User-lib v1
This commit is contained in:
parent
890e32de43
commit
db2d92b364
|
@ -1,6 +1,11 @@
|
|||
<component name="InspectionProjectProfileManager">
|
||||
<profile version="1.0">
|
||||
<option name="myName" value="Project Default" />
|
||||
<inspection_tool class="DuplicatedCode" enabled="true" level="WEAK WARNING" enabled_by_default="true">
|
||||
<Languages>
|
||||
<language minSize="83" name="Rust" />
|
||||
</Languages>
|
||||
</inspection_tool>
|
||||
<inspection_tool class="SqlDialectInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
<inspection_tool class="SqlNoDataSourceInspection" enabled="false" level="WARNING" enabled_by_default="false" />
|
||||
</profile>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
use crate::domain::credential::Credential;
|
||||
use crate::dto::credential::CredentialDto;
|
||||
use chrono::Utc;
|
||||
use sqlx::{Error, PgConnection, PgPool};
|
||||
use sqlx::{Error, PgConnection};
|
||||
|
||||
pub(crate) async fn insert_credential(
|
||||
conn: &mut PgConnection,
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
use crate::domain::token::Token;
|
||||
use chrono::Utc;
|
||||
use sqlx::{Error, PgConnection, PgPool};
|
||||
use sqlx::{Error, PgConnection};
|
||||
|
||||
pub(crate) async fn insert_token(conn: &mut PgConnection, token: Token) -> Result<Token, Error> {
|
||||
sqlx::query_as(r#"INSERT INTO token (
|
||||
|
@ -11,16 +11,14 @@ pub(crate) async fn insert_token(conn: &mut PgConnection, token: Token) -> Resul
|
|||
|
||||
pub(crate) async fn update_token(
|
||||
conn: &mut PgConnection,
|
||||
token_id: &i32,
|
||||
refresh_token: String,
|
||||
new_auth_token: String,
|
||||
) -> Result<Token, Error> {
|
||||
sqlx::query_as(
|
||||
r#"UPDATE token set
|
||||
auth_token = $3, last_updated = $4
|
||||
WHERE id = $1 AND refresh_token = $2 RETURNING *;"#,
|
||||
WHERE refresh_token = $1 RETURNING *;"#,
|
||||
)
|
||||
.bind(token_id)
|
||||
.bind(refresh_token)
|
||||
.bind(new_auth_token)
|
||||
.bind(Utc::now())
|
||||
|
@ -28,6 +26,7 @@ pub(crate) async fn update_token(
|
|||
.await
|
||||
}
|
||||
|
||||
#[allow(unused)]
|
||||
pub(crate) async fn remove_token(conn: &mut PgConnection, token_id: &i32) -> Result<Option<Token>, Error> {
|
||||
sqlx::query_as(r#"DELETE FROM token WHERE id = $1 RETURNING *;"#)
|
||||
.bind(token_id)
|
||||
|
|
|
@ -44,6 +44,7 @@ pub(crate) async fn update_user(conn: &mut PgConnection, user: User) -> Result<U
|
|||
.await
|
||||
}
|
||||
|
||||
#[allow(unused)]
|
||||
pub(crate) async fn delete_user(conn: &mut PgConnection, user_id: &i32) -> Result<Option<User>, sqlx::Error> {
|
||||
sqlx::query_as(
|
||||
r#"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
use crate::resources::variable_lengths::{
|
||||
MAX_EMAIL_LENGTH, MAX_NAME_LENGTH, MAX_PHONE_NUMBER_LENGTH, MAX_USERNAME_LENGTH,
|
||||
MAX_EMAIL_LENGTH, MAX_PHONE_NUMBER_LENGTH, MAX_USERNAME_LENGTH,
|
||||
MIN_EMAIL_LENGTH, MIN_PHONE_NUMBER_LENGTH, MIN_USERNAME_LENGTH,
|
||||
};
|
||||
use chrono::{DateTime, Utc};
|
||||
|
|
|
@ -18,3 +18,11 @@ pub struct UserRegisterPayload {
|
|||
