Skip to content

Commit 2de393d

Browse files
DrVilepisDrVilepis
committed
unimplement secured access
1 parent ba8d79d commit 2de393d

File tree

10 files changed

+35
-206
lines changed

10 files changed

+35
-206
lines changed

src/api/account.rs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,20 +2,20 @@ use axum::{response::IntoResponse, Json};
22
use http::StatusCode;
33
use serde_derive::Deserialize;
44

5-
use crate::{api::auth::SecuredUserIdentity, database::DatabaseWrapper, error::TimeError};
5+
use crate::{database::DatabaseWrapper, error::TimeError, models::UserIdentity};
66

77
#[derive(Deserialize)]
88
pub struct Settings {
99
public_profile: Option<bool>,
1010
}
1111

1212
pub async fn change_settings(
13-
userid: SecuredUserIdentity,
13+
user: UserIdentity,
1414
db: DatabaseWrapper,
1515
settings: Json<Settings>,
1616
) -> Result<impl IntoResponse, TimeError> {
1717
if let Some(public_profile) = settings.public_profile {
18-
db.change_visibility(userid.identity.id, public_profile)
18+
db.change_visibility(user.id, public_profile)
1919
.await?;
2020
};
2121

src/api/activity.rs

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,10 +7,9 @@ use http::StatusCode;
77
use serde::{Deserialize, Serialize};
88

99
use crate::{
10-
api::auth::SecuredUserIdentity,
1110
database::DatabaseWrapper,
1211
error::TimeError,
13-
models::{HeartBeat, UserId},
12+
models::{HeartBeat, UserId, UserIdentity},
1413
};
1514

1615
pub type HeartBeatMemoryStore = DashMap<i32, (HeartBeat, chrono::NaiveDateTime, chrono::Duration)>;
@@ -142,11 +141,11 @@ pub struct ActivityDeleteRequest {
142141
}
143142

144143
pub async fn delete(
145-
user: SecuredUserIdentity,
144+
user: UserIdentity,
146145
db: DatabaseWrapper,
147146
Json(body): Json<ActivityDeleteRequest>,
148147
) -> Result<impl IntoResponse, TimeError> {
149-
let deleted = db.delete_activity(user.identity.id, body.id).await?;
148+
let deleted = db.delete_activity(user.id, body.id).await?;
150149
if deleted {
151150
Ok(StatusCode::OK)
152151
} else {

src/api/auth.rs

Lines changed: 6 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -13,10 +13,10 @@ use lettre::{
1313
use serde::{Deserialize, Serialize};
1414

1515
use crate::{
16-
auth::{secured_access::SecuredAccessTokenStorage, Authentication},
16+
auth::Authentication,
1717
database::DatabaseWrapper,
1818
error::TimeError,
19-
models::{SecuredAccessTokenResponse, SelfUser, UserId, UserIdentity},
19+
models::{SelfUser, UserId, UserIdentity},
2020
utils::{generate_password_reset_token, validate_email},
2121
PasswordReset, PasswordResetState,
2222
};
@@ -78,24 +78,6 @@ impl<S: Send + Sync> FromRequestParts<S> for UserIdentity {
7878
}
7979
}
8080

81-
pub struct SecuredUserIdentity {
82-
pub identity: UserIdentity,
83-
}
84-
85-
impl<S: Send + Sync> FromRequestParts<S> for SecuredUserIdentity {
86-
type Rejection = TimeError;
87-
88-
async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
89-
let auth = parts.extensions.get::<Authentication>().cloned().unwrap();
90-
91-
if let Authentication::SecuredAccessToken(user) = auth {
92-
Ok(SecuredUserIdentity { identity: user })
93-
} else {
94-
Err(TimeError::UnauthroizedSecuredAccess)
95-
}
96-
}
97-
}
98-
9981
pub struct UserIdentityOptional {
10082
pub identity: Option<UserIdentity>,
10183
}
@@ -137,42 +119,6 @@ pub async fn login(
137119
}
138120
}
139121

