tsk-55: Version bump

.env.docker.sample

@@ -10,4 +10,3 @@ POSTGRES_AUTH_PASSWORD=password
 POSTGRES_AUTH_DB=icarus_auth_db
 POSTGRES_AUTH_HOST=auth_db
 DATABASE_URL=postgresql://${POSTGRES_AUTH_USER}:${POSTGRES_AUTH_PASSWORD}@${POSTGRES_AUTH_HOST}:5432/${POSTGRES_AUTH_DB}
-ENABLE_REGISTRATION=TRUE

.env.sample

@@ -10,4 +10,3 @@ POSTGRES_AUTH_PASSWORD=password
 POSTGRES_AUTH_DB=icarus_auth_test_db
 POSTGRES_AUTH_HOST=localhost
 DATABASE_URL=postgresql://${POSTGRES_AUTH_USER}:${POSTGRES_AUTH_PASSWORD}@${POSTGRES_AUTH_HOST}:5432/${POSTGRES_AUTH_DB}
-ENABLE_REGISTRATION=TRUE

.gitea/workflows/workflow.yml

@@ -76,7 +76,6 @@ jobs:
           SECRET_KEY: ${{ secrets.TOKEN_SECRET_KEY }}
           # Make SSH agent available if tests fetch private dependencies
           SSH_AUTH_SOCK: ${{ env.SSH_AUTH_SOCK }}
-          ENABLE_REGISTRATION: 'TRUE'
         run: |
           mkdir -p ~/.ssh
           echo "${{ secrets.MYREPO_TOKEN }}" > ~/.ssh/icarus_models_deploy_key

Cargo.lock

@@ -748,7 +748,7 @@ dependencies = [
 
 [[package]]
 name = "icarus_auth"
-version = "0.6.5"
+version = "0.6.2"
 dependencies = [
  "argon2",
  "axum",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "icarus_auth"
-version = "0.6.5"
+version = "0.6.2"
 edition = "2024"
 rust-version = "1.90"
 

README.md

@@ -8,26 +8,22 @@ need to be modified. The `SECRET_KEY` variable should be changed since it will b
 generation. The `SECRET_PASSPHASE` should also be changed when in production mode, but make sure
 the respective `passphrase` database table record exists.
 
-To enable or disable registrations, use `TRUE` or `FALSE` for the `ENABLE_REGISTRATION` variable.
-By default it is `TRUE`.
-
-
-### Build image
+Build image
 ```
 docker compose build
 ```
 
-### Start images
+Start images
 ```
 docker compose up -d --force-recreate
 ```
 
-### Bring it down
+Bring it down
 ```
 docker compose down -v
 ```
 
-### Pruning
+Pruning
 ```
 docker system prune -a
 ```

migrations/20250402221858_init_migrate.sql

@@ -23,7 +23,6 @@ CREATE TABLE IF NOT EXISTS "salt" (
 
 CREATE TABLE IF NOT EXISTS "passphrase" (
     id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
-    username TEXT NOT NULL,
     passphrase TEXT NOT NULL,
     date_created TIMESTAMPTZ NOT NULL DEFAULT NOW()
 );

migrations/20250802185652_passphrase_data.sql

@@ -1,2 +1,2 @@
 -- Add migration script here
-INSERT INTO "passphrase" (id, username, passphrase) VALUES('22f9c775-cce9-457a-a147-9dafbb801f61', 'service', 'iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH');
+INSERT INTO "passphrase" (id, passphrase) VALUES('22f9c775-cce9-457a-a147-9dafbb801f61', 'iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH');

src/callers/login.rs

@@ -59,6 +59,10 @@ pub mod endpoint {
     use super::request;
     use super::response;
 