pub password: String,
|
||||
pub name: String,
|
||||
}
|
||||
|
||||
#[derive(Serialize, Deserialize, Debug, Default, Clone, PartialEq, Eq, PartialOrd, Ord)]
|
||||
#[serde(rename_all = "camelCase")]
|
||||
pub struct UserResetPasswordPayload {
|
||||
pub id: i32,
|
||||
pub password: String,
|
||||
pub new_password: String,
|
||||
}
|
|
@ -1,20 +1,21 @@
|
|||
use std::future::Future;
|
||||
use chrono::Utc;
|
||||
use log::{debug, error};
|
||||
use sqlx::{PgConnection, Postgres, Transaction};
|
||||
use sqlx::{Error, PgConnection, Postgres, Transaction};
|
||||
use crate::dao::credential::{fetch_user_credentials, get_credential, insert_credential};
|
||||
use crate::dao::token::{insert_token, validate_user_token};
|
||||
use crate::dao::user::{get_user_with_id, insert_user};
|
||||
use crate::dao::token::{insert_token, update_token, validate_user_token};
|
||||
use crate::dao::user::{get_user_with_id, insert_user, update_user};
|
||||
use crate::domain::credential::Credential;
|
||||
use crate::domain::token::Token;
|
||||
use crate::domain::user::User;
|
||||
use crate::dto::token::AuthenticateUserDto;
|
||||
use crate::dto::users::{UserLoginPayload, UserRegisterPayload};
|
||||
use crate::resources::error_messages::{ERROR_CREDENTIAL_DOES_NOT_EXIST, ERROR_EXPIRED_TOKEN, ERROR_INCORRECT_TOKEN, ERROR_TOKEN_NOT_CREATED, ERROR_TOO_MANY_CREDENTIALS, ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST, ErrorResource};
|
||||
use crate::dto::token::{AuthenticateUserDto, RefreshAuthTokenForUserDto};
|
||||
use crate::dto::users::{UserLoginPayload, UserRegisterPayload, UserResetPasswordPayload};
|
||||
use crate::resources::error_messages::{ERROR_CREDENTIAL_DOES_NOT_EXIST, ERROR_EXPIRED_TOKEN, ERROR_INCORRECT_TOKEN, ERROR_PASSWORD_INCORRECT, ERROR_TOKEN_NOT_CREATED, ERROR_TOO_MANY_CREDENTIALS, ERROR_USER_ALREADY_EXISTS, ERROR_USER_DOES_NOT_EXIST, ErrorResource};
|
||||
use crate::resources::expirations::AUTH_TOKEN_EXPIRATION_TIME_MILLIS;
|
||||
use crate::utils::hasher::{generate_multiple_random_token_with_rng, hash_password, hash_password_with_existing_salt};
|
||||
use crate::validation::user_validator::validate_user_for_creation;
|
||||
|
||||
pub async fn register_user<'a>(transaction: &mut Transaction<'a, Postgres>, user: UserRegisterPayload) -> Result<Token, Vec<ErrorResource<'a>>> {
|
||||
pub async fn register_user<'a>(transaction: &mut PgConnection, user: UserRegisterPayload) -> Result<Token, Vec<ErrorResource<'a>>> {
|
||||
let mut error_resources: Vec<ErrorResource> = Vec::new();
|
||||
// Validate user
|
||||
validate_user_for_creation(&user, &mut error_resources);
|
||||
|
@ -135,19 +136,100 @@ pub async fn authenticate_user<'a>(conn: &mut PgConnection, user: AuthenticateUs
|
|||
}
|
||||
|
||||
///
|
||||
pub async fn refresh_auth_token() {}
|
||||
pub async fn refresh_auth_token<'a>(conn: &mut PgConnection, user: RefreshAuthTokenForUserDto) -> Result<Token, Vec<ErrorResource>> {
|
||||
let mut error_resources = Vec::new();
|
||||
let persisted_user = match get_user_with_id(conn, &user.id).await {
|
||||
