Sign out

2022-11-26 20:22:45 +01:00 · 2022-11-26 20:22:45 +01:00 · b6235fb76c
commit b6235fb76c
parent 45d4867cb3
12 changed files with 578 additions and 336 deletions
--- a/backend/src/db.rs
+++ b/backend/src/db.rs
@ -7,7 +7,7 @@ use r2d2::Pool;
 use r2d2_sqlite::SqliteConnectionManager;
 use rand::distributions::{Alphanumeric, DistString};

-use crate::consts;
+use crate::{consts, user};
 use crate::hash::{hash, verify_password};
 use crate::model;
 use crate::user::*;
@ -67,7 +67,8 @@ pub enum ValidationResult {
 #[derive(Debug)]
 pub enum SignInResult {
    UserNotFound,
-    PasswordsDontMatch,
+    WrongPassword,
+    AccountNotValidated,
    Ok(String, i32), // Returns token and user id.
 }

@ -197,8 +198,8 @@ impl Connection {

    pub fn get_recipe(&self, id: i32) -> Result<model::Recipe> {
        let con = self.pool.get()?;
-        con.query_row("SELECT [id], [title] FROM [Recipe] WHERE [id] = ?1", [id], |row| {
-            Ok(model::Recipe::new(row.get(0)?, row.get(1)?))
+        con.query_row("SELECT [id], [title], [description] FROM [Recipe] WHERE [id] = ?1", [id], |row| {
+            Ok(model::Recipe::new(row.get("id")?, row.get("title")?, row.get("description")?))
        }).map_err(DBError::from)
    }

@ -213,6 +214,15 @@ impl Connection {
        }).map_err(DBError::from)
    }

+    pub fn load_user(&self, user_id: i32) -> Result<User> {
+        let con = self.pool.get()?;
+        con.query_row("SELECT [email] FROM [User] WHERE [id] = ?1", [user_id], |r| {
+            Ok(User {
+                email: r.get("email")?,
+            })
+        }).map_err(DBError::from)
+    }
+
    ///
    pub fn sign_up(&self, email: &str, password: &str) -> Result<SignUpResult> {
        self.sign_up_with_given_time(email, password, Utc::now())
@ -268,19 +278,21 @@ impl Connection {
        Ok(ValidationResult::Ok(token, user_id))
    }

-    pub fn sign_in(&self, password: &str, email: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
+    pub fn sign_in(&self, email: &str, password: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
        let mut con = self.pool.get()?;
        let tx = con.transaction()?;
-        match tx.query_row("SELECT [id], [password] FROM [User] WHERE [email] = ?1", [email], |r| {
-            Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?))
+        match tx.query_row("SELECT [id], [password], [validation_token] FROM [User] WHERE [email] = ?1", [email], |r| {
+            Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?, r.get::<&str, Option<String>>("validation_token")?))
        }).optional()? {
-            Some((id, stored_password)) => {
-                if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {
+            Some((id, stored_password, validation_token)) => {
+                if validation_token.is_some() {
+                    Ok(SignInResult::AccountNotValidated)
+                } else if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {
                    let token = Connection::create_login_token(&tx, id, ip, user_agent)?;
                    tx.commit()?;
                    Ok(SignInResult::Ok(token, id))
                } else {
-                    Ok(SignInResult::PasswordsDontMatch)
+                    Ok(SignInResult::WrongPassword)
                }
            },
            None => {
@ -387,6 +399,26 @@ mod tests {
        Ok(())
    }

+    #[test]
+    fn sign_up_and_sign_in_without_validation() -> Result<()> {
+        let connection = Connection::new_in_memory()?;
+
+        let email = "paul@test.org";
+        let password = "12345";
+
+        match connection.sign_up(email, password)? {
+            SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
+            other => panic!("{:?}", other),
+        }
+
+        match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
+            SignInResult::AccountNotValidated => (), // Nominal case.
+            other => panic!("{:?}", other),
+        }
+
+        Ok(())
+    }
+
    #[test]
    fn sign_up_to_an_unvalidated_already_existing_user() -> Result<()> {
        let connection = Connection::new_in_memory()?;
@ -475,7 +507,7 @@ mod tests {
        };

        // Sign in.
-        match connection.sign_in(password, email, "127.0.0.1", "Mozilla/5.0")? {
+        match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
            SignInResult::Ok(_, _) => (), // Nominal case.
            other => panic!("{:?}", other),
        }
@ -554,7 +586,7 @@ mod tests {

        // Sign in.
        let (authentication_token_2, user_id_2) =
-            match connection.sign_in(password, email, "192.168.1.1", "Chrome")? {
+            match connection.sign_in(email, password, "192.168.1.1", "Chrome")? {
                SignInResult::Ok(token, user_id) => (token, user_id),
                other => panic!("{:?}", other),
            };