140-
pub async fn get_secured_access_token(
141-
State(secured_access_storage): State<Arc<SecuredAccessTokenStorage>>,
142-
db: DatabaseWrapper,
143-
data: Json<LoginRequest>,
144-
) -> Result<impl IntoResponse, TimeError> {
145-
if data.password.len() > 128 {
146-
return Err(TimeError::InvalidLength(
147-
"Password cannot be longer than 128 characters".to_string(),
148-
));
149-
}
150-
151-
if let Ok(Some(user)) = db
152-
.verify_user_password(&data.username, &data.password)
153-
.await
154-
{
155-
Ok(Json(SecuredAccessTokenResponse {
156-
token: secured_access_storage.create_token(user.id),
157-
}))
158-
} else {
159-
Err(TimeError::InvalidCredentials)
160-
}
161-
}
162-
163-
pub async fn regenerate(
164-
user: SecuredUserIdentity,
165-
db: DatabaseWrapper,
166-
) -> Result<impl IntoResponse, TimeError> {
167-
db.regenerate_token(user.identity.id)
168-
.await
169-
.inspect_err(|e| error!("{}", e))
170-
.map(|token| {
171-
let token = json!({ "token": token });
172-
Json(token)
173-
})
174-
}
175-
176122
pub async fn register(
177123
db: DatabaseWrapper,
178124
Json(data): Json<RegisterRequest>,
@@ -203,7 +149,7 @@ pub async fn register(
203149
}
204150

205151
pub async fn change_username(
206-
user: SecuredUserIdentity,
152+
user: UserIdentity,
207153
db: DatabaseWrapper,
208154
Json(data): Json<UsernameChangeRequest>,
209155
) -> Result<impl IntoResponse, TimeError> {
@@ -217,7 +163,7 @@ pub async fn change_username(
217163
return Err(TimeError::BadUsername);
218164
}
219165

220-
let result = db.change_username(user.identity.id, &data.new).await;
166+
let result = db.change_username(user.id, &data.new).await;
221167

222168
if result.as_ref().is_err_and(|e| e.is_unique_violation()) {
223169
return Err(TimeError::UsernameTaken);
@@ -227,15 +173,15 @@ pub async fn change_username(
227173
}
228174

229175
pub async fn change_email(
230-
user: SecuredUserIdentity,
176+
user: UserIdentity,
231177
db: DatabaseWrapper,
232178
Json(data): Json<EmailChangeRequest>,
233179
) -> Result<impl IntoResponse, TimeError> {
234180
if !validate_email(&data.new) {
235181
return Err(TimeError::InvalidEmail);
236182
}
237183

238-
let result = db.change_email(user.identity.id, data.new).await;
184+
let result = db.change_email(user.id, data.new).await;
239185

240186
if result.as_ref().is_err_and(|e| e.is_unique_violation()) {
241187
return Err(TimeError::EmailTaken);

src/api/friends.rs

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,10 @@ use http::StatusCode;
66
use serde::Deserialize;
77

88
use crate::{
9-
api::{activity::HeartBeatMemoryStore, auth::SecuredUserIdentity},
9+
api::activity::HeartBeatMemoryStore,
1010
database::DatabaseWrapper,
1111
error::TimeError,
12-
models::{CurrentActivity, FriendWithTimeAndStatus, UserId},
12+
models::{CurrentActivity, FriendWithTimeAndStatus, UserId, UserIdentity},
1313
};
1414

1515
#[derive(Deserialize, Debug)]
@@ -93,10 +93,10 @@ pub async fn get_friends(
9393
}
9494

9595
pub async fn regenerate_friend_code(
96-
user: SecuredUserIdentity,
96+
user: UserIdentity,
9797
db: DatabaseWrapper,
9898
) -> Result<impl IntoResponse, TimeError> {
99-
db.regenerate_friend_code(user.identity.id)
99+
db.regenerate_friend_code(user.id)
100100
.await
101101
.inspect_err(|e| error!("{}", e))
102102
.map(|code| Json(json!({ "friend_code": code })))
@@ -108,12 +108,12 @@ pub struct RemoveFriendRequest {
108108
}
109109