+    // TODO: At some point, get the username from the DB
+    // Name of service username when returning a login result
+    pub const SERVICE_USERNAME: &str = "service";
+
     async fn not_found(message: &str) -> (StatusCode, Json<response::Response>) {
         (
             StatusCode::NOT_FOUND,
@@ -114,7 +118,7 @@ pub mod endpoint {
                             }),
                         )
                     } else {
-                        return not_found("Could not verify token").await;
+                        return not_found("Could not verify password").await;
                     }
                 } else {
                     return not_found("Error Hashing").await;
@@ -150,7 +154,7 @@ pub mod endpoint {
         let mut response = response::service_login::Response::default();
 
         match repo::service::valid_passphrase(&pool, &payload.passphrase).await {
-            Ok((id, username, _date_created)) => {
+            Ok((id, _passphrase, _date_created)) => {
                 let key = icarus_envy::environment::get_secret_key().await.value;
                 let (token_literal, duration) =
                     token_stuff::create_service_token(&key, &id).unwrap();
@@ -158,7 +162,7 @@ pub mod endpoint {
                 if token_stuff::verify_token(&key, &token_literal) {
                     let login_result = icarus_models::login_result::LoginResult {
                         id,
-                        username,
+                        username: String::from(SERVICE_USERNAME),
                         token: token_literal,
                         token_type: String::from(icarus_models::token::TOKEN_TYPE),
                         expiration: duration,
@@ -212,15 +216,15 @@ pub mod endpoint {
                 // Get passphrase record with id
                 match token_stuff::extract_id_from_token(&key, &payload.access_token) {
                     Ok(id) => match repo::service::get_passphrase(&pool, &id).await {
-                        Ok((username, _, _)) => {
-                            match token_stuff::create_service_refresh_token(&key, &id) {
+                        Ok((returned_id, _, _)) => {
+                            match token_stuff::create_service_refresh_token(&key, &returned_id) {
                                 Ok((access_token, exp_dur)) => {
                                     let login_result = icarus_models::login_result::LoginResult {
-                                        id,
+                                        id: returned_id,
                                         token: access_token,
                                         expiration: exp_dur,
                                         token_type: String::from(icarus_models::token::TOKEN_TYPE),
-                                        username,
+                                        username: String::from(SERVICE_USERNAME),
                                     };
                                     response.message = String::from("Successful");
                                     response.data.push(login_result);

src/callers/register.rs

@@ -52,108 +52,67 @@ pub async fn register_user(
     axum::Extension(pool): axum::Extension<sqlx::PgPool>,
     Json(payload): Json<request::Request>,
 ) -> (StatusCode, Json<response::Response>) {
-    let registration_enabled = match is_registration_enabled().await {
-        Ok(value) => value,
-        Err(err) => {
-            eprintln!("Error: {err:?}");
-            return (
-                axum::http::StatusCode::INTERNAL_SERVER_ERROR,
-                Json(response::Response {
-                    message: String::from("Registration check failed"),
-                    data: Vec::new(),
-                }),
-            );
-        }
+    let mut user = icarus_models::user::User {
+        username: payload.username.clone(),
+        password: payload.password.clone(),
+        email: payload.email.clone(),
+        phone: payload.phone.clone(),
+        firstname: payload.firstname.clone(),
+        lastname: payload.lastname.clone(),
+        status: String::from("Active"),
+        email_verified: true,
+        ..Default::default()
     };
 
-    if registration_enabled {
-        let mut user = icarus_models::user::User {
-            username: payload.username.clone(),
-            password: payload.password.clone(),
-            email: payload.email.clone(),
-            phone: payload.phone.clone(),
-            firstname: payload.firstname.clone(),
-            lastname: payload.lastname.clone(),
-            status: String::from("Active"),
-            email_verified: true,
-            ..Default::default()
-        };
+    match repo::user::exists(&pool, &user.username).await {
+        Ok(res) => {
+            if res {
+                (
+                    StatusCode::BAD_REQUEST,
+                    Json(response::Response {
+                        message: String::from("Error"),
+                        data: Vec::new(),
+                    }),
+                )
+            } else {
+                let salt_string = hashing::generate_salt().unwrap();
+                let mut salt = icarus_models::user::salt::Salt::default();
+                let generated_salt = salt_string;
+                salt.salt = generated_salt.to_string();
+                salt.id = repo::salt::insert(&pool, &salt).await.unwrap();
+                user.salt_id = salt.id;
+                let hashed_password =
+                    hashing::hash_password(&user.password, &generated_salt).unwrap();
+                user.password = hashed_password;
 
