Bug fix and code cleanup
All checks were successful
Rust Build / Check (pull_request) Successful in 44s
Rust Build / Test Suite (pull_request) Successful in 1m4s
Rust Build / Rustfmt (pull_request) Successful in 28s
Rust Build / Clippy (pull_request) Successful in 54s
Rust Build / build (pull_request) Successful in 1m29s
All checks were successful
Rust Build / Check (pull_request) Successful in 44s
Rust Build / Test Suite (pull_request) Successful in 1m4s
Rust Build / Rustfmt (pull_request) Successful in 28s
Rust Build / Clippy (pull_request) Successful in 54s
Rust Build / build (pull_request) Successful in 1m29s
This commit is contained in:
@@ -1,30 +1,37 @@
|
|||||||
use axum::{Extension, Json, http::StatusCode};
|
pub mod response {
|
||||||
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
use serde::{Deserialize, Serialize};
|
#[derive(Deserialize, Serialize)]
|
||||||
|
pub struct TestResult {
|
||||||
#[derive(Deserialize, Serialize)]
|
pub message: String,
|
||||||
pub struct TestResult {
|
}
|
||||||
message: String,
|
}
|
||||||
}
|
|
||||||
|
pub mod endpoint {
|
||||||
// basic handler that responds with a static string
|
use super::*;
|
||||||
pub async fn root() -> &'static str {
|
use axum::{Extension, Json, http::StatusCode};
|
||||||
"Hello, World!"
|
|
||||||
}
|
// basic handler that responds with a static string
|
||||||
|
pub async fn root() -> &'static str {
|
||||||
pub async fn db_ping(Extension(pool): Extension<sqlx::PgPool>) -> (StatusCode, Json<TestResult>) {
|
"Hello, World!"
|
||||||
match sqlx::query("SELECT 1").execute(&pool).await {
|
}
|
||||||
Ok(_) => {
|
|
||||||
let tr = TestResult {
|
pub async fn db_ping(
|
||||||
message: String::from("This works"),
|
Extension(pool): Extension<sqlx::PgPool>,
|
||||||
};
|
) -> (StatusCode, Json<response::TestResult>) {
|
||||||
(StatusCode::OK, Json(tr))
|
match sqlx::query("SELECT 1").execute(&pool).await {
|
||||||
}
|
Ok(_) => {
|
||||||
Err(e) => (
|
let tr = response::TestResult {
|
||||||
StatusCode::BAD_REQUEST,
|
message: String::from("This works"),
|
||||||
Json(TestResult {
|
};
|
||||||
message: e.to_string(),
|
(StatusCode::OK, Json(tr))
|
||||||
}),
|
}
|
||||||
),
|
Err(e) => (
|
||||||
|
StatusCode::BAD_REQUEST,
|
||||||
|
Json(response::TestResult {
|
||||||
|
message: e.to_string(),
|
||||||
|
}),
|
||||||
|
),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -45,45 +45,30 @@ pub mod endpoint {
|
|||||||
// Check if user exists
|
// Check if user exists
|
||||||
match repo::user::get(&pool, &payload.username).await {
|
match repo::user::get(&pool, &payload.username).await {
|
||||||
Ok(user) => {
|
Ok(user) => {
|
||||||
let salt = repo::salt::get(&pool, &user.salt_id).await.unwrap();
|
if hashing::verify_password(&payload.password, user.password.clone()).unwrap() {
|
||||||
let salt_str = hashing::get_salt(&salt.salt).unwrap();
|
// Create token
|
||||||
let unhashed_password = payload.password;
|
let key = token_stuff::get_key().unwrap();
|
||||||
|
let (token_literal, duration) = token_stuff::create_token(&key).unwrap();
|
||||||
|
|
||||||
// Check if password is correct
|
if token_stuff::verify_token(&key, &token_literal) {
|
||||||
match hashing::hash_password(&unhashed_password, &salt_str) {
|
(
|
||||||
Ok(hash_password) => {
|
StatusCode::OK,
|
||||||
if hashing::verify_password(&unhashed_password, hash_password.clone())
|
Json(response::Response {
|
||||||
.unwrap()
|
message: String::from("Successful"),
|
||||||
{
|
data: vec![icarus_models::login_result::LoginResult {
|
||||||
// Create token
|
id: user.id,
|
||||||
let key = token_stuff::get_key().unwrap();
|
username: user.username,
|
||||||
let (token_literal, duration) =
|
token: token_literal,
|
||||||
token_stuff::create_token(&key).unwrap();
|
token_type: String::from(token_stuff::TOKENTYPE),
|
||||||
|
expiration: duration,
|
||||||
if token_stuff::verify_token(&key, &token_literal) {
|
}],
|
||||||
(
|
}),
|
||||||
StatusCode::OK,
|
)
|
||||||
Json(response::Response {
|
} else {
|
||||||
message: String::from("Successful"),
|
return not_found("Could not verify password").await;
|
||||||
data: vec![icarus_models::login_result::LoginResult {
|
|
||||||
id: user.id,
|
|
||||||
username: user.username,
|
|
||||||
token: token_literal,
|
|
||||||
token_type: String::from(token_stuff::TOKENTYPE),
|
|
||||||
expiration: duration,
|
|
||||||
}],
|
|
||||||
}),
|
|
||||||
)
|
|
||||||
} else {
|
|
||||||
return not_found("Could not verify password").await;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
return not_found("Error Hashing").await;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Err(err) => {
|
|
||||||
return not_found(&err.to_string()).await;
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
return not_found("Error Hashing").await;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Err(err) => {
|
Err(err) => {
|
||||||
|
|||||||
@@ -11,8 +11,7 @@ use argon2::{
|
|||||||
pub fn generate_salt() -> Result<SaltString, argon2::Error> {
|
pub fn generate_salt() -> Result<SaltString, argon2::Error> {
|
||||||
// Generate a random salt
|
// Generate a random salt
|
||||||
// SaltString::generate uses OsRng internally for cryptographic security
|
// SaltString::generate uses OsRng internally for cryptographic security
|
||||||
let salt = SaltString::generate(&mut OsRng);
|
Ok(SaltString::generate(&mut OsRng))
|
||||||
Ok(salt)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn get_salt(s: &str) -> Result<SaltString, argon2::password_hash::Error> {
|
pub fn get_salt(s: &str) -> Result<SaltString, argon2::password_hash::Error> {
|
||||||
@@ -32,9 +31,7 @@ pub fn hash_password(
|
|||||||
// Hash the password with the salt
|
// Hash the password with the salt
|
||||||
// The output is a PasswordHash string format that includes algorithm, version,
|
// The output is a PasswordHash string format that includes algorithm, version,
|
||||||
// parameters, salt, and the hash itself.
|
// parameters, salt, and the hash itself.
|
||||||
let password_hash = argon2.hash_password(password_bytes, salt)?.to_string();
|
Ok(argon2.hash_password(password_bytes, salt)?.to_string())
|
||||||
|
|
||||||
Ok(password_hash)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn verify_password(
|
pub fn verify_password(
|
||||||
@@ -48,11 +45,9 @@ pub fn verify_password(
|
|||||||
let parsed_hash = argon2::PasswordHash::new(stored_hash.as_str())?;
|
let parsed_hash = argon2::PasswordHash::new(stored_hash.as_str())?;
|
||||||
|
|
||||||
// Create an Argon2 instance (it will use the parameters from the parsed hash)
|
// Create an Argon2 instance (it will use the parameters from the parsed hash)
|
||||||
let argon2 = Argon2::default();
|
|
||||||
|
|
||||||
// Verify the password against the parsed hash
|
// Verify the password against the parsed hash
|
||||||
// This automatically uses the correct salt and parameters embedded in `parsed_hash`
|
// This automatically uses the correct salt and parameters embedded in `parsed_hash`
|
||||||
match argon2.verify_password(password_bytes, &parsed_hash) {
|
match Argon2::default().verify_password(password_bytes, &parsed_hash) {
|
||||||
Ok(()) => Ok(true), // Passwords match
|
Ok(()) => Ok(true), // Passwords match
|
||||||
Err(argon2::password_hash::Error::Password) => Ok(false), // Passwords don't match
|
Err(argon2::password_hash::Error::Password) => Ok(false), // Passwords don't match
|
||||||
Err(e) => Err(e), // Some other error occurred (e.g., invalid hash format)
|
Err(e) => Err(e), // Some other error occurred (e.g., invalid hash format)
|
||||||
@@ -66,8 +61,7 @@ mod tests {
|
|||||||
#[test]
|
#[test]
|
||||||
fn test_hash_password() {
|
fn test_hash_password() {
|
||||||
let some_password = String::from("somethingrandom");
|
let some_password = String::from("somethingrandom");
|
||||||
let salt = generate_salt().unwrap();
|
match hash_password(&some_password, &generate_salt().unwrap()) {
|
||||||
match hash_password(&some_password, &salt) {
|
|
||||||
Ok(p) => match verify_password(&some_password, p.clone()) {
|
Ok(p) => match verify_password(&some_password, p.clone()) {
|
||||||
Ok(res) => {
|
Ok(res) => {
|
||||||
assert_eq!(res, true);
|
assert_eq!(res, true);
|
||||||
@@ -81,4 +75,27 @@ mod tests {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_wrong_password() {
|
||||||
|
let some_password = String::from("somethingrandom");
|
||||||
|
match hash_password(&some_password, &generate_salt().unwrap()) {
|
||||||
|
Ok(p) => {
|
||||||
|
match verify_password(&some_password, p.clone()) {
|
||||||
|
Ok(res) => {
|
||||||
|
assert_eq!(res, true, "Passwords are not verified");
|
||||||
|
}
|
||||||
|
Err(err) => {
|
||||||
|
assert!(false, "Error: {:?}", err.to_string());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
let wrong_password = String::from("Differentanotherlevel");
|
||||||
|
let result = verify_password(&wrong_password, p.clone()).unwrap();
|
||||||
|
assert_eq!(false, result, "Passwords should not match");
|
||||||
|
}
|
||||||
|
Err(err) => {
|
||||||
|
assert!(false, "Error: {:?}", err.to_string());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
10
src/main.rs
10
src/main.rs
@@ -25,8 +25,14 @@ mod init {
|
|||||||
pub async fn routes() -> Router {
|
pub async fn routes() -> Router {
|
||||||
// build our application with a route
|
// build our application with a route
|
||||||
Router::new()
|
Router::new()
|
||||||
.route(callers::endpoints::DBTEST, get(callers::common::db_ping))
|
.route(
|
||||||
.route(callers::endpoints::ROOT, get(callers::common::root))
|
callers::endpoints::DBTEST,
|
||||||
|
get(callers::common::endpoint::db_ping),
|
||||||
|
)
|
||||||
|
.route(
|
||||||
|
callers::endpoints::ROOT,
|
||||||
|
get(callers::common::endpoint::root),
|
||||||
|
)
|
||||||
.route(
|
.route(
|
||||||
callers::endpoints::REGISTER,
|
callers::endpoints::REGISTER,
|
||||||
post(callers::register::register_user),
|
post(callers::register::register_user),
|
||||||
|
|||||||
Reference in New Issue
Block a user