feat: auth db ops

This commit is contained in:
Aravinth Manivannan 2022-09-10 20:08:59 +05:30
parent 5df38a9b3f
commit a0e93f0287
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
4 changed files with 528 additions and 3 deletions

View file

@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS librepages_users (
name VARCHAR(100) NOT NULL UNIQUE,
email VARCHAR(100) UNIQUE NOT NULL,
email_verified BOOLEAN DEFAULT NULL,
password TEXT NOT NULL,
ID SERIAL PRIMARY KEY NOT NULL
);

View file

@ -1,3 +1,180 @@
{
"db": "PostgreSQL"
"db": "PostgreSQL",
"1be33ea4fe0e6079c88768ff912b824f4b0250193f2d086046c1fd0da125ae0c": {
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Varchar"
},
{
"name": "password",
"ordinal": 1,
"type_info": "Text"
}
],
"nullable": [
false,
false
],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "SELECT name, password FROM librepages_users WHERE name = ($1)"
},
"279b5ae27935279b06d2799eef2da6a316324a05d23ba7a729c608c70168c496": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Left": [
"Varchar",
"Text"
]
}
},
"query": "UPDATE librepages_users set name = $1\n WHERE name = $2"
},
"5c5d774bde06c0ab83c3616a56a28f12dfd9c546cbaac9f246d3b350c587823e": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "DELETE FROM librepages_users WHERE name = ($1)"
},
"6a557f851d4f47383b864085093beb0954e79779f21b655978f07e285281e0ac": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Left": [
"Varchar",
"Text"
]
}
},
"query": "UPDATE librepages_users set email = $1\n WHERE name = $2"
},
"8735b654bc261571e6a5908d55a8217474c76bdff7f3cbcc71500a0fe13249db": {
"describe": {
"columns": [
{
"name": "exists",
"ordinal": 0,
"type_info": "Bool"
}
],
"nullable": [
null
],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "SELECT EXISTS (SELECT 1 from librepages_users WHERE email = $1)"
},
"924e756de5544cece865a10a7e136ecc6126e3a603947264cc7899387c18c819": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Left": [
"Text",
"Text"
]
}
},
"query": "UPDATE librepages_users set password = $1\n WHERE name = $2"
},
"aa0e7d72a4542f28db816a8cc20e3f7b778e90e3cbe982a5a24af0b682adaf7d": {
"describe": {
"columns": [],
"nullable": [],
"parameters": {
"Left": [
"Varchar",
"Text",
"Varchar"
]
}
},
"query": "insert into librepages_users\n (name , password, email) values ($1, $2, $3)"
},
"b48c77db6e663d97df44bf9ec2ee92fd3e02f2dcbcdbd1d491e09fab2da68494": {
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Varchar"
},
{
"name": "password",
"ordinal": 1,
"type_info": "Text"
}
],
"nullable": [
false,
false
],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "SELECT name, password FROM librepages_users WHERE email = ($1)"
},
"bdd4d2a1b0b97ebf8ed61cfd120b40146fbf3ea9afb5cd0e03c9d29860b6a26b": {
"describe": {
"columns": [
{
"name": "exists",
"ordinal": 0,
"type_info": "Bool"
}
],
"nullable": [
null
],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "SELECT EXISTS (SELECT 1 from librepages_users WHERE name = $1)"
},
"ced69a08729ffb906e8971dbdce6a8d4197bc9bb8ccd7c58b3a88eb7be73fc2e": {
"describe": {
"columns": [
{
"name": "email",
"ordinal": 0,
"type_info": "Varchar"
}
],
"nullable": [
false
],
"parameters": {
"Left": [
"Text"
]
}
},
"query": "SELECT email FROM librepages_users WHERE name = $1"
}
}