-        match repo::user::exists(&pool, &user.username).await {
-            Ok(res) => {
-                if res {
-                    (
-                        StatusCode::BAD_REQUEST,
-                        Json(response::Response {
-                            message: String::from("Error"),
-                            data: Vec::new(),
-                        }),
-                    )
-                } else {
-                    let salt_string = hashing::generate_salt().unwrap();
-                    let mut salt = icarus_models::user::salt::Salt::default();
-                    let generated_salt = salt_string;
-                    salt.salt = generated_salt.to_string();
-                    salt.id = repo::salt::insert(&pool, &salt).await.unwrap();
-                    user.salt_id = salt.id;
-                    let hashed_password =
-                        hashing::hash_password(&user.password, &generated_salt).unwrap();
-                    user.password = hashed_password;
-
-                    match repo::user::insert(&pool, &user).await {
-                        Ok((id, date_created)) => {
-                            user.id = id;
-                            user.date_created = date_created;
-                            (
-                                StatusCode::CREATED,
-                                Json(response::Response {
-                                    message: String::from("User created"),
-                                    data: vec![user],
-                                }),
-                            )
-                        }
-                        Err(err) => (
-                            StatusCode::BAD_REQUEST,
+                match repo::user::insert(&pool, &user).await {
+                    Ok((id, date_created)) => {
+                        user.id = id;
+                        user.date_created = date_created;
+                        (
+                            StatusCode::CREATED,
                             Json(response::Response {
-                                message: err.to_string(),
+                                message: String::from("User created"),
                                 data: vec![user],
                             }),
-                        ),
+                        )
                     }
+                    Err(err) => (
+                        StatusCode::BAD_REQUEST,
+                        Json(response::Response {
+                            message: err.to_string(),
+                            data: vec![user],
+                        }),
+                    ),
                 }
             }
-            Err(err) => (
-                StatusCode::BAD_REQUEST,
-                Json(response::Response {
-                    message: err.to_string(),
-                    data: vec![user],
-                }),
-            ),
         }
-    } else {
-        (
-            axum::http::StatusCode::NOT_ACCEPTABLE,
+        Err(err) => (
+            StatusCode::BAD_REQUEST,
             Json(response::Response {
-                message: String::from("Registration is not enabled"),
-                data: Vec::new(),
+                message: err.to_string(),
+                data: vec![user],
             }),
-        )
-    }
-}
-
-/// Checks to see if registration is enabled
-async fn is_registration_enabled() -> Result<bool, std::io::Error> {
-    let key = String::from("ENABLE_REGISTRATION");
-    let var = icarus_envy::environment::get_env(&key).await;
-    let parsed_value = var.value.to_uppercase();
-
-    if parsed_value == "TRUE" {
-        Ok(true)
-    } else if parsed_value == "FALSE" {
-        Ok(false)
-    } else {
-        Err(std::io::Error::other(
-            "Could not determine value of ENABLE_REGISTRATION",
-        ))
+        ),
     }
 }

src/db/init.rs

@@ -1,20 +0,0 @@
-use sqlx::postgres::PgPoolOptions;
-
-pub async fn create_pool() -> Result<sqlx::PgPool, sqlx::Error> {
-    let database_url = icarus_envy::environment::get_db_url().await.value;
-    println!("Database url: {database_url}");
-
-    PgPoolOptions::new()
-        .max_connections(super::connection_settings::MAXCONN)
-        .connect(&database_url)
-        .await
-}
-
-pub async fn migrations(pool: &sqlx::PgPool) {
-    // Run migrations using the sqlx::migrate! macro
-    // Assumes your migrations are in a ./migrations folder relative to Cargo.toml
-    sqlx::migrate!("./migrations")
-        .run(pool)
-        .await
-        .expect("Failed to run migrations");
-}

src/db/mod.rs

@@ -1,5 +0,0 @@
-pub mod init;
-
-mod connection_settings {
-    pub const MAXCONN: u32 = 5;
-}

