gburri/recipes
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Add asynchronous call to database.

Browse source 
See file 'asynchronous.ts'.
This commit is contained in:
Greg Burri 2022-11-29 15:58:06 +01:00
parent 8a3fef096d
commit d28e765e39
20 changed files with 1323 additions and 1049 deletions
Download patch file Download diff file Expand all files Collapse all files

605
backend/src/db.rs
View file

@ -1,605 +0,0 @@
use std::{fmt, fs::{self, File}, path::Path, io::Read};
use itertools::Itertools;
use chrono::{prelude::*, Duration};
use rusqlite::{named_params, OptionalExtension, params, Params};
use r2d2::Pool;
use r2d2_sqlite::SqliteConnectionManager;
use rand::distributions::{Alphanumeric, DistString};
use crate::{consts, user};
use crate::hash::{hash, verify_password};
use crate::model;
use crate::user::*;
const CURRENT_DB_VERSION: u32 = 1;
#[derive(Debug)]
pub enum DBError {
SqliteError(rusqlite::Error),
R2d2Error(r2d2::Error),
UnsupportedVersion(u32),
Other(String),
}
impl fmt::Display for DBError {
fn fmt(&self, f: &mut fmt::Formatter) -> std::result::Result<(), fmt::Error> {
write!(f, "{:?}", self)
}
}
impl std::error::Error for DBError { }
impl From<rusqlite::Error> for DBError {
fn from(error: rusqlite::Error) -> Self {
DBError::SqliteError(error)
}
}
impl From<r2d2::Error> for DBError {
fn from(error: r2d2::Error) -> Self {
DBError::R2d2Error(error)
}
}
// TODO: Is there a better solution?
impl DBError {
fn from_dyn_error(error: Box<dyn std::error::Error>) -> Self {
DBError::Other(error.to_string())
}
}
type Result<T> = std::result::Result<T, DBError>;
#[derive(Debug)]
pub enum SignUpResult {
UserAlreadyExists,
UserCreatedWaitingForValidation(String), // Validation token.
}
#[derive(Debug)]
pub enum ValidationResult {
UnknownUser,
ValidationExpired,
Ok(String, i32), // Returns token and user id.
}
#[derive(Debug)]
pub enum SignInResult {
UserNotFound,
WrongPassword,
AccountNotValidated,
Ok(String, i32), // Returns token and user id.
}
#[derive(Debug)]
pub enum AuthenticationResult {
NotValidToken,
Ok(i32), // Returns user id.
}
#[derive(Clone)]
pub struct Connection {
//con: rusqlite::Connection
pool: Pool<SqliteConnectionManager>
}
impl Connection {
pub fn new() -> Result<Connection> {
let path = Path::new(consts::DB_DIRECTORY).join(consts::DB_FILENAME);
Self::new_from_file(path)
}
pub fn new_in_memory() -> Result<Connection> {
Self::create_connection(SqliteConnectionManager::memory())
}
pub fn new_from_file<P: AsRef<Path>>(file: P) -> Result<Connection> {
if let Some(data_dir) = file.as_ref().parent() {
if !data_dir.exists() {
fs::DirBuilder::new().create(data_dir).unwrap();
}
}
Self::create_connection(SqliteConnectionManager::file(file))
}
fn create_connection(manager: SqliteConnectionManager) -> Result<Connection> {
let pool = r2d2::Pool::new(manager).unwrap();
let connection = Connection { pool };
connection.create_or_update()?;
Ok(connection)
}
/// Called after the connection has been established for creating or updating the database.
/// The 'Version' table tracks the current state of the database.
fn create_or_update(&self) -> Result<()> {
// Check the Database version.
let mut con = self.pool.get()?;
let tx = con.transaction()?;
// Version 0 corresponds to an empty database.
let mut version = {
match tx.query_row(
"SELECT [name] FROM [sqlite_master] WHERE [type] = 'table' AND [name] = 'Version'",
[],
|row| row.get::<usize, String>(0)
) {
Ok(_) => tx.query_row("SELECT [version] FROM [Version] ORDER BY [id] DESC", [], |row| row.get(0)).unwrap_or_default(),
Err(_) => 0
}
};
while Self::update_to_next_version(version, &tx)? {
version += 1;
}
tx.commit()?;
Ok(())
}
fn update_to_next_version(current_version: u32, tx: &rusqlite::Transaction) -> Result<bool> {
let next_version = current_version + 1;
if next_version <= CURRENT_DB_VERSION {
println!("Update to version {}...", next_version);
}
fn update_version(to_version: u32, tx: &rusqlite::Transaction) -> Result<()> {
tx.execute("INSERT INTO [Version] ([version], [datetime]) VALUES (?1, datetime('now'))", [to_version]).map(|_| ()).map_err(DBError::from)
}
fn ok(updated: bool) -> Result<bool> {
if updated {
println!("Version updated");
}
Ok(updated)
}
match next_version {
1 => {
let sql_file = consts::SQL_FILENAME.replace("{VERSION}", &next_version.to_string());
tx.execute_batch(&load_sql_file(&sql_file)?)?;
update_version(next_version, tx)?;
ok(true)
}
// Version 1 doesn't exist yet.
2 =>
ok(false),
v =>
Err(DBError::UnsupportedVersion(v)),
}
}
pub fn get_all_recipe_titles(&self) -> Result<Vec<(i32, String)>> {
let con = self.pool.get()?;
let mut stmt = con.prepare("SELECT [id], [title] FROM [Recipe] ORDER BY [title]")?;
let titles =
stmt.query_map([], |row| {
Ok((row.get(0)?, row.get(1)?))
})?.map(|r| r.unwrap()).collect_vec(); // TODO: remove unwrap.
Ok(titles)
}
/* Not used for the moment.
pub fn get_all_recipes(&self) -> Result<Vec<model::Recipe>> {
let con = self.pool.get()?;
let mut stmt = con.prepare("SELECT [id], [title] FROM [Recipe] ORDER BY [title]")?;
let recipes =
stmt.query_map([], |row| {
Ok(model::Recipe::new(row.get(0)?, row.get(1)?))
})?.map(|r| r.unwrap()).collect_vec(); // TODO: remove unwrap.
Ok(recipes)
} */
pub fn get_recipe(&self, id: i32) -> Result<model::Recipe> {
let con = self.pool.get()?;
con.query_row("SELECT [id], [title], [description] FROM [Recipe] WHERE [id] = ?1", [id], |row| {
Ok(model::Recipe::new(row.get("id")?, row.get("title")?, row.get("description")?))
}).map_err(DBError::from)
}
pub fn get_user_login_info(&self, token: &str) -> Result<UserLoginInfo> {
let con = self.pool.get()?;
con.query_row("SELECT [last_login_datetime], [ip], [user_agent] FROM [UserLoginToken] WHERE [token] = ?1", [token], |r| {
Ok(UserLoginInfo {
last_login_datetime: r.get("last_login_datetime")?,
ip: r.get("ip")?,
user_agent: r.get("user_agent")?,
})
}).map_err(DBError::from)
}
pub fn load_user(&self, user_id: i32) -> Result<User> {
let con = self.pool.get()?;
con.query_row("SELECT [email] FROM [User] WHERE [id] = ?1", [user_id], |r| {
Ok(User {
email: r.get("email")?,
})
}).map_err(DBError::from)
}
///
pub fn sign_up(&self, email: &str, password: &str) -> Result<SignUpResult> {
self.sign_up_with_given_time(email, password, Utc::now())
}
fn sign_up_with_given_time(&self, email: &str, password: &str, datetime: DateTime<Utc>) -> Result<SignUpResult> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
let token =
match tx.query_row("SELECT [id], [validation_token] FROM [User] WHERE [email] = ?1", [email], |r| {
Ok((r.get::<&str, i32>("id")?, r.get::<&str, Option<String>>("validation_token")?))
}).optional()? {
Some((id, validation_token)) => {
if validation_token.is_none() {
return Ok(SignUpResult::UserAlreadyExists)
}
let token = generate_token();
let hashed_password = hash(password).map_err(|e| DBError::from_dyn_error(e))?;
tx.execute("UPDATE [User] SET [validation_token] = ?2, [creation_datetime] = ?3, [password] = ?4 WHERE [id] = ?1", params![id, token, datetime, hashed_password])?;
token
},
None => {
let token = generate_token();
let hashed_password = hash(password).map_err(|e| DBError::from_dyn_error(e))?;
tx.execute("INSERT INTO [User] ([email], [validation_token], [creation_datetime], [password]) VALUES (?1, ?2, ?3, ?4)", params![email, token, datetime, hashed_password])?;
token
},
};
tx.commit()?;
Ok(SignUpResult::UserCreatedWaitingForValidation(token))
}
pub fn validation(&self, token: &str, validation_time: Duration, ip: &str, user_agent: &str) -> Result<ValidationResult> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
let user_id =
match tx.query_row("SELECT [id], [creation_datetime] FROM [User] WHERE [validation_token] = ?1", [token], |r| {
Ok((r.get::<&str, i32>("id")?, r.get::<&str, DateTime<Utc>>("creation_datetime")?))
}).optional()? {
Some((id, creation_datetime)) => {
if Utc::now() - creation_datetime > validation_time {
return Ok(ValidationResult::ValidationExpired)
}
tx.execute("UPDATE [User] SET [validation_token] = NULL WHERE [id] = ?1", [id])?;
id
},
None => {
return Ok(ValidationResult::UnknownUser)
},
};
let token = Connection::create_login_token(&tx, user_id, ip, user_agent)?;
tx.commit()?;
Ok(ValidationResult::Ok(token, user_id))
}
pub fn sign_in(&self, email: &str, password: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
match tx.query_row("SELECT [id], [password], [validation_token] FROM [User] WHERE [email] = ?1", [email], |r| {
Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?, r.get::<&str, Option<String>>("validation_token")?))
}).optional()? {
Some((id, stored_password, validation_token)) => {
if validation_token.is_some() {
Ok(SignInResult::AccountNotValidated)
} else if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {
let token = Connection::create_login_token(&tx, id, ip, user_agent)?;
tx.commit()?;
Ok(SignInResult::Ok(token, id))
} else {
Ok(SignInResult::WrongPassword)
}
},
None => {
Ok(SignInResult::UserNotFound)
},
}
}
pub fn authentication(&self, token: &str, ip: &str, user_agent: &str) -> Result<AuthenticationResult> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
match tx.query_row("SELECT [id], [user_id] FROM [UserLoginToken] WHERE [token] = ?1", [token], |r| {
Ok((r.get::<&str, i32>("id")?, r.get::<&str, i32>("user_id")?))
}).optional()? {
Some((login_id, user_id)) => {
tx.execute("UPDATE [UserLoginToken] SET [last_login_datetime] = ?2, [ip] = ?3, [user_agent] = ?4 WHERE [id] = ?1", params![login_id, Utc::now(), ip, user_agent])?;
tx.commit()?;
Ok(AuthenticationResult::Ok(user_id))
},
None =>
Ok(AuthenticationResult::NotValidToken)
}
}
pub fn sign_out(&self, token: &str) -> Result<()> {
let mut con = self.pool.get()?;
let tx = con.transaction()?;
match tx.query_row("SELECT [id] FROM [UserLoginToken] WHERE [token] = ?1", [token], |r| {
Ok(r.get::<&str, i32>("id")?)
}).optional()? {
Some(login_id) => {
tx.execute("DELETE FROM [UserLoginToken] WHERE [id] = ?1", params![login_id])?;
tx.commit()?
},
None => (),
}
Ok(())
}
/// Execute a given SQL file.
pub fn execute_file<P: AsRef<Path> + fmt::Display>(&self, file: P) -> Result<()> {
let con = self.pool.get()?;
let sql = load_sql_file(file)?;
con.execute_batch(&sql).map_err(DBError::from)
}
/// Execute any SQL statement.
/// Mainly used for testing.
pub fn execute_sql<P: Params>(&self, sql: &str, params: P) -> Result<usize> {
let con = self.pool.get()?;
con.execute(sql, params).map_err(DBError::from)
}
// Return the token.
fn create_login_token(tx: &rusqlite::Transaction, user_id: i32, ip: &str, user_agent: &str) -> Result<String> {
let token = generate_token();
tx.execute("INSERT INTO [UserLoginToken] ([user_id], [last_login_datetime], [token], [ip], [user_agent]) VALUES (?1, ?2, ?3, ?4, ?5)", params![user_id, Utc::now(), token, ip, user_agent])?;
Ok(token)
}
}
fn load_sql_file<P: AsRef<Path> + fmt::Display>(sql_file: P) -> Result<String> {
let mut file = File::open(&sql_file).map_err(|err| DBError::Other(format!("Cannot open SQL file ({}): {}", &sql_file, err.to_string())))?;
let mut sql = String::new();
file.read_to_string(&mut sql).map_err(|err| DBError::Other(format!("Cannot read SQL file ({}) : {}", &sql_file, err.to_string())))?;
Ok(sql)
}
fn generate_token() -> String {
Alphanumeric.sample_string(&mut rand::thread_rng(), 24)
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn sign_up() -> Result<()> {
let connection = Connection::new_in_memory()?;
match connection.sign_up("paul@test.org", "12345")? {
SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_to_an_already_existing_user() -> Result<()> {
let connection = Connection::new_in_memory()?;
connection.execute_sql("
INSERT INTO [User] ([id], [email], [name], [password], [creation_datetime], [validation_token])
VALUES (
1,
'paul@test.org',
'paul',
'$argon2id$v=19$m=4096,t=3,p=1$1vtXcacYjUHZxMrN6b2Xng$wW8Z59MIoMcsIljnjHmxn3EBcc5ymEySZPUVXHlRxcY',
0,
NULL
);", [])?;
match connection.sign_up("paul@test.org", "12345")? {
SignUpResult::UserAlreadyExists => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_and_sign_in_without_validation() -> Result<()> {
let connection = Connection::new_in_memory()?;
let email = "paul@test.org";
let password = "12345";
match connection.sign_up(email, password)? {
SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
other => panic!("{:?}", other),
}
match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
SignInResult::AccountNotValidated => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_to_an_unvalidated_already_existing_user() -> Result<()> {