110110
pub async fn remove(
111-
user: SecuredUserIdentity,
111+
user: UserIdentity,
112112
db: DatabaseWrapper,
113113
Json(body): Json<RemoveFriendRequest>,
114114
) -> Result<impl IntoResponse, TimeError> {
115115
let friend = db.get_user_by_name(&body.name).await?;
116-
let deleted = db.remove_friend(user.identity.id, friend.id).await?;
116+
let deleted = db.remove_friend(user.id, friend.id).await?;
117117

118118
if deleted {
119119
Ok(StatusCode::OK)

src/api/leaderboards.rs

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ use http::StatusCode;
44
use serde::{Deserialize, Serialize};
55

66
use crate::{
7-
api::auth::SecuredUserIdentity, database::DatabaseWrapper, error::TimeError, models::UserId,
7+
database::DatabaseWrapper, error::TimeError, models::{UserId, UserIdentity},
88
};
99

1010
#[derive(Deserialize, Serialize)]
@@ -69,7 +69,7 @@ pub async fn get_leaderboard(
6969
}
7070

7171
pub async fn delete_leaderboard(
72-
user: SecuredUserIdentity,
72+
user: UserIdentity,
7373
Path(name): Path<String>,
7474
db: DatabaseWrapper,
7575
) -> Result<impl IntoResponse, TimeError> {
@@ -78,7 +78,7 @@ pub async fn delete_leaderboard(
7878
.await
7979
.map_err(|_| TimeError::LeaderboardNotFound)?;
8080

81-
if db.is_leaderboard_admin(user.identity.id, lid).await? {
81+
if db.is_leaderboard_admin(user.id, lid).await? {
8282
db.delete_leaderboard(&name).await?;
8383
Ok(StatusCode::OK)
8484
} else {
@@ -111,7 +111,7 @@ pub async fn join_leaderboard(
111111
}
112112

113113
pub async fn leave_leaderboard(
114-
user: SecuredUserIdentity,
114+
user: UserIdentity,
115115
Path(name): Path<String>,
116116
db: DatabaseWrapper,
117117
) -> Result<impl IntoResponse, TimeError> {
@@ -120,14 +120,14 @@ pub async fn leave_leaderboard(
120120
.await
121121
.map_err(|_| TimeError::LeaderboardNotFound)?;
122122

123-
if db.is_leaderboard_admin(user.identity.id, lid).await?
123+
if db.is_leaderboard_admin(user.id, lid).await?
124124
&& db.get_leaderboard_admin_count(lid).await? == 1
125125
{
126126
return Err(TimeError::LastAdmin);
127127
}
128128

129129
if db
130-
.remove_user_from_leaderboard(lid, user.identity.id)
130+
.remove_user_from_leaderboard(lid, user.id)
131131
.await?
132132
{
133133
Ok(StatusCode::OK)
@@ -137,7 +137,7 @@ pub async fn leave_leaderboard(
137137
}
138138

139139
pub async fn promote_member(
140-
user: SecuredUserIdentity,
140+
user: UserIdentity,
141141
Path(name): Path<String>,
142142
db: DatabaseWrapper,
143143
promotion: Json<LeaderboardUser>,
@@ -147,7 +147,7 @@ pub async fn promote_member(
147147
.await
148148
.map_err(|_| TimeError::LeaderboardNotFound)?;
149149

150-
if db.is_leaderboard_admin(user.identity.id, lid).await? {
150+
if db.is_leaderboard_admin(user.id, lid).await? {
151151
let newadmin = db
152152
.get_user_by_name(&promotion.user)
153153
.await
@@ -168,7 +168,7 @@ pub async fn promote_member(
168168
}
169169

170170
pub async fn demote_member(
171-
user: SecuredUserIdentity,
171+
user: UserIdentity,
172172
Path(name): Path<String>,
173173
db: DatabaseWrapper,
174174
demotion: Json<LeaderboardUser>,
@@ -178,7 +178,7 @@ pub async fn demote_member(
178178
.await
179179
.map_err(|_| TimeError::LeaderboardNotFound)?;
180180

181-
if db.is_leaderboard_admin(user.identity.id, lid).await? {
181+
if db.is_leaderboard_admin(user.id, lid).await? {
182182
let oldadmin = db
183183
.get_user_by_name(&demotion.user)
184184
.await
@@ -199,7 +199,7 @@ pub async fn demote_member(
199199
}
200200

201201
pub async fn kick_member(
202-
user: SecuredUserIdentity,
202+
user: UserIdentity,
203203
Path(name): Path<String>,
204204
db: DatabaseWrapper,
205205
kick: Json<LeaderboardUser>,
@@ -209,7 +209,7 @@ pub async fn kick_member(
209209
.await
210210
.map_err(|_| TimeError::LeaderboardNotFound)?;
211211

212-
if db.is_leaderboard_admin(user.identity.id, lid).await? {
212+
if db.is_leaderboard_admin(user.id, lid).await? {
213213
let kmember = db
214214
.get_user_by_name(&kick.user)
215215
.await
@@ -225,7 +225,7 @@ pub async fn kick_member(
225225
}
226226

227227
pub async fn regenerate_invite(
228-
user: SecuredUserIdentity,
228+
user: UserIdentity,
229229
Path(name): Path<String>,
230230
db: DatabaseWrapper,
231231
) -> Result<impl IntoResponse, TimeError> {
@@ -234,7 +234,7 @@ pub async fn regenerate_invite(
234234
.await
235235
.map_err(|_| TimeError::LeaderboardNotFound)?;
236236

237-
if db.is_leaderboard_admin(user.identity.id, lid).await? {
237+
if db.is_leaderboard_admin(user.id, lid).await? {
238238
let code = db.regenerate_leaderboard_invite(lid).await?;
239239
Ok(Json(json!({ "invite_code": code })))
240240
} else {

src/auth/mod.rs

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,5 @@
1-
pub mod secured_access;
2-
31
use std::{
42
mem,
5-
sync::Arc,
63
task::{Context, Poll},
74
};
85

@@ -16,7 +13,6 @@ use crate::{database::DatabaseWrapper, models::UserIdentity, TestaustimeState};
1613
pub enum Authentication {
1714
NoAuth,
1815
AuthToken(UserIdentity),
19-
SecuredAccessToken(UserIdentity),
2016
}
2117

2218
#[derive(Clone)]
@@ -35,7 +31,6 @@ impl Authentication {
3531
match self {
3632
Authentication::NoAuth => None,
3733
Authentication::AuthToken(user_identity) => Some(user_identity),
38-
Authentication::SecuredAccessToken(user_identity) => Some(user_identity),
3934
}
4035
}
4136
}
@@ -68,7 +63,6 @@ where
6863

6964
fn call(&mut self, mut req: Request<B>) -> Self::Future {
7065
let db = DatabaseWrapper::from(&self.state.database);
71-
let secured_access_storage = Arc::clone(&self.state.secured_access_storage);
7266
let auth = req.headers().get("Authorization").cloned();
7367

7468
let clone = self.inner.clone();
@@ -84,14 +78,7 @@ where
8478
break 'auth Authentication::NoAuth;
8579
};
8680

87-
if let Ok(secured_access_instance) = secured_access_storage.get(token).clone() {
88-
let user = db
89-
.get_user_by_id(secured_access_instance.user_id)
90-
.await
91-
.unwrap();
92-
93-
Authentication::SecuredAccessToken(user)
94-
} else if let Ok(user_identity) = db.get_user_by_token(token.to_string()).await {
81+
if let Ok(user_identity) = db.get_user_by_token(token.to_string()).await {
9582
Authentication::AuthToken(user_identity)
9683
} else {
9784
Authentication::NoAuth

0 commit comments

Comments
 (0)