src/lib.rs

@@ -0,0 +1,36 @@
+// TODO: Get rid of this file and place the code in more appropriate places
+pub mod callers;
+pub mod config;
+pub mod hashing;
+pub mod repo;
+pub mod token_stuff;
+
+mod connection_settings {
+    pub const MAXCONN: u32 = 5;
+}
+
+pub mod db {
+
+    use sqlx::postgres::PgPoolOptions;
+
+    use crate::connection_settings;
+
+    pub async fn create_pool() -> Result<sqlx::PgPool, sqlx::Error> {
+        let database_url = icarus_envy::environment::get_db_url().await.value;
+        println!("Database url: {database_url}");
+
+        PgPoolOptions::new()
+            .max_connections(connection_settings::MAXCONN)
+            .connect(&database_url)
+            .await
+    }
+
+    pub async fn migrations(pool: &sqlx::PgPool) {
+        // Run migrations using the sqlx::migrate! macro
+        // Assumes your migrations are in a ./migrations folder relative to Cargo.toml
+        sqlx::migrate!("./migrations")
+            .run(pool)
+            .await
+            .expect("Failed to run migrations");
+    }
+}

src/main.rs

@@ -1,9 +1,5 @@
-pub mod callers;
-pub mod config;
-pub mod db;
-pub mod hashing;
-pub mod repo;
-pub mod token_stuff;
+use icarus_auth::callers;
+use icarus_auth::config;
 
 #[tokio::main]
 async fn main() {
@@ -25,7 +21,7 @@ mod init {
     };
     use utoipa::OpenApi;
 
-    use super::callers;
+    use crate::callers;
     use callers::common as common_callers;
     use callers::login as login_caller;
     use callers::register as register_caller;
@@ -128,11 +124,11 @@ mod init {
     }
 
     pub async fn app() -> Router {
-        let pool = super::db::init::create_pool()
+        let pool = icarus_auth::db::create_pool()
             .await
             .expect("Failed to create pool");
 
-        super::db::init::migrations(&pool).await;
+        icarus_auth::db::migrations(&pool).await;
 
         routes()
             .await
@@ -220,8 +216,8 @@ mod tests {
         }
     }
 
-    fn get_test_register_request() -> callers::register::request::Request {
-        callers::register::request::Request {
+    fn get_test_register_request() -> icarus_auth::callers::register::request::Request {
+        icarus_auth::callers::register::request::Request {
             username: String::from("somethingsss"),
             password: String::from("Raindown!"),
             email: String::from("dev@null.com"),
@@ -231,7 +227,9 @@ mod tests {
         }
     }
 
-    fn get_test_register_payload(usr: &callers::register::request::Request) -> serde_json::Value {
+    fn get_test_register_payload(
+        usr: &icarus_auth::callers::register::request::Request,
+    ) -> serde_json::Value {
         json!({
             "username": &usr.username,
             "password": &usr.password,
@@ -247,7 +245,7 @@ mod tests {
 
         pub async fn register(
             app: &axum::Router,
-            usr: &super::callers::register::request::Request,
+            usr: &icarus_auth::callers::register::request::Request,
         ) -> Result<axum::response::Response, std::convert::Infallible> {
             let payload = super::get_test_register_payload(&usr);
             let req = axum::http::Request::builder()
@@ -300,7 +298,7 @@ mod tests {
 
         let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
 
-        db::init::migrations(&pool).await;
+        icarus_auth::db::migrations(&pool).await;
 
         let app = init::routes().await.layer(axum::Extension(pool));
 
@@ -357,7 +355,7 @@ mod tests {
 
         let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
 
-        db::init::migrations(&pool).await;
+        icarus_auth::db::migrations(&pool).await;
 
         let app = init::routes().await.layer(axum::Extension(pool));
 
@@ -445,7 +443,7 @@ mod tests {
 
         let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
 
-        db::init::migrations(&pool).await;
+        icarus_auth::db::migrations(&pool).await;
 
         let app = init::routes().await.layer(axum::Extension(pool));
         let passphrase =
@@ -499,13 +497,13 @@ mod tests {
 
         let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
 
-        db::init::migrations(&pool).await;
+        icarus_auth::db::migrations(&pool).await;
 
         let app = init::routes().await.layer(axum::Extension(pool));
         let id = uuid::Uuid::parse_str("22f9c775-cce9-457a-a147-9dafbb801f61").unwrap();
         let key = icarus_envy::environment::get_secret_key().await.value;
 