let connection = Connection::new_in_memory()?;
let token = generate_token();
connection.execute_sql("
INSERT INTO [User] ([id], [email], [name], [password], [creation_datetime], [validation_token])
VALUES (
1,
'paul@test.org',
'paul',
'$argon2id$v=19$m=4096,t=3,p=1$1vtXcacYjUHZxMrN6b2Xng$wW8Z59MIoMcsIljnjHmxn3EBcc5ymEySZPUVXHlRxcY',
0,
:token
);", named_params! { ":token": token })?;
match connection.sign_up("paul@test.org", "12345")? {
SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_then_send_validation_at_time() -> Result<()> {
let connection = Connection::new_in_memory()?;
let validation_token =
match connection.sign_up("paul@test.org", "12345")? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {
ValidationResult::Ok(_, _) => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_then_send_validation_too_late() -> Result<()> {
let connection = Connection::new_in_memory()?;
let validation_token =
match connection.sign_up_with_given_time("paul@test.org", "12345", Utc::now() - Duration::days(1))? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {
ValidationResult::ValidationExpired => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_then_send_validation_with_bad_token() -> Result<()> {
let connection = Connection::new_in_memory()?;
let _validation_token =
match connection.sign_up("paul@test.org", "12345")? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
let random_token = generate_token();
match connection.validation(&random_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {
ValidationResult::UnknownUser => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_then_send_validation_then_sign_in() -> Result<()> {
let connection = Connection::new_in_memory()?;
let email = "paul@test.org";
let password = "12345";
// Sign up.
let validation_token =
match connection.sign_up(email, password)? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
// Validation.
match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {
ValidationResult::Ok(_, _) => (),
other => panic!("{:?}", other),
};
// Sign in.
match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
SignInResult::Ok(_, _) => (), // Nominal case.
other => panic!("{:?}", other),
}
Ok(())
}
#[test]
fn sign_up_then_send_validation_then_authentication() -> Result<()> {
let connection = Connection::new_in_memory()?;
let email = "paul@test.org";
let password = "12345";
// Sign up.
let validation_token =
match connection.sign_up(email, password)? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
// Validation.
let (authentication_token, user_id) = match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla")? {
ValidationResult::Ok(token, user_id) => (token, user_id),
other => panic!("{:?}", other),
};
// Check user login information.
let user_login_info_1 = connection.get_user_login_info(&authentication_token)?;
assert_eq!(user_login_info_1.ip, "127.0.0.1");
assert_eq!(user_login_info_1.user_agent, "Mozilla");
// Authentication.
let _user_id =
match connection.authentication(&authentication_token, "192.168.1.1", "Chrome")? {
AuthenticationResult::Ok(user_id) => user_id, // Nominal case.
other => panic!("{:?}", other),
};
// Check user login information.
let user_login_info_2 = connection.get_user_login_info(&authentication_token)?;
assert_eq!(user_login_info_2.ip, "192.168.1.1");
assert_eq!(user_login_info_2.user_agent, "Chrome");
Ok(())
}
#[test]
fn sign_up_then_send_validation_then_sign_out_then_sign_in() -> Result<()> {
let connection = Connection::new_in_memory()?;
let email = "paul@test.org";
let password = "12345";
// Sign up.
let validation_token =
match connection.sign_up(email, password)? {
SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.
other => panic!("{:?}", other),
};
// Validation.
let (authentication_token_1, user_id_1) =
match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla")? {
ValidationResult::Ok(token, user_id) => (token, user_id),
other => panic!("{:?}", other),
};
// Check user login information.
let user_login_info_1 = connection.get_user_login_info(&authentication_token_1)?;
assert_eq!(user_login_info_1.ip, "127.0.0.1");
assert_eq!(user_login_info_1.user_agent, "Mozilla");
// Sign out.
connection.sign_out(&authentication_token_1)?;
// Sign in.
let (authentication_token_2, user_id_2) =
match connection.sign_in(email, password, "192.168.1.1", "Chrome")? {
SignInResult::Ok(token, user_id) => (token, user_id),
other => panic!("{:?}", other),
};
assert_eq!(user_id_1, user_id_2);
assert_ne!(authentication_token_1, authentication_token_2);
// Check user login information.
let user_login_info_2 = connection.get_user_login_info(&authentication_token_2)?;
assert_eq!(user_login_info_2.ip, "192.168.1.1");
assert_eq!(user_login_info_2.user_agent, "Chrome");
Ok(())
}
}