Ok(persisted_user_opt) => match persisted_user_opt {
|
||||
None => {
|
||||
error_resources.push(ERROR_USER_DOES_NOT_EXIST);
|
||||
return Err(error_resources);
|
||||
},
|
||||
Some(persisted_user) => persisted_user
|
||||
},
|
||||
Err(error) => {
|
||||
error!("{:?}", error);
|
||||
error_resources.push(("ERROR.DATABASE_ERROR", ""));
|
||||
return Err(error_resources);
|
||||
}
|
||||
};
|
||||
|
||||
///
|
||||
pub async fn reset_password() {}
|
||||
let mut tokens: Vec<String> = match generate_multiple_random_token_with_rng(2).await {
|
||||
Ok(tokens) => tokens,
|
||||
Err(e) => {
|
||||
error!("{}", e);
|
||||
error_resources.push(("ERROR.JOIN_ERROR", ""));
|
||||
return Err(error_resources);
|
||||
}
|
||||
};
|
||||
|
||||
if tokens.len() > 0 {
|
||||
let new_auth_token = tokens.remove(0);
|
||||
return match update_token(conn, user.refresh_token, new_auth_token).await {
|
||||
Ok(persisted_token) => Ok(persisted_token),
|
||||
Err(e) => {
|
||||
error!("{:?}", e);
|
||||
error_resources.push(("ERROR.DATABASE_ERROR", ""));
|
||||
Err(error_resources)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Err(error_resources)
|
||||
}
|
||||
|
||||
/// reset a user's password by validating the user's own password.
|
||||
pub async fn reset_password(conn: &mut PgConnection, user: UserResetPasswordPayload) -> Result<User, Vec<ErrorResource>>{
|
||||
let mut error_resources: Vec<ErrorResource> = Vec::new();
|
||||
|
||||
let password_matches = match validate_user_password(conn, &user.id, user.password).await {
|
||||
Ok(matches) => matches,
|
||||
Err(e) => {
|
||||
error!("{:?}", e);
|
||||
error_resources.push(e);
|
||||
return Err(error_resources);
|
||||
}
|
||||
};
|
||||
|
||||
if let Some(persisted_user) = password_matches { // Change pass
|
||||
match change_password(conn, persisted_user, &user.new_password).await {
|
||||
Ok(user_changed) => Ok(user_changed),
|
||||
Err(e) => {
|
||||
error!("{:?}", e);
|
||||
error_resources.push(e);
|
||||
Err(error_resources)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
error_resources.push(ERROR_PASSWORD_INCORRECT);
|
||||
Err(error_resources)
|
||||
}
|
||||
}
|
||||
|
||||
/// ## This resets a user's password without any validations!
|
||||
/// Don't expose this to any public endpoint!!
|
||||
pub async fn force_reset_password() {}
|
||||
pub async fn force_reset_password<'a>(conn: &mut PgConnection, user_id: &i32, new_password: String) -> Result<User, ErrorResource<'a>> {
|
||||
let persisted_user = match get_user_with_id(conn, user_id).await {
|
||||
Ok(persisted_user_opt) => match persisted_user_opt {
|
||||
None => {
|
||||
error!("Serious error. User doesn't exist but credentials pointing to the user do.");
|
||||
return Err(("ERROR.DATABASE_ERROR", "Critical. User doesn't exist but credentials pointing to the user do."));
|
||||
},
|
||||
Some(persisted_user) => {
|
||||
persisted_user
|
||||
}
|
||||
},
|
||||
Err(e) => {
|
||||
error!("{}", e);
|
||||
return Err(("ERROR.DATABASE_ERROR", ""));
|
||||
}
|
||||
};
|
||||
Ok(change_password(conn, persisted_user, &new_password).await?)
