Some broken shit

develop
Jef Roosens 2021-08-20 23:09:22 +02:00
parent 1c524f181f
commit d90dbcdc2a
Signed by untrusted user: Jef Roosens
GPG Key ID: 955C0660072F691F
9 changed files with 67 additions and 12 deletions

8
Cargo.lock generated
View File

@ -214,6 +214,7 @@ dependencies = [
"diesel_derives", "diesel_derives",
"pq-sys", "pq-sys",
"r2d2", "r2d2",
"uuid",
] ]
[[package]] [[package]]
@ -1076,6 +1077,7 @@ dependencies = [
"rocket_sync_db_pools", "rocket_sync_db_pools",
"rust-argon2", "rust-argon2",
"serde", "serde",
"uuid",
] ]
[[package]] [[package]]
@ -1470,6 +1472,12 @@ version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
[[package]]
name = "uuid"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7"
[[package]] [[package]]
name = "vcpkg" name = "vcpkg"
version = "0.2.15" version = "0.2.15"

View File

@ -16,18 +16,19 @@ path = "src/rbs/main.rs"
[dependencies] [dependencies]
# ORM # ORM
diesel = { version = "1.4.7", features = ["postgres"] } diesel = { version = "1.4.7", features = ["postgres", "uuidv07"] }
diesel_migrations = "1.4.0" diesel_migrations = "1.4.0"
# To properly compile libpq statically # To properly compile libpq statically
openssl = "0.10.36" openssl = "0.10.36"
# For password hashing & verification # For password hashing & verification
rust-argon2 = "0.8.3" rust-argon2 = "0.8.3"
rand = "0.8.4" rand = "0.8.4"
uuid = "0.8.2"
# Backend web framework # Backend web framework
[dependencies.rocket] [dependencies.rocket]
version = "0.5.0-rc.1" version = "0.5.0-rc.1"
features = [ "json" ] features = ["json"]
# Used to (de)serialize JSON # Used to (de)serialize JSON
[dependencies.serde] [dependencies.serde]

22
src/rb/auth.rs 100644
View File

@ -0,0 +1,22 @@
use crate::errors::AuthError;
use crate::models::User;
use crate::schema::users::dsl as users;
use argon2::verify_encoded;
use diesel::prelude::*;
use diesel::PgConnection;
pub fn verify_user(conn: &PgConnection, username: &str, password: &str) -> Result<User, AuthError> {
// TODO handle non-"NotFound" Diesel errors accordingely
let user = match users::users
.filter(users::username.eq(username))
.first::<User>(conn)
{
Err(_) => return Err(AuthError::UnknownUser),
Ok(user) => user,
};
match verify_encoded(user.password.as_str(), password.as_bytes()) {
Ok(true) => Ok(user),
_ => Err(AuthError::InvalidPassword),
}
}

4
src/rb/errors.rs 100644
View File

@ -0,0 +1,4 @@
pub enum AuthError {
UnknownUser,
InvalidPassword,
}

View File

@ -0,0 +1,7 @@
#[macro_use]
extern crate diesel;
pub mod auth;
pub mod errors;
mod models;
pub(crate) mod schema;

11
src/rb/models.rs 100644
View File

@ -0,0 +1,11 @@
use diesel::Queryable;
use uuid::Uuid;
#[derive(Queryable)]
pub struct User {
id: Uuid,
username: String,
pub password: String,
blocked: bool,
admin: bool,
}

View File

@ -19,7 +19,4 @@ table! {
joinable!(refresh_tokens -> users (user_id)); joinable!(refresh_tokens -> users (user_id));
allow_tables_to_appear_in_same_query!( allow_tables_to_appear_in_same_query!(refresh_tokens, users,);
refresh_tokens,
users,
);

View File

@ -1,16 +1,19 @@
use crate::RbDbConn; use crate::RbDbConn;
use serde::Deserialize; use rb::auth::verify_user;
use rocket::serde::json::Json; use rocket::serde::json::Json;
use serde::Deserialize;
#[derive(Deserialize)] #[derive(Deserialize)]
struct Credentials { struct Credentials {
username: String, username: String,
password: String password: String,
} }
#[post("/login", data="<credentials>")] #[post("/login", data = "<credentials>")]
async fn login(conn: RbDbConn, credentials: Json<Credentials>) { async fn login(conn: RbDbConn, credentials: Json<Credentials>) {
let user = conn
.run(move |c| verify_user(c, &credentials.username, &credentials.password))
.await;
} }
// /refresh // /refresh

View File

@ -2,8 +2,10 @@
// compilation succeeds // compilation succeeds
extern crate openssl; extern crate openssl;
#[macro_use] extern crate rocket; #[macro_use]
#[macro_use] extern crate diesel_migrations; extern crate rocket;
#[macro_use]
extern crate diesel_migrations;
use rocket::{fairing::AdHoc, Build, Rocket}; use rocket::{fairing::AdHoc, Build, Rocket};
use rocket_sync_db_pools::{database, diesel}; use rocket_sync_db_pools::{database, diesel};