330
src/db.rs
View file

@ -16,6 +16,7 @@
*/
use std::str::FromStr;
use serde::{Deserialize, Serialize};
use sqlx::postgres::PgPoolOptions;
use sqlx::types::time::OffsetDateTime;
//use sqlx::types::Json;
@ -58,7 +59,7 @@ impl ConnectionOptions {
.connect_with(connect_options)
.await
.unwrap()
//.map_err(|e| DBError::DBError(Box::new(e)))?
//.map_err(|e| ServiceError::ServiceError(Box::new(e)))?
}
Self::Existing(conn) => conn.0,
@ -78,7 +79,7 @@ impl Database {
.run(&self.pool)
.await
.unwrap();
//.map_err(|e| DBError::DBError(Box::new(e)))?;
//.map_err(|e| ServiceError::ServiceError(Box::new(e)))?;
Ok(())
}
@ -91,6 +92,200 @@ impl Database {
false
}
}
/// register a new user
pub async fn register(&self, p: &Register<'_>) -> ServiceResult<()> {
sqlx::query!(
"insert into librepages_users
(name , password, email) values ($1, $2, $3)",
&p.username,
&p.hash,
&p.email,
)
.execute(&self.pool)
.await
.map_err(map_register_err)?;
Ok(())
}
/// delete a user
pub async fn delete_user(&self, username: &str) -> ServiceResult<()> {
sqlx::query!("DELETE FROM librepages_users WHERE name = ($1)", username)
.execute(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?;
Ok(())
}
/// check if username exists
pub async fn username_exists(&self, username: &str) -> ServiceResult<bool> {
let res = sqlx::query!(
"SELECT EXISTS (SELECT 1 from librepages_users WHERE name = $1)",
username,
)
.fetch_one(&self.pool)
.await
.map_err(map_register_err)?;
let mut resp = false;
if let Some(x) = res.exists {
resp = x;
}
Ok(resp)
}
/// get user email
pub async fn get_email(&self, username: &str) -> ServiceResult<String> {
struct Email {
email: String,
}
let res = sqlx::query_as!(
Email,
"SELECT email FROM librepages_users WHERE name = $1",
username
)
.fetch_one(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?;
Ok(res.email)
}
/// check if email exists
pub async fn email_exists(&self, email: &str) -> ServiceResult<bool> {
let res = sqlx::query!(
"SELECT EXISTS (SELECT 1 from librepages_users WHERE email = $1)",
email
)
.fetch_one(&self.pool)
.await
.map_err(map_register_err)?;
let mut resp = false;
if let Some(x) = res.exists {
resp = x;
}
Ok(resp)
}
/// update a user's email
pub async fn update_email(&self, p: &UpdateEmail<'_>) -> ServiceResult<()> {
sqlx::query!(
"UPDATE librepages_users set email = $1
WHERE name = $2",
&p.new_email,
&p.username,
)
.execute(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?;
Ok(())
}
/// get a user's password
pub async fn get_password(&self, l: &Login<'_>) -> ServiceResult<NameHash> {
struct Password {
name: String,
password: String,
}
let rec = match l {
Login::Username(u) => sqlx::query_as!(
Password,
r#"SELECT name, password FROM librepages_users WHERE name = ($1)"#,
u,
)
.fetch_one(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?,
Login::Email(e) => sqlx::query_as!(
Password,
r#"SELECT name, password FROM librepages_users WHERE email = ($1)"#,
e,
)
.fetch_one(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?,
};
let res = NameHash {
hash: rec.password,
username: rec.name,
};
Ok(res)
}
/// update user's password
async fn update_password(&self, p: &NameHash) -> ServiceResult<()> {
sqlx::query!(
"UPDATE librepages_users set password = $1
WHERE name = $2",
&p.hash,
&p.username,
)
.execute(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?;
Ok(())
}
/// update username
async fn update_username(&self, current: &str, new: &str) -> ServiceResult<()> {
sqlx::query!(
"UPDATE librepages_users set name = $1
WHERE name = $2",
new,
current,
)
.execute(&self.pool)
.await
.map_err(|e| map_row_not_found_err(e, ServiceError::AccountNotFound))?;
Ok(())
}
}
#[derive(Clone, Debug, Deserialize, Serialize, Eq, PartialEq)]
/// Data required to register a new user
pub struct Register<'a> {
/// username of new user
pub username: &'a str,
/// hashed password of new use
pub hash: &'a str,
/// Optionally, email of new use
pub email: &'a str,
}
#[derive(Clone, Debug, Deserialize, Serialize, Eq, PartialEq)]
/// data required to update them email of a user
pub struct UpdateEmail<'a> {
/// username of the user
pub username: &'a str,
/// new email address of the user
pub new_email: &'a str,
}
#[derive(Clone, Debug, Deserialize, Serialize, Eq, PartialEq)]
/// types of credentials used as identifiers during login
pub enum Login<'a> {
/// username as login
Username(&'a str),
/// email as login
Email(&'a str),
}
#[derive(Clone, Debug, Deserialize, Serialize, Eq, PartialEq)]
/// type encapsulating username and hashed password of a user
pub struct NameHash {
/// username
pub username: String,
/// hashed password
pub hash: String,
}