-        match token_stuff::create_service_token(&key, &id) {
+        match icarus_auth::token_stuff::create_service_token(&key, &id) {
             Ok((token, _expire)) => {
                 let payload = serde_json::json!({
                     "access_token": token

src/repo/mod.rs

@@ -1,5 +1,3 @@
-pub mod service;
-
 pub mod user {
     use sqlx::Row;
 
@@ -126,10 +124,10 @@ pub mod user {
                 .map_err(|_e| sqlx::Error::RowNotFound)?,
         };
 
-        if result.id.is_nil() && result.date_created.is_none() {
-            Err(sqlx::Error::RowNotFound)
-        } else {
+        if !result.id.is_nil() && !result.date_created.is_none() {
             Ok((result.id, result.date_created))
+        } else {
+            Err(sqlx::Error::RowNotFound)
         }
     }
 }
@@ -197,3 +195,56 @@ pub mod salt {
         }
     }
 }
+
+pub mod service {
+    use sqlx::Row;
+
+    pub async fn valid_passphrase(
+        pool: &sqlx::PgPool,
+        passphrase: &String,
+    ) -> Result<(uuid::Uuid, String, time::OffsetDateTime), sqlx::Error> {
+        let result = sqlx::query(
+            r#"
+            SELECT * FROM "passphrase" WHERE passphrase = $1
+            "#,
+        )
+        .bind(passphrase)
+        .fetch_one(pool)
+        .await;
+
+        match result {
+            Ok(row) => {
+                let id: uuid::Uuid = row.try_get("id")?;
+                let passphrase: String = row.try_get("passphrase")?;
+                let date_created: Option<time::OffsetDateTime> = row.try_get("date_created")?;
+
+                Ok((id, passphrase, date_created.unwrap()))
+            }
+            Err(err) => Err(err),
+        }
+    }
+
+    pub async fn get_passphrase(
+        pool: &sqlx::PgPool,
+        id: &uuid::Uuid,
+    ) -> Result<(uuid::Uuid, String, time::OffsetDateTime), sqlx::Error> {
+        let result = sqlx::query(
+            r#"
+            SELECT * FROM "passphrase" WHERE id = $1;
+            "#,
+        )
+        .bind(id)
+        .fetch_one(pool)
+        .await;
+
+        match result {
+            Ok(row) => {
+                let returned_id: uuid::Uuid = row.try_get("id")?;
+                let passphrase: String = row.try_get("passphrase")?;
+                let date_created: time::OffsetDateTime = row.try_get("date_created")?;
+                Ok((returned_id, passphrase, date_created))
+            }
+            Err(err) => Err(err),
+        }
+    }
+}

src/repo/service.rs

@@ -1,50 +0,0 @@
-use sqlx::Row;
-
-pub async fn valid_passphrase(
-    pool: &sqlx::PgPool,
-    passphrase: &String,
-) -> Result<(uuid::Uuid, String, time::OffsetDateTime), sqlx::Error> {
-    let result = sqlx::query(
-        r#"
-        SELECT id, username, date_created FROM "passphrase" WHERE passphrase = $1
-        "#,
-    )
-    .bind(passphrase)
-    .fetch_one(pool)
-    .await;
-
-    match result {
-        Ok(row) => {
-            let id: uuid::Uuid = row.try_get("id")?;
-            let username: String = row.try_get("username")?;
-            let date_created: Option<time::OffsetDateTime> = row.try_get("date_created")?;
-
-            Ok((id, username, date_created.unwrap()))
-        }
-        Err(err) => Err(err),
-    }
-}
-
-pub async fn get_passphrase(
-    pool: &sqlx::PgPool,
-    id: &uuid::Uuid,
-) -> Result<(String, String, time::OffsetDateTime), sqlx::Error> {
-    let result = sqlx::query(
-        r#"
-        SELECT username, passphrase, date_created FROM "passphrase" WHERE id = $1;
-        "#,
-    )
-    .bind(id)
-    .fetch_one(pool)
-    .await;
-
-    match result {
-        Ok(row) => {
-            let username: String = row.try_get("username")?;
-            let passphrase: String = row.try_get("passphrase")?;
-            let date_created: time::OffsetDateTime = row.try_get("date_created")?;
-            Ok((username, passphrase, date_created))
-        }
-        Err(err) => Err(err),
-    }
-}