gburri/recipes
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Sign up method.

Browse source 
beginning of adding methods to create account and authentication.
This commit is contained in:
Greg Burri 2022-11-22 01:13:19 +01:00
parent 855eb16973
commit 5e4e086247
5 changed files with 258 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

208
backend/src/db.rs
View file

@ -1,12 +1,14 @@
use std::{fs::{self, File}, path::Path, io::Read};
use std::{fmt::Display, fs::{self, File}, path::Path, io::Read};
use itertools::Itertools;
//use rusqlite::types::ToSql;
//use rusqlite::{Connection, Result, NO_PARAMS};
use chrono::{prelude::*, Duration};
use rusqlite::{params, Params, OptionalExtension};
use r2d2::Pool;
use r2d2_sqlite::SqliteConnectionManager;
use rand::distributions::{Alphanumeric, DistString};
use crate::consts;
use crate::hash::hash;
use crate::model;
const CURRENT_DB_VERSION: u32 = 1;
@ -31,8 +33,39 @@ impl From<r2d2::Error> for DBError {
}
}
// TODO: Is there a better solution?
impl DBError {
fn from_dyn_error(error: Box<dyn std::error::Error>) -> Self {
DBError::Other(error.to_string())
}
}
type Result<T> = std::result::Result<T, DBError>;
#[derive(Debug)]
pub enum SignUpResult {
UserAlreadyExists,
UserCreatedWaitingForValidation(String), // Validation token.
}
#[derive(Debug)]
pub enum ValidationResult {
ValidationExpired,
OK,
}
#[derive(Debug)]
pub enum SignInResult {
NotValidToken,
OK,
}
#[derive(Debug)]
pub enum AuthenticationResult {
NotValidToken,
OK,
}
#[derive(Clone)]
pub struct Connection {
//con: rusqlite::Connection
@ -41,25 +74,26 @@ pub struct Connection {
impl Connection {
pub fn new() -> Result<Connection> {
let data_dir = Path::new(consts::DB_DIRECTORY);
if !data_dir.exists() {
fs::DirBuilder::new().create(data_dir).unwrap();
}
let manager = SqliteConnectionManager::file(consts::DB_FILENAME);
let pool = r2d2::Pool::new(manager).unwrap();
let connection = Connection { pool };
connection.create_or_update()?;
Ok(connection)
let path = Path::new(consts::DB_DIRECTORY).join(consts::DB_FILENAME);
Self::new_from_file(path)
}
/*
* Called after the connection has been established for creating or updating the database.
* The 'Version' table tracks the current state of the database.
*/
pub fn new_in_memory() -> Result<Connection> {
Self::create_connection(SqliteConnectionManager::memory())
}
pub fn new_from_file<P: AsRef<Path>>(file: P) -> Result<Connection> {
if let Some(data_dir) = file.as_ref().parent() {
if !data_dir.exists() {
fs::DirBuilder::new().create(data_dir).unwrap();
}
}
Self::create_connection(SqliteConnectionManager::file(file))
}
/// Called after the connection has been established for creating or updating the database.
/// The 'Version' table tracks the current state of the database.
fn create_or_update(&self) -> Result<()> {
// Check the Database version.
let mut con = self.pool.get()?;
@ -86,6 +120,13 @@ impl Connection {
Ok(())
}
fn create_connection(manager: SqliteConnectionManager) -> Result<Connection> {;
let pool = r2d2::Pool::new(manager).unwrap();
let connection = Connection { pool };
connection.create_or_update()?;
Ok(connection)
}
fn update_to_next_version(current_version: u32, tx: &rusqlite::Transaction) -> Result<bool> {
let next_version = current_version + 1;
@ -106,7 +147,8 @@ impl Connection {
match next_version {
1 => {
tx.execute_batch(&load_sql_file(next_version)?)?;
let sql_file = consts::SQL_FILENAME.replace("{VERSION}", &next_version.to_string());
tx.execute_batch(&load_sql_file(&sql_file)?)?;
update_version(next_version, tx)?;
ok(true)
@ -131,6 +173,7 @@ impl Connection {
Ok(titles)
}
/* Not used for the moment.
pub fn get_all_recipes(&self) -> Result<Vec<model::Recipe>> {
let con = self.pool.get()?;
let mut stmt = con.prepare("SELECT [id], [title] FROM [Recipe] ORDER BY [title]")?;
@ -139,7 +182,7 @@ impl Connection {
Ok(model::Recipe::new(row.get(0)?, row.get(1)?))
