/auth.rs  | 11 +++++++----
 src/rbs/main.rs  |  6 ++++--
 9 files changed, 67 insertions(+), 12 deletions(-)
 create mode 100644 src/rb/auth.rs
 create mode 100644 src/rb/errors.rs
 create mode 100644 src/rb/models.rs

diff --git a/Cargo.lock b/Cargo.lock
index c1ae49e..54bf4b6 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -214,6 +214,7 @@ dependencies = [
  "diesel_derives",
  "pq-sys",
  "r2d2",
+ "uuid",
 ]
 
 [[package]]
@@ -1076,6 +1077,7 @@ dependencies = [
  "rocket_sync_db_pools",
  "rust-argon2",
  "serde",
+ "uuid",
 ]
 
 [[package]]
@@ -1470,6 +1472,12 @@ version = "0.2.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
 
+[[package]]
+name = "uuid"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7"
+
 [[package]]
 name = "vcpkg"
 version = "0.2.15"
diff --git a/Cargo.toml b/Cargo.toml
index 319fd55..fb5cd1f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -16,18 +16,19 @@ path = "src/rbs/main.rs"
 
 [dependencies]
 # ORM
-diesel = { version = "1.4.7", features = ["postgres"] }
+diesel = { version = "1.4.7", features = ["postgres", "uuidv07"] }
 diesel_migrations = "1.4.0"
 # To properly compile libpq statically
 openssl = "0.10.36"
 # For password hashing & verification
 rust-argon2 = "0.8.3"
 rand = "0.8.4"
+uuid = "0.8.2"
 
 # Backend web framework
 [dependencies.rocket]
 version = "0.5.0-rc.1"
-features = [ "json" ]
+features = ["json"]
 
 # Used to (de)serialize JSON
 [dependencies.serde]
diff --git a/src/rb/auth.rs b/src/rb/auth.rs
new file mode 100644
index 0000000..2c8dbee
--- /dev/null
+++ b/src/rb/auth.rs
@@ -0,0 +1,22 @@
+use crate::errors::AuthError;
+use crate::models::User;
+use crate::schema::users::dsl as users;
+use argon2::verify_encoded;
+use diesel::prelude::*;
+use diesel::PgConnection;
+
+pub fn verify_user(conn: &PgConnection, username: &str, password: &str) -> Result<User, AuthError> {
+    // TODO handle non-"NotFound" Diesel errors accordingely
+    let user = match users::users
+        .filter(users::username.eq(username))
+        .first::<User>(conn)
+    {
+        Err(_) => return Err(AuthError::UnknownUser),
+        Ok(user) => user,
+    };
+
+    match verify_encoded(user.password.as_str(), password.as_bytes()) {
+        Ok(true) => Ok(user),
+        _ => Err(AuthError::InvalidPassword),
+    }
+}
diff --git a/src/rb/errors.rs b/src/rb/errors.rs
new file mode 100644
index 0000000..fc12ba9
--- /dev/null
+++ b/src/rb/errors.rs
@@ -0,0 +1,4 @@
+pub enum AuthError {
+    UnknownUser,
+    InvalidPassword,
+}
diff --git a/src/rb/lib.rs b/src/rb/lib.rs
index e69de29..3d7d0f4 100644
--- a/src/rb/lib.rs
+++ b/src/rb/lib.rs
@@ -0,0 +1,7 @@
+#[macro_use]
+extern crate diesel;
+
+pub mod auth;
+pub mod errors;
+mod models;
+pub(crate) mod schema;
diff --git a/src/rb/models.rs b/src/rb/models.rs
new file mode 100644
index 0000000..d9455d6
--- /dev/null
+++ b/src/rb/models.rs
@@ -0,0 +1,11 @@
+use diesel::Queryable;
+use uuid::Uuid;
+
+#[derive(Queryable)]
+pub struct User {
+    id: Uuid,
+    username: String,
+    pub password: String,
+    blocked: bool,
+    admin: bool,
+}
diff --git a/src/rb/schema.rs b/src/rb/schema.rs
index 8dcb725..e3854e3 100644
--- a/src/rb/schema.rs
+++ b/src/rb/schema.rs
@@ -19,7 +19,4 @@ table! {
 
 joinable!(refresh_tokens -> users (user_id));
 
-allow_tables_to_appear_in_same_query!(
-    refresh_tokens,
-    users,
-);
+allow_tables_to_appear_in_same_query!(refresh_tokens, users,);
diff --git a/src/rbs/auth.rs b/src/rbs/auth.rs
index b3c3319..1c9d793 100644
--- a/src/rbs/auth.rs
+++ b/src/rbs/auth.rs
@@ -1,16 +1,19 @@
 use crate::RbDbConn;
-use serde::Deserialize;
+use rb::auth::verify_user;
 use rocket::serde::json::Json;
+use serde::Deserialize;
 
 #[derive(Deserialize)]
 struct Credentials {
     username: String,
-    password: String
+    password: String,
 }
 
-#[post("/login", data="<credentials>")]
+#[post("/login", data = "<credentials>")]
 async fn login(conn: RbDbConn, credentials: Json<Credentials>) {
-
+    let user = conn
+        .run(move |c| verify_user(c, &credentials.username, &credentials.password))
+        .await;
 }
 
 // /refresh
diff --git a/src/rbs/main.rs b/src/rbs/main.rs
index 9167d8e..5921df7 100644
--- a/src/rbs/main.rs
+++ b/src/rbs/main.rs
@@ -2,8 +2,10 @@
 // compilation succeeds
 extern crate openssl;
 
-#[macro_use] extern crate rocket;
-#[macro_use] extern crate diesel_migrations;
+#[macro_use]
+extern crate rocket;
+#[macro_use]
+extern crate diesel_migrations;
 
 use rocket::{fairing::AdHoc, Build, Rocket};
 use rocket_sync_db_pools::{database, diesel};