|
||||
}
|
||||
|
||||
///
|
||||
pub async fn password_login<'a>(transaction: &mut Transaction<'a, Postgres>, user: UserLoginPayload) -> Result<Token, Vec<ErrorResource<'a>>>{
|
||||
pub async fn password_login<'a>(conn: &mut Transaction<'a, Postgres>, user: UserLoginPayload) -> Result<Token, Vec<ErrorResource<'a>>>{
|
||||
let mut error_resources = Vec::new();
|
||||
let persisted_user_credential = match get_credential(transaction, user.credential).await {
|
||||
let persisted_user_credential = match get_credential(conn, user.credential).await {
|
||||
Ok(credential_opt) => match credential_opt {
|
||||
None => {
|
||||
error!("Credential not found for password login.");
|
||||
|
@ -162,25 +244,16 @@ pub async fn password_login<'a>(transaction: &mut Transaction<'a, Postgres>, use
|
|||
return Err(error_resources);
|
||||
}
|
||||
};
|
||||
let persisted_user = match get_user_with_id(transaction, &persisted_user_credential.user_id).await {
|
||||
Ok(persisted_user_opt) => match persisted_user_opt {
|
||||
None => {
|
||||
error!("Serious error. User doesn't exist but credentials pointing to the user do.");
|
||||
error_resources.push(("ERROR.DATABASE_ERROR", "Critical. User doesn't exist but credentials pointing to the user do."));
|
||||
return Err(error_resources);
|
||||
},
|
||||
Some(persisted_user) => {
|
||||
persisted_user
|
||||
}
|
||||
},
|
||||
let persisted_user_opt = match validate_user_password(conn, &persisted_user_credential.user_id, user.password).await {
|
||||
Ok(matches) => matches,
|
||||
Err(e) => {
|
||||
error!("{}", e);
|
||||
error_resources.push(("ERROR.DATABASE_ERROR", ""));
|
||||
return Err(error_resources);}
|
||||
error!("{:?}", e);
|
||||
error_resources.push(e);
|
||||
return Err(error_resources);
|
||||
}
|
||||
};
|
||||
let hashed_password = hash_password_with_existing_salt(&user.password, &persisted_user.salt);
|
||||
if hashed_password.hash == persisted_user.password {
|
||||
return if let Some(persisted_token) = create_token_for_user(transaction, persisted_user.id, &mut error_resources).await {
|
||||
if let Some(_) = persisted_user_opt {
|
||||
return if let Some(persisted_token) = create_token_for_user(conn, persisted_user_credential.user_id, &mut error_resources).await {
|
||||
Ok(persisted_token)
|
||||
} else {
|
||||
Err(error_resources)
|
||||
|
@ -204,7 +277,7 @@ pub async fn get_user_credentials<'a>(transaction: &mut Transaction<'a, Postgres
|
|||
}
|
||||
}
|
||||
|
||||
async fn create_token_for_user<'a>(transaction: &mut Transaction<'a, Postgres>, user_id: i32, error_resources: &mut Vec<ErrorResource<'a>>) -> Option<Token> {
|
||||
async fn create_token_for_user<'a>(transaction: &mut PgConnection, user_id: i32, error_resources: &mut Vec<ErrorResource<'a>>) -> Option<Token> {
|
||||
// Create token and send it back.