})?.map(|r| r.unwrap()).collect_vec(); // TODO: remove unwrap.
Ok(recipes)
}
} */
pub fn get_recipe(&self, id: i32) -> Result<model::Recipe> {
let con = self.pool.get()?;
@ -147,12 +190,127 @@ impl Connection {
Ok(model::Recipe::new(row.get(0)?, row.get(1)?))
}).map_err(DBError::from)
}
///
pub fn sign_up(&self, password: &str, email: &str) -> Result<SignUpResult> {
self.sign_up_with_given_time(password, email, Utc::now())
}
fn sign_up_with_given_time(&self, password: &str, email: &str, datetime: DateTime<Utc>) -> Result<SignUpResult> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
let token =
match tx.query_row("SELECT [id], [validation_token] FROM [User] WHERE [email] = ?1", [email], |r| {
Ok((r.get::<&str, i32>("id")?, r.get::<&str, Option<String>>("validation_token")?))
}).optional()? {
Some((id, validation_token)) => {
if validation_token.is_none() {
return Ok(SignUpResult::UserAlreadyExists)
}
let token = generate_token();
let hashed_password = hash(password).map_err(|e| DBError::from_dyn_error(e))?;
tx.execute("UPDATE [User] SET [validation_token] = ?2, [creation_datetime] = ?3, [password] = ?4 WHERE [id] = ?1", params![id, token, datetime, hashed_password])?;
token
},
None => {
let token = generate_token();
let hashed_password = hash(password).map_err(|e| DBError::from_dyn_error(e))?;
tx.execute("INSERT INTO [User] ([email], [validation_token], [creation_datetime], [password]) VALUES (?1, ?2, ?3, ?4)", params![email, token, datetime, hashed_password])?;
token
},
};
tx.commit()?;
Ok(SignUpResult::UserCreatedWaitingForValidation(token))
}
pub fn validation(&self, token: &str, validation_time: Duration) -> Result<ValidationResult> {
todo!()
}
pub fn sign_in(&self, password: &str, email: String) -> Result<SignInResult> {
todo!()
}
pub fn authentication(&self, token: &str) -> Result<AuthenticationResult> {
todo!()
}
pub fn logout(&self, token: &str) -> Result<()> {
todo!()
}
/// Execute a given SQL file.
pub fn execute_file<P: AsRef<Path> + Display>(&self, file: P) -> Result<()> {
let con = self.pool.get()?;
let sql = load_sql_file(file)?;
con.execute_batch(&sql).map_err(DBError::from)
}
/// Execute any SQL statement.
/// Mainly used for testing.
pub fn execute_sql<P: Params>(&self, sql: &str, params: P) -> Result<usize> {
let con = self.pool.get()?;
con.execute(sql, params).map_err(DBError::from)
}
}
fn load_sql_file(version: u32) -> Result<String> {
let sql_file = consts::SQL_FILENAME.replace("{VERSION}", &version.to_string());
fn load_sql_file<P: AsRef<Path> + Display>(sql_file: P) -> Result<String> {
let mut file = File::open(&sql_file).map_err(|err| DBError::Other(format!("Cannot open SQL file ({}): {}", &sql_file, err.to_string())))?;
let mut sql = String::new();
file.read_to_string(&mut sql).map_err(|err| DBError::Other(format!("Cannot read SQL file ({}) : {}", &sql_file, err.to_string())))?;
Ok(sql)
}
}
fn generate_token() -> String {
Alphanumeric.sample_string(&mut rand::thread_rng(), 24)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn sign_up() -> Result<()> {
let connection = Connection::new_in_memory()?;
match connection.sign_up("12345", "paul@test.org")? {
SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_to_an_already_existing_user() -> Result<()> {
let connection = Connection::new_in_memory()?;
connection.execute_sql("
INSERT INTO [User] ([id], [email], [name], [password], [creation_datetime], [validation_token])
VALUES (
1,
'paul@test.org',
'paul',
'$argon2id$v=19$m=4096,t=3,p=1$1vtXcacYjUHZxMrN6b2Xng$wW8Z59MIoMcsIljnjHmxn3EBcc5ymEySZPUVXHlRxcY',
0,
NULL
);", [])?;
match connection.sign_up("12345", "paul@test.org")? {
SignUpResult::UserAlreadyExists => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_to_an_unvalidated_already_existing_user() -> Result<()> {
todo!()
}
fn sign_up_then_send_validation_at_time() -> Result<()> {
todo!()
}
fn sign_up_then_send_validation_too_late() -> Result<()> {
todo!()
}
//fn sign_up_then_send_validation_then_sign_in()
}