Cargo fmt

This commit is contained in:
Franklin 2023-09-23 18:40:14 -04:00
parent be9c65fe48
commit 06d5b6ef9d
8 changed files with 173 additions and 109 deletions

View File

@ -27,7 +27,10 @@ pub(crate) async fn update_token(
} }
#[allow(unused)] #[allow(unused)]
pub(crate) async fn remove_token(conn: &mut PgConnection, token_id: &i32) -> Result<Option<Token>, Error> { pub(crate) async fn remove_token(
conn: &mut PgConnection,
token_id: &i32,
) -> Result<Option<Token>, Error> {
sqlx::query_as(r#"DELETE FROM token WHERE id = $1 RETURNING *;"#) sqlx::query_as(r#"DELETE FROM token WHERE id = $1 RETURNING *;"#)
.bind(token_id) .bind(token_id)
.fetch_optional(conn) .fetch_optional(conn)

View File

@ -16,7 +16,10 @@ pub(crate) async fn insert_user(conn: &mut PgConnection, user: User) -> Result<U
.await .await
} }
pub(crate) async fn get_user_with_id(conn: &mut PgConnection, user_id: &i32) -> Result<Option<User>, sqlx::Error> { pub(crate) async fn get_user_with_id(
conn: &mut PgConnection,
user_id: &i32,
) -> Result<Option<User>, sqlx::Error> {
sqlx::query_as( sqlx::query_as(
r#" r#"
SELECT * FROM "user" where id = $1; SELECT * FROM "user" where id = $1;
@ -45,7 +48,10 @@ pub(crate) async fn update_user(conn: &mut PgConnection, user: User) -> Result<U
} }
#[allow(unused)] #[allow(unused)]
pub(crate) async fn delete_user(conn: &mut PgConnection, user_id: &i32) -> Result<Option<User>, sqlx::Error> { pub(crate) async fn delete_user(
conn: &mut PgConnection,
user_id: &i32,
) -> Result<Option<User>, sqlx::Error> {
sqlx::query_as( sqlx::query_as(
r#" r#"
DELETE FROM "user" where id = $1 RETURNING *; DELETE FROM "user" where id = $1 RETURNING *;

View File

@ -1,6 +1,6 @@
use crate::resources::variable_lengths::{ use crate::resources::variable_lengths::{
MAX_EMAIL_LENGTH, MAX_PHONE_NUMBER_LENGTH, MAX_USERNAME_LENGTH, MAX_EMAIL_LENGTH, MAX_PHONE_NUMBER_LENGTH, MAX_USERNAME_LENGTH, MIN_EMAIL_LENGTH,
MIN_EMAIL_LENGTH, MIN_PHONE_NUMBER_LENGTH, MIN_USERNAME_LENGTH, MIN_PHONE_NUMBER_LENGTH, MIN_USERNAME_LENGTH,
}; };
use chrono::{DateTime, Utc}; use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};

View File

@ -25,4 +25,4 @@ pub struct UserResetPasswordPayload {
pub id: i32, pub id: i32,
pub password: String, pub password: String,
pub new_password: String, pub new_password: String,
} }

View File

@ -1,2 +1 @@
pub const AUTH_TOKEN_EXPIRATION_TIME_MILLIS: i64 = 604800000; // 7 Days
pub const AUTH_TOKEN_EXPIRATION_TIME_MILLIS: i64 = 604800000; // 7 Days

View File

@ -1,3 +1,3 @@
pub mod error_messages; pub mod error_messages;
pub mod variable_lengths;
pub mod expirations; pub mod expirations;
pub mod variable_lengths;

View File

@ -1,7 +1,3 @@
use chrono::Utc;
use log::{debug, error};
use sqlx::{PgConnection, Postgres, Transaction};
use crate::dao::credential::{fetch_user_credentials, get_credential, insert_credential}; use crate::dao::credential::{fetch_user_credentials, get_credential, insert_credential};
use crate::dao::token::{insert_token, update_token, validate_user_token}; use crate::dao::token::{insert_token, update_token, validate_user_token};
use crate::dao::user::{get_user_with_id, insert_user, update_user}; use crate::dao::user::{get_user_with_id, insert_user, update_user};
@ -10,12 +6,24 @@ use crate::domain::token::Token;
use crate::domain::user::User; use crate::domain::user::User;
use crate::dto::token::{AuthenticateUserDto, RefreshAuthTokenForUserDto}; use crate::dto::token::{AuthenticateUserDto, RefreshAuthTokenForUserDto};
use crate::dto::users::{UserLoginPayload, UserRegisterPayload, UserResetPasswordPayload}; use crate::dto::users::{UserLoginPayload, UserRegisterPayload, UserResetPasswordPayload};
use crate::resources::error_messages::{ERROR_CREDENTIAL_DOES_NOT_EXIST, ERROR_EXPIRED_TOKEN, ERROR_INCORRECT_TOKEN, ERROR_PASSWORD_INCORRECT, ERROR_TOKEN_NOT_CREATED, ERROR_TOO_MANY_CREDENTIALS, ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST, ErrorResource}; use crate::resources::error_messages::{
ErrorResource, ERROR_CREDENTIAL_DOES_NOT_EXIST, ERROR_EXPIRED_TOKEN, ERROR_INCORRECT_TOKEN,
ERROR_PASSWORD_INCORRECT, ERROR_TOKEN_NOT_CREATED, ERROR_TOO_MANY_CREDENTIALS,
ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST,
};
use crate::resources::expirations::AUTH_TOKEN_EXPIRATION_TIME_MILLIS; use crate::resources::expirations::AUTH_TOKEN_EXPIRATION_TIME_MILLIS;
use crate::utils::hasher::{generate_multiple_random_token_with_rng, hash_password, hash_password_with_existing_salt}; use crate::utils::hasher::{
generate_multiple_random_token_with_rng, hash_password, hash_password_with_existing_salt,
};
use crate::validation::user_validator::validate_user_for_creation; use crate::validation::user_validator::validate_user_for_creation;
use chrono::Utc;
use log::{debug, error};
use sqlx::{PgConnection, Postgres, Transaction};
pub async fn register_user<'a>(transaction: &mut PgConnection, user: UserRegisterPayload) -> Result<Token, Vec<ErrorResource<'a>>> { pub async fn register_user<'a>(
transaction: &mut PgConnection,
user: UserRegisterPayload,
) -> Result<Token, Vec<ErrorResource<'a>>> {
let mut error_resources: Vec<ErrorResource> = Vec::new(); let mut error_resources: Vec<ErrorResource> = Vec::new();
// Validate user // Validate user
validate_user_for_creation(&user, &mut error_resources); validate_user_for_creation(&user, &mut error_resources);
@ -24,21 +32,13 @@ pub async fn register_user<'a>(transaction: &mut PgConnection, user: UserRegiste
error_resources.push(ERROR_TOO_MANY_CREDENTIALS); error_resources.push(ERROR_TOO_MANY_CREDENTIALS);
} }
for credential_dto in user.credentials.iter() { for credential_dto in user.credentials.iter() {
match get_credential( match get_credential(transaction, credential_dto.credential.clone()).await {
transaction, Ok(credential_opt) => match credential_opt {
credential_dto.credential.clone(), None => {}
) Some(_) => {
.await error_resources.push(ERROR_USER_ALREADY_EXISTS);
{
Ok(credential_opt) => {
match credential_opt {
None => {}
Some(_) => {
error_resources.push(
ERROR_USER_ALREADY_EXISTS);
}
} }
} },
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
error_resources.push(("ERROR.DATABASE_ERROR", "")); error_resources.push(("ERROR.DATABASE_ERROR", ""));
@ -63,15 +63,16 @@ pub async fn register_user<'a>(transaction: &mut PgConnection, user: UserRegiste
let persisted_user; let persisted_user;
// Insert user in DB // Insert user in DB
match insert_user(transaction, user_to_insert).await{ match insert_user(transaction, user_to_insert).await {
Ok(user) => { Ok(user) => {
persisted_user = user; persisted_user = user;
}, }
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
error_resources.push(("ERROR.DATABASE_ERROR", "")); error_resources.push(("ERROR.DATABASE_ERROR", ""));
return Err(error_resources); return Err(error_resources);
}}; }
};
// Insert Credentials // Insert Credentials
for credential in user.credentials { for credential in user.credentials {
@ -85,21 +86,26 @@ pub async fn register_user<'a>(transaction: &mut PgConnection, user: UserRegiste
}; };
} }
if let Some(persisted_token) = create_token_for_user(transaction, persisted_user.id, &mut error_resources).await { if let Some(persisted_token) =
create_token_for_user(transaction, persisted_user.id, &mut error_resources).await
{
Ok(persisted_token) Ok(persisted_token)
} else { } else {
Err(error_resources) Err(error_resources)
} }
} }
pub async fn authenticate_user<'a>(conn: &mut PgConnection, user: AuthenticateUserDto) -> Result<User, Vec<ErrorResource<'a>>> { pub async fn authenticate_user<'a>(
conn: &mut PgConnection,
user: AuthenticateUserDto,
) -> Result<User, Vec<ErrorResource<'a>>> {
let mut error_resources = Vec::new(); let mut error_resources = Vec::new();
let persisted_user = match get_user_with_id(conn, &user.id).await { let persisted_user = match get_user_with_id(conn, &user.id).await {
Ok(persisted_user_opt) => match persisted_user_opt { Ok(persisted_user_opt) => match persisted_user_opt {
None => { None => {
error_resources.push(ERROR_USER_DOES_NOT_EXIST); error_resources.push(ERROR_USER_DOES_NOT_EXIST);
return Err(error_resources); return Err(error_resources);
}, }
Some(persisted_user) => persisted_user Some(persisted_user) => persisted_user,
}, },
Err(error) => { Err(error) => {
error!("{:?}", error); error!("{:?}", error);
@ -113,10 +119,12 @@ pub async fn authenticate_user<'a>(conn: &mut PgConnection, user: AuthenticateUs
None => { None => {
error_resources.push(ERROR_INCORRECT_TOKEN); error_resources.push(ERROR_INCORRECT_TOKEN);
Err(error_resources) Err(error_resources)
}, }
Some(persisted_token) => { Some(persisted_token) => {
// Check if persisted_token expired // Check if persisted_token expired
if Utc::now().timestamp_millis() - persisted_token.last_updated.timestamp_millis() > AUTH_TOKEN_EXPIRATION_TIME_MILLIS { if Utc::now().timestamp_millis() - persisted_token.last_updated.timestamp_millis()
> AUTH_TOKEN_EXPIRATION_TIME_MILLIS
{
// Expired // Expired
debug!("Expired token: {:?}", persisted_token); debug!("Expired token: {:?}", persisted_token);
error_resources.push(ERROR_EXPIRED_TOKEN); error_resources.push(ERROR_EXPIRED_TOKEN);
@ -136,15 +144,18 @@ pub async fn authenticate_user<'a>(conn: &mut PgConnection, user: AuthenticateUs
} }
/// ///
pub async fn refresh_auth_token<'a>(conn: &mut PgConnection, user: RefreshAuthTokenForUserDto) -> Result<Token, Vec<ErrorResource>> { pub async fn refresh_auth_token<'a>(
conn: &mut PgConnection,
user: RefreshAuthTokenForUserDto,
) -> Result<Token, Vec<ErrorResource>> {
let mut error_resources = Vec::new(); let mut error_resources = Vec::new();
let _persisted_user = match get_user_with_id(conn, &user.id).await { let _persisted_user = match get_user_with_id(conn, &user.id).await {
Ok(persisted_user_opt) => match persisted_user_opt { Ok(persisted_user_opt) => match persisted_user_opt {
None => { None => {
error_resources.push(ERROR_USER_DOES_NOT_EXIST); error_resources.push(ERROR_USER_DOES_NOT_EXIST);
return Err(error_resources); return Err(error_resources);
}, }
Some(persisted_user) => persisted_user Some(persisted_user) => persisted_user,
}, },
Err(error) => { Err(error) => {
error!("{:?}", error); error!("{:?}", error);
@ -171,14 +182,17 @@ pub async fn refresh_auth_token<'a>(conn: &mut PgConnection, user: RefreshAuthTo
error_resources.push(("ERROR.DATABASE_ERROR", "")); error_resources.push(("ERROR.DATABASE_ERROR", ""));
Err(error_resources) Err(error_resources)
} }
} };
} }
Err(error_resources) Err(error_resources)
} }
/// reset a user's password by validating the user's own password. /// reset a user's password by validating the user's own password.
pub async fn reset_password(conn: &mut PgConnection, user: UserResetPasswordPayload) -> Result<User, Vec<ErrorResource>>{ pub async fn reset_password(
conn: &mut PgConnection,
user: UserResetPasswordPayload,
) -> Result<User, Vec<ErrorResource>> {
let mut error_resources: Vec<ErrorResource> = Vec::new(); let mut error_resources: Vec<ErrorResource> = Vec::new();
let password_matches = match validate_user_password(conn, &user.id, user.password).await { let password_matches = match validate_user_password(conn, &user.id, user.password).await {
@ -190,7 +204,8 @@ pub async fn reset_password(conn: &mut PgConnection, user: UserResetPasswordPayl
} }
}; };
if let Some(persisted_user) = password_matches { // Change pass if let Some(persisted_user) = password_matches {
// Change pass
match change_password(conn, persisted_user, &user.new_password).await { match change_password(conn, persisted_user, &user.new_password).await {
Ok(user_changed) => Ok(user_changed), Ok(user_changed) => Ok(user_changed),
Err(e) => { Err(e) => {
@ -207,17 +222,24 @@ pub async fn reset_password(conn: &mut PgConnection, user: UserResetPasswordPayl
/// ## This resets a user's password without any validations! /// ## This resets a user's password without any validations!
/// Don't expose this to any public endpoint!! /// Don't expose this to any public endpoint!!
pub async fn force_reset_password<'a>(conn: &mut PgConnection, user_id: &i32, new_password: String) -> Result<User, ErrorResource<'a>> { pub async fn force_reset_password<'a>(
conn: &mut PgConnection,
user_id: &i32,
new_password: String,
) -> Result<User, ErrorResource<'a>> {
let persisted_user = match get_user_with_id(conn, user_id).await { let persisted_user = match get_user_with_id(conn, user_id).await {
Ok(persisted_user_opt) => match persisted_user_opt { Ok(persisted_user_opt) => {
None => { match persisted_user_opt {
error!("Serious error. User doesn't exist but credentials pointing to the user do."); None => {
return Err(("ERROR.DATABASE_ERROR", "Critical. User doesn't exist but credentials pointing to the user do.")); error!("Serious error. User doesn't exist but credentials pointing to the user do.");
}, return Err((
Some(persisted_user) => { "ERROR.DATABASE_ERROR",
persisted_user "Critical. User doesn't exist but credentials pointing to the user do.",
));
}
Some(persisted_user) => persisted_user,
} }
}, }
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
return Err(("ERROR.DATABASE_ERROR", "")); return Err(("ERROR.DATABASE_ERROR", ""));
@ -227,7 +249,10 @@ pub async fn force_reset_password<'a>(conn: &mut PgConnection, user_id: &i32, ne
} }
/// ///
pub async fn password_login<'a>(conn: &mut Transaction<'a, Postgres>, user: UserLoginPayload) -> Result<Token, Vec<ErrorResource<'a>>>{ pub async fn password_login<'a>(
conn: &mut Transaction<'a, Postgres>,
user: UserLoginPayload,
) -> Result<Token, Vec<ErrorResource<'a>>> {
let mut error_resources = Vec::new(); let mut error_resources = Vec::new();
let persisted_user_credential = match get_credential(conn, user.credential).await { let persisted_user_credential = match get_credential(conn, user.credential).await {
Ok(credential_opt) => match credential_opt { Ok(credential_opt) => match credential_opt {
@ -235,8 +260,8 @@ pub async fn password_login<'a>(conn: &mut Transaction<'a, Postgres>, user: User
error!("Credential not found for password login."); error!("Credential not found for password login.");
error_resources.push(ERROR_CREDENTIAL_DOES_NOT_EXIST); error_resources.push(ERROR_CREDENTIAL_DOES_NOT_EXIST);
return Err(error_resources); return Err(error_resources);
}, }
Some(persisted_credential) => persisted_credential Some(persisted_credential) => persisted_credential,
}, },
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
@ -244,27 +269,38 @@ pub async fn password_login<'a>(conn: &mut Transaction<'a, Postgres>, user: User
return Err(error_resources); return Err(error_resources);
} }
}; };
let persisted_user_opt = match validate_user_password(conn, &persisted_user_credential.user_id, user.password).await { let persisted_user_opt =
Ok(matches) => matches, match validate_user_password(conn, &persisted_user_credential.user_id, user.password).await
Err(e) => { {
error!("{:?}", e); Ok(matches) => matches,
error_resources.push(e); Err(e) => {
return Err(error_resources); error!("{:?}", e);
} error_resources.push(e);
}; return Err(error_resources);
}
};
if let Some(_) = persisted_user_opt { if let Some(_) = persisted_user_opt {
return if let Some(persisted_token) = create_token_for_user(conn, persisted_user_credential.user_id, &mut error_resources).await { return if let Some(persisted_token) = create_token_for_user(
conn,
persisted_user_credential.user_id,
&mut error_resources,
)
.await
{
Ok(persisted_token) Ok(persisted_token)
} else { } else {
Err(error_resources) Err(error_resources)
} };
} }
Err(error_resources) Err(error_resources)
} }
/// ///
pub async fn get_user_credentials<'a>(transaction: &mut Transaction<'a, Postgres>, user: AuthenticateUserDto) -> Result<Vec<Credential>, Vec<ErrorResource<'a>>> { pub async fn get_user_credentials<'a>(
transaction: &mut Transaction<'a, Postgres>,
user: AuthenticateUserDto,
) -> Result<Vec<Credential>, Vec<ErrorResource<'a>>> {
let mut error_resources = Vec::new(); let mut error_resources = Vec::new();
let persisted_user = authenticate_user(transaction, user).await?; let persisted_user = authenticate_user(transaction, user).await?;
match fetch_user_credentials(transaction, &persisted_user.id).await { match fetch_user_credentials(transaction, &persisted_user.id).await {
@ -277,7 +313,11 @@ pub async fn get_user_credentials<'a>(transaction: &mut Transaction<'a, Postgres
} }
} }
async fn create_token_for_user<'a>(transaction: &mut PgConnection, user_id: i32, error_resources: &mut Vec<ErrorResource<'a>>) -> Option<Token> { async fn create_token_for_user<'a>(
transaction: &mut PgConnection,
user_id: i32,
error_resources: &mut Vec<ErrorResource<'a>>,
) -> Option<Token> {
// Create token and send it back. // Create token and send it back.
let tokens: Vec<String> = match generate_multiple_random_token_with_rng(2).await { let tokens: Vec<String> = match generate_multiple_random_token_with_rng(2).await {
Ok(tokens) => tokens, Ok(tokens) => tokens,
@ -287,35 +327,32 @@ async fn create_token_for_user<'a>(transaction: &mut PgConnection, user_id: i32,
return None; return None;
} }
}; };
let token_to_insert = let token_to_insert = Token {
Token { id: 0,
id: 0, user_id,
user_id, auth_token: match tokens.get(0) {
auth_token: match tokens.get(0) { None => {
None => { error!("Tokens were not created.",);
error!("Tokens were not created.", ); error_resources.push(ERROR_TOKEN_NOT_CREATED);
error_resources.push(ERROR_TOKEN_NOT_CREATED); return None;
return None; }
} Some(token) => token.clone(),
Some(token) => token.clone() },
}, refresh_token: match tokens.get(1) {
refresh_token: match tokens.get(1) { None => {
None => { error!("Tokens were not created.",);
error!("Tokens were not created.", ); error_resources.push(ERROR_TOKEN_NOT_CREATED);
error_resources.push(ERROR_TOKEN_NOT_CREATED); return None;
return None; }
} Some(token) => token.clone(),
Some(token) => token.clone() },
}, time_created: Utc::now(),
time_created: Utc::now(), last_updated: Utc::now(),
last_updated: Utc::now(), };
};
// Insert token in DB // Insert token in DB
match insert_token(transaction, token_to_insert).await { match insert_token(transaction, token_to_insert).await {
Ok(persisted_token) => { Ok(persisted_token) => Some(persisted_token),
Some(persisted_token)
},
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
error_resources.push(("ERROR.DATABASE_ERROR", "")); error_resources.push(("ERROR.DATABASE_ERROR", ""));
@ -324,17 +361,24 @@ async fn create_token_for_user<'a>(transaction: &mut PgConnection, user_id: i32,
} }
} }
async fn validate_user_password<'a>(conn: &mut PgConnection, user_id: &i32, password: String) -> Result<Option<User>, ErrorResource<'a>> { async fn validate_user_password<'a>(
conn: &mut PgConnection,
user_id: &i32,
password: String,
) -> Result<Option<User>, ErrorResource<'a>> {
let persisted_user = match get_user_with_id(conn, user_id).await { let persisted_user = match get_user_with_id(conn, user_id).await {
Ok(persisted_user_opt) => match persisted_user_opt { Ok(persisted_user_opt) => {
None => { match persisted_user_opt {
error!("Serious error. User doesn't exist but credentials pointing to the user do."); None => {
return Err(("ERROR.DATABASE_ERROR", "Critical. User doesn't exist but credentials pointing to the user do.")); error!("Serious error. User doesn't exist but credentials pointing to the user do.");
}, return Err((
Some(persisted_user) => { "ERROR.DATABASE_ERROR",
persisted_user "Critical. User doesn't exist but credentials pointing to the user do.",
));
}
Some(persisted_user) => persisted_user,
} }
}, }
Err(e) => { Err(e) => {
error!("{}", e); error!("{}", e);
return Err(("ERROR.DATABASE_ERROR", "")); return Err(("ERROR.DATABASE_ERROR", ""));
@ -348,7 +392,11 @@ async fn validate_user_password<'a>(conn: &mut PgConnection, user_id: &i32, pass
} }
} }
async fn change_password<'a>(conn: &mut PgConnection, mut persisted_user: User, new_password: &String) -> Result<User, ErrorResource<'a>> { async fn change_password<'a>(
conn: &mut PgConnection,
mut persisted_user: User,
new_password: &String,
) -> Result<User, ErrorResource<'a>> {
let hash_result = hash_password(&new_password); let hash_result = hash_password(&new_password);
persisted_user.password = hash_result.hash; persisted_user.password = hash_result.hash;
persisted_user.salt = hash_result.salt; persisted_user.salt = hash_result.salt;
@ -359,4 +407,4 @@ async fn change_password<'a>(conn: &mut PgConnection, mut persisted_user: User,
return Err(("ERROR.DATABASE_ERROR", "")); return Err(("ERROR.DATABASE_ERROR", ""));
} }
} }
} }

View File

@ -38,7 +38,11 @@ pub(crate) fn validate_user_for_creation(
error_resources: &mut Vec<ErrorResource>, error_resources: &mut Vec<ErrorResource>,
) { ) {
for credential_dto in user.credentials.iter() { for credential_dto in user.credentials.iter() {
validate_credential(error_resources, &credential_dto.credential, &credential_dto.credential_type); validate_credential(
error_resources,
&credential_dto.credential,
&credential_dto.credential_type,
);
} }
if !validate_user_name(&user.name) { if !validate_user_name(&user.name) {
@ -58,7 +62,11 @@ pub(crate) fn validate_user_for_password_authentication(
} }
} }
fn validate_credential(error_resources: &mut Vec<ErrorResource>, credential: &String, credential_type: &CredentialType) { fn validate_credential(
error_resources: &mut Vec<ErrorResource>,
credential: &String,
credential_type: &CredentialType,
) {
match credential_type { match credential_type {
CredentialType::Email => { CredentialType::Email => {
if !validate_user_email(credential) { if !validate_user_email(credential) {
@ -76,4 +84,4 @@ fn validate_credential(error_resources: &mut Vec<ErrorResource>, credential: &St
} }
} }
} }
} }