|
||||
let tokens: Vec<String> = match generate_multiple_random_token_with_rng(2).await {
|
||||
Ok(tokens) => tokens,
|
||||
|
@ -250,3 +323,40 @@ async fn create_token_for_user<'a>(transaction: &mut Transaction<'a, Postgres>,
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
async fn validate_user_password<'a>(conn: &mut PgConnection, user_id: &i32, password: String) -> Result<Option<User>, ErrorResource<'a>> {
|
||||
let persisted_user = match get_user_with_id(conn, user_id).await {
|
||||
Ok(persisted_user_opt) => match persisted_user_opt {
|
||||
None => {
|
||||
error!("Serious error. User doesn't exist but credentials pointing to the user do.");
|
||||
return Err(("ERROR.DATABASE_ERROR", "Critical. User doesn't exist but credentials pointing to the user do."));
|
||||
},
|
||||
Some(persisted_user) => {
|
||||
persisted_user
|
||||
}
|
||||
},
|
||||
Err(e) => {
|
||||
error!("{}", e);
|
||||
return Err(("ERROR.DATABASE_ERROR", ""));
|
||||
}
|
||||
};
|
||||
let hashed_password = hash_password_with_existing_salt(&password, &persisted_user.salt);
|
||||
if hashed_password.hash == persisted_user.password {
|
||||
Ok(Some(persisted_user))
|
||||
} else {
|
||||
Ok(None)
|
||||
}
|
||||
}
|
||||
|
||||
async fn change_password<'a>(conn: &mut PgConnection, mut persisted_user: User, new_password: &String) -> Result<User, ErrorResource<'a>> {
|
||||
let hash_result = hash_password(&new_password);
|
||||
persisted_user.password = hash_result.hash;
|
||||
persisted_user.salt = hash_result.salt;
|
||||
match update_user(conn, persisted_user).await {
|
||||
Ok(user) => Ok(user),
|
||||
Err(error) => {
|
||||
error!("{}", error);
|
||||
return Err(("ERROR.DATABASE_ERROR", ""));
|
||||
}
|
||||
}
|
||||
}
|
|
@ -38,23 +38,7 @@ pub(crate) fn validate_user_for_creation(
|
|||
error_resources: &mut Vec<ErrorResource>,
|
||||
) {
|
||||
for credential_dto in user.credentials.iter() {
|
||||
match credential_dto.credential_type {
|
||||
CredentialType::Email => {
|
||||
if !validate_user_email(&credential_dto.credential) {
|
||||
error_resources.push(ERROR_INVALID_EMAIL);
|
||||
}
|
||||
}
|
||||
CredentialType::PhoneNumber => {
|
||||
if !validate_user_phone_number(&credential_dto.credential) {
|
||||
error_resources.push(ERROR_INVALID_PHONE_NUMBER);
|
||||
}
|
||||
}
|
||||
CredentialType::Username => {
|
||||
if !validate_user_username(&credential_dto.credential) {
|
||||
error_resources.push(ERROR_INVALID_USERNAME);
|
||||
}
|
||||
}
|
||||
};
|
||||
validate_credential(error_resources, &credential_dto.credential, &credential_dto.credential_type);
|
||||
}
|
||||
|
||||
if !validate_user_name(&user.name) {
|
||||
|
@ -68,24 +52,28 @@ pub(crate) fn validate_user_for_password_authentication(
|
|||
user: &UserLoginPayload,
|
||||
error_resources: &mut Vec<ErrorResource>,
|
||||
) {
|
||||
match user.credential_type {
|
||||
CredentialType::Email => {
|
||||
if !validate_user_email(&user.credential) {
|
||||
error_resources.push(ERROR_INVALID_EMAIL);
|
||||
}
|
||||
}
|
||||
CredentialType::PhoneNumber => {
|
||||
if !validate_user_phone_number(&user.credential) {
|
||||
error_resources.push(ERROR_INVALID_PHONE_NUMBER);
|
||||
}
|
||||
}
|
||||
CredentialType::Username => {
|
||||
if !validate_user_username(&user.credential) {
|
||||
error_resources.push(ERROR_INVALID_USERNAME);
|
||||
}
|
||||
}
|
||||
}
|
||||
validate_credential(error_resources, &user.credential, &user.credential_type);
|
||||
if !validate_user_password(&user.password) {
|
||||
error_resources.push(ERROR_INVALID_PASSWORD);
|
||||
}
|
||||
}
|
||||
|
||||
fn validate_credential(error_resources: &mut Vec<ErrorResource>, credential: &String, credential_type: &CredentialType) {
|
||||
match credential_type {
|
||||
CredentialType::Email => {
|
||||
if !validate_user_email(credential) {
|
||||
error_resources.push(ERROR_INVALID_EMAIL);
|
||||
}
|
||||
}
|
||||
CredentialType::PhoneNumber => {
|
||||
if !validate_user_phone_number(credential) {
|
||||
error_resources.push(ERROR_INVALID_PHONE_NUMBER);
|
||||
}
|
||||
}
|
||||
CredentialType::Username => {
|
||||
if !validate_user_username(credential) {
|
||||
error_resources.push(ERROR_INVALID_USERNAME);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue