Compare commits
5 Commits
v0.3.4-dev
...
v0.3.10-de
| Author | SHA1 | Date | |
|---|---|---|---|
| 8c902b9d61 | |||
| 480a428e8b | |||
| 02697b2fd9 | |||
| d4faa7976e | |||
| ed77cab700 |
6
.env.docker.sample
Normal file
6
.env.docker.sample
Normal file
@@ -0,0 +1,6 @@
|
||||
SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h
|
||||
POSTGRES_AUTH_USER=icarus_op
|
||||
POSTGRES_AUTH_PASSWORD=password
|
||||
POSTGRES_AUTH_DB=icarus_auth_db
|
||||
POSTGRES_AUTH_HOST=auth_db
|
||||
DATABASE_URL=postgresql://${POSTGRES_AUTH_USER}:${POSTGRES_AUTH_PASSWORD}@${POSTGRES_AUTH_HOST}:5432/${POSTGRES_AUTH_DB}
|
||||
10
.env.sample
10
.env.sample
@@ -1,6 +1,6 @@
|
||||
SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h
|
||||
POSTGRES_USER=icarus_op_test
|
||||
POSTGRES_PASSWORD=password
|
||||
POSTGRES_DB=icarus_auth_test_db
|
||||
POSTGRES_HOST=localhost
|
||||
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:5432/${POSTGRES_DB}
|
||||
POSTGRES_AUTH_USER=icarus_op_test
|
||||
POSTGRES_AUTH_PASSWORD=password
|
||||
POSTGRES_AUTH_DB=icarus_auth_test_db
|
||||
POSTGRES_AUTH_HOST=localhost
|
||||
DATABASE_URL=postgresql://${POSTGRES_AUTH_USER}:${POSTGRES_AUTH_PASSWORD}@${POSTGRES_AUTH_HOST}:5432/${POSTGRES_AUTH_DB}
|
||||
|
||||
2
.gitignore
vendored
2
.gitignore
vendored
@@ -1,4 +1,2 @@
|
||||
/target
|
||||
Cargo.lock
|
||||
.env
|
||||
.env.docker
|
||||
|
||||
2527
Cargo.lock
generated
Normal file
2527
Cargo.lock
generated
Normal file
File diff suppressed because it is too large
Load Diff
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "icarus_auth"
|
||||
version = "0.3.4"
|
||||
version = "0.3.10"
|
||||
edition = "2024"
|
||||
rust-version = "1.86"
|
||||
|
||||
@@ -13,13 +13,13 @@ tracing-subscriber = { version = "0.3.19" }
|
||||
tower = { version = "0.5.2" }
|
||||
hyper = { version = "1.6.0" }
|
||||
sqlx = { version = "0.8.3", features = ["postgres", "runtime-tokio-native-tls", "time", "uuid"] }
|
||||
dotenvy = { version = "0.15.7" }
|
||||
uuid = { version = "1.16.0", features = ["v4", "serde"] }
|
||||
argon2 = { version = "0.5.3", features = ["std"] } # Use the latest 0.5.x version
|
||||
rand = { version = "0.9" }
|
||||
time = { version = "0.3.41", features = ["macros", "serde"] }
|
||||
josekit = { version = "0.10.1" }
|
||||
icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.4.1" }
|
||||
icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.4.3" }
|
||||
icarus_envy = { git = "ssh://git@git.kundeng.us/phoenix/icarus_envy.git", tag = "v0.2.0-devel-dbe4dc67cb-950" }
|
||||
|
||||
[dev-dependencies]
|
||||
http-body-util = { version = "0.1.3" }
|
||||
|
||||
@@ -23,9 +23,9 @@ services:
|
||||
container_name: icarus_auth_db # Optional: Give the container a specific name
|
||||
environment:
|
||||
# These MUST match the user, password, and database name in the DATABASE_URL above
|
||||
POSTGRES_USER: ${POSTGRES_USER:-icarus_op}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
|
||||
POSTGRES_DB: ${POSTGRES_DB:-icarus_auth}
|
||||
POSTGRES_USER: ${POSTGRES_AUTH_USER:-icarus_op}
|
||||
POSTGRES_PASSWORD: ${POSTGRES_AUTH_PASSWORD:-password}
|
||||
POSTGRES_DB: ${POSTGRES_AUTH_DB:-icarus_auth_db}
|
||||
volumes:
|
||||
# Persist database data using a named volume
|
||||
- postgres_data:/var/lib/postgresql/data
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
TODO: At some point, move this somewhere that is appropriate
|
||||
|
||||
# Make sure role has CREATEDB
|
||||
ALTER ROLE username_that_needs_permission CREATEDB;
|
||||
|
||||
|
||||
@@ -47,7 +47,7 @@ pub mod endpoint {
|
||||
Ok(user) => {
|
||||
if hashing::verify_password(&payload.password, user.password.clone()).unwrap() {
|
||||
// Create token
|
||||
let key = token_stuff::get_key().unwrap();
|
||||
let key = icarus_envy::environment::get_secret_key().await;
|
||||
let (token_literal, duration) = token_stuff::create_token(&key).unwrap();
|
||||
|
||||
if token_stuff::verify_token(&key, &token_literal) {
|
||||
|
||||
19
src/lib.rs
19
src/lib.rs
@@ -4,14 +4,6 @@ pub mod hashing;
|
||||
pub mod repo;
|
||||
pub mod token_stuff;
|
||||
|
||||
pub mod keys {
|
||||
pub const DBURL: &str = "DATABASE_URL";
|
||||
|
||||
pub mod error {
|
||||
pub const ERROR: &str = "DATABASE_URL must be set in .env";
|
||||
}
|
||||
}
|
||||
|
||||
mod connection_settings {
|
||||
pub const MAXCONN: u32 = 5;
|
||||
}
|
||||
@@ -19,12 +11,11 @@ mod connection_settings {
|
||||
pub mod db {
|
||||
|
||||
use sqlx::postgres::PgPoolOptions;
|
||||
use std::env;
|
||||
|
||||
use crate::{connection_settings, keys};
|
||||
use crate::connection_settings;
|
||||
|
||||
pub async fn create_pool() -> Result<sqlx::PgPool, sqlx::Error> {
|
||||
let database_url = get_db_url().await;
|
||||
let database_url = icarus_envy::environment::get_db_url().await;
|
||||
println!("Database url: {:?}", database_url);
|
||||
|
||||
PgPoolOptions::new()
|
||||
@@ -33,12 +24,6 @@ pub mod db {
|
||||
.await
|
||||
}
|
||||
|
||||
async fn get_db_url() -> String {
|
||||
#[cfg(debug_assertions)] // Example: Only load .env in debug builds
|
||||
dotenvy::dotenv().ok();
|
||||
env::var(keys::DBURL).expect(keys::error::ERROR)
|
||||
}
|
||||
|
||||
pub async fn migrations(pool: &sqlx::PgPool) {
|
||||
// Run migrations using the sqlx::migrate! macro
|
||||
// Assumes your migrations are in a ./migrations folder relative to Cargo.toml
|
||||
|
||||
46
src/main.rs
46
src/main.rs
@@ -69,25 +69,23 @@ mod tests {
|
||||
mod db_mgr {
|
||||
use std::str::FromStr;
|
||||
|
||||
use icarus_auth::keys;
|
||||
|
||||
pub const LIMIT: usize = 6;
|
||||
|
||||
pub async fn get_pool() -> Result<sqlx::PgPool, sqlx::Error> {
|
||||
dotenvy::dotenv().ok(); // Load .env file if it exists
|
||||
let tm_db_url = std::env::var(keys::DBURL).expect("DATABASE_URL must be present");
|
||||
let tm_db_url = icarus_envy::environment::get_db_url().await;
|
||||
let tm_options = sqlx::postgres::PgConnectOptions::from_str(&tm_db_url).unwrap();
|
||||
sqlx::PgPool::connect_with(tm_options).await
|
||||
}
|
||||
|
||||
pub async fn generate_db_name() -> String {
|
||||
let db_name =
|
||||
get_database_name().unwrap() + &"_" + &uuid::Uuid::new_v4().to_string()[..LIMIT];
|
||||
let db_name = get_database_name().await.unwrap()
|
||||
+ &"_"
|
||||
+ &uuid::Uuid::new_v4().to_string()[..LIMIT];
|
||||
db_name
|
||||
}
|
||||
|
||||
pub async fn connect_to_db(db_name: &str) -> Result<sqlx::PgPool, sqlx::Error> {
|
||||