fn now_unix_time_stamp() -> OffsetDateTime {
@ -109,6 +304,40 @@ pub async fn get_db(settings: &crate::settings::Settings) -> Database {
.unwrap()
}
/// map custom row not found error to DB error
pub fn map_row_not_found_err(e: sqlx::Error, row_not_found: ServiceError) -> ServiceError {
if let sqlx::Error::RowNotFound = e {
row_not_found
} else {
map_register_err(e)
}
}
/// map postgres errors to [ServiceError](ServiceError) types
fn map_register_err(e: sqlx::Error) -> ServiceError {
use sqlx::Error;
use std::borrow::Cow;
if let Error::Database(err) = e {
if err.code() == Some(Cow::from("23505")) {
let msg = err.message();
println!("{}", msg);
if msg.contains("librepages_users_name_key") {
ServiceError::UsernameTaken
} else if msg.contains("librepages_users_email_key") {
ServiceError::EmailTaken
} else {
log::error!("{}", msg);
ServiceError::InternalServerError
}
} else {
ServiceError::InternalServerError
}
} else {
ServiceError::InternalServerError
}
}
#[cfg(test)]
mod tests {
use super::*;
@ -127,5 +356,102 @@ mod tests {
.await
.unwrap();
assert!(db.ping().await);
const EMAIL: &str = "postgresuser@foo.com";
const EMAIL2: &str = "postgresuser2@foo.com";
const NAME: &str = "postgresuser";
const PASSWORD: &str = "pasdfasdfasdfadf";
db.migrate().await.unwrap();
let p = super::Register {
username: NAME,
email: EMAIL,
hash: PASSWORD,
};
if db.username_exists(p.username).await.unwrap() {
db.delete_user(p.username).await.unwrap();
assert!(
!db.username_exists(p.username).await.unwrap(),
"user is deleted so username shouldn't exist"
);
}
db.register(&p).await.unwrap();
assert!(matches!(
db.register(&p).await,
Err(ServiceError::UsernameTaken)
));
// testing get_password
// with username
let name_hash = db.get_password(&Login::Username(p.username)).await.unwrap();
assert_eq!(name_hash.hash, p.hash, "user password matches");
assert_eq!(name_hash.username, p.username, "username matches");
// with email
let mut name_hash = db.get_password(&Login::Email(p.email)).await.unwrap();
assert_eq!(name_hash.hash, p.hash, "user password matches");
assert_eq!(name_hash.username, p.username, "username matches");
// testing get_email
assert_eq!(db.get_email(p.username).await.unwrap(), p.email);
// testing email exists
assert!(
db.email_exists(p.email).await.unwrap(),
"user is registered so email should exist"
);
assert!(
db.username_exists(p.username).await.unwrap(),
"user is registered so username should exist"
);
// update password test. setting password = username
name_hash.hash = name_hash.username.clone();
db.update_password(&name_hash).await.unwrap();
let name_hash = db.get_password(&Login::Username(p.username)).await.unwrap();
assert_eq!(
name_hash.hash, p.username,
"user password matches with changed value"
);
assert_eq!(name_hash.username, p.username, "username matches");
// update username to p.email
assert!(
!db.username_exists(p.email).await.unwrap(),
"user with p.email doesn't exist. pre-check to update username to p.email"
);
db.update_username(p.username, p.email).await.unwrap();
assert!(
db.username_exists(p.email).await.unwrap(),
"user with p.email exist post-update"
);
// testing update email
let update_email = UpdateEmail {
username: p.username,
new_email: EMAIL2,
};
db.update_email(&update_email).await.unwrap();
println!(
"null user email: {}",
db.email_exists(p.email).await.unwrap()
);
assert!(
db.email_exists(p.email).await.unwrap(),
"user was with empty email but email is set; so email should exist"
);
// deleting user
db.delete_user(p.email).await.unwrap();
assert!(
!db.username_exists(p.email).await.unwrap(),
"user is deleted so username shouldn't exist"
);
}
}

View file

@ -16,6 +16,7 @@
*/
//! Represents all the ways a trait can fail using this crate
use std::convert::From;
use std::error::Error as StdError;
use std::io::Error as FSErrorInner;
use std::sync::Arc;
@ -126,6 +127,16 @@ pub enum ServiceError {
#[display(fmt = "Branch {} not found", _0)]
BranchNotFound(#[error(not(source))] String),
/// Username is taken
#[display(fmt = "Username is taken")]
UsernameTaken,
/// Email is taken
#[display(fmt = "Email is taken")]
EmailTaken,
/// Account not found
#[display(fmt = "Account not found")]
AccountNotFound,
}
impl From<ParseError> for ServiceError {
@ -184,6 +195,10 @@ impl ResponseError for ServiceError {
ServiceError::BadRequest(_) => StatusCode::BAD_REQUEST,
ServiceError::GitError(_) => StatusCode::BAD_REQUEST,
ServiceError::BranchNotFound(_) => StatusCode::CONFLICT,
ServiceError::EmailTaken => StatusCode::BAD_REQUEST,
ServiceError::UsernameTaken => StatusCode::BAD_REQUEST,
ServiceError::AccountNotFound => StatusCode::NOT_FOUND,
}
}
}