let db_url = std::env::var(keys::DBURL).expect("DATABASE_URL must be set for tests");
|
||||
let db_url = icarus_envy::environment::get_db_url().await;
|
||||
let options = sqlx::postgres::PgConnectOptions::from_str(&db_url)?.database(db_name);
|
||||
sqlx::PgPool::connect_with(options).await
|
||||
}
|
||||
@@ -113,29 +111,21 @@ mod tests {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub fn get_database_name() -> Result<String, Box<dyn std::error::Error>> {
|
||||
dotenvy::dotenv().ok(); // Load .env file if it exists
|
||||
pub async fn get_database_name() -> Result<String, Box<dyn std::error::Error>> {
|
||||
let database_url = icarus_envy::environment::get_db_url().await;
|
||||
|
||||
match std::env::var(keys::DBURL) {
|
||||
Ok(database_url) => {
|
||||
let parsed_url = url::Url::parse(&database_url)?;
|
||||
if parsed_url.scheme() == "postgres" || parsed_url.scheme() == "postgresql" {
|
||||
match parsed_url
|
||||
.path_segments()
|
||||
.and_then(|segments| segments.last().map(|s| s.to_string()))
|
||||
{
|
||||
Some(sss) => Ok(sss),
|
||||
None => Err("Error parsing".into()),
|
||||
}
|
||||
} else {
|
||||
// Handle other database types if needed
|
||||
Err("Error parsing".into())
|
||||
}
|
||||
}
|
||||
Err(_) => {
|
||||
// DATABASE_URL environment variable not found
|
||||
Err("Error parsing".into())
|
||||
let parsed_url = url::Url::parse(&database_url)?;
|
||||
if parsed_url.scheme() == "postgres" || parsed_url.scheme() == "postgresql" {
|
||||
match parsed_url
|
||||
.path_segments()
|
||||
.and_then(|segments| segments.last().map(|s| s.to_string()))
|
||||
{
|
||||
Some(sss) => Ok(sss),
|
||||
None => Err("Error parsing".into()),
|
||||
}
|
||||
} else {
|
||||
// Handle other database types if needed
|
||||
Err("Error parsing".into())
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,12 +12,6 @@ pub const MESSAGE: &str = "Something random";
|
||||
pub const ISSUER: &str = "icarus_auth";
|
||||
pub const AUDIENCE: &str = "icarus";
|
||||
|
||||
pub fn get_key() -> Result<String, dotenvy::Error> {
|
||||
dotenvy::dotenv().ok();
|
||||
let key = std::env::var(KEY_ENV).expect("SECRET_KEY_NOT_FOUND");
|
||||
Ok(key)
|
||||
}
|
||||
|
||||
pub fn get_issued() -> time::Result<time::OffsetDateTime> {
|
||||
Ok(time::OffsetDateTime::now_utc())
|
||||
}
|
||||
@@ -51,7 +45,10 @@ pub fn create_token(provided_key: &String) -> Result<(String, i64), josekit::Jos
|
||||
payload.set_expires_at(&util::time_to_std_time(&expire).unwrap());
|
||||
|
||||
let key: String = if provided_key.is_empty() {
|
||||
get_key().unwrap()
|
||||
let rt = tokio::runtime::Runtime::new().unwrap();
|
||||
|
||||
// Block on the async function to get the result
|
||||
rt.block_on(icarus_envy::environment::get_secret_key())
|
||||
} else {
|
||||
provided_key.to_owned()
|
||||
};
|
||||
@@ -82,7 +79,8 @@ mod tests {
|
||||
|
||||
#[test]
|
||||
fn test_tokenize() {
|
||||
let special_key = get_key().unwrap();
|
||||
let rt = tokio::runtime::Runtime::new().unwrap();
|
||||
let special_key = rt.block_on(icarus_envy::environment::get_secret_key());
|
||||
match create_token(&special_key) {
|
||||
Ok((token, _duration)) => {
|
||||
let result = verify_token(&special_key, &token);
|
||||
|
||||
Reference in New Issue
Block a user