r0r-5chach
/
dermy-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

auth loop complete

This commit is contained in:
Joshua Perry 2024-06-07 22:29:49 +01:00
parent d7b4a45a9a
commit 08accea6af
4 changed files with 66 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Cargo.toml
View File

@ -15,7 +15,6 @@ candle-nn = "0.5.1"
chrono = "0.4.38"
http = "1.1.0"
mongodb = { version = "2.8.2", features = ["bson-chrono-0_4", "tokio-runtime"]}
rlg = "0.0.4"
serde = "1.0.203"
tokio = "1.38.0"
vrd = "0.0.7"

119
src/account.rs
View File

@ -2,41 +2,26 @@ pub mod db;
use axum::{
body::Body,
extract::Path,
Json,
response::Response,
Router,
routing::{get, post}
};
use axum_session_auth::AuthSession;
use axum_session_mongo::SessionMongoPool;
use chrono::Utc;
use crate::AppError;
use db::{get_users, User};
use http::StatusCode;
use mongodb::{
bson::{doc, oid::ObjectId, to_document},
Client
};
use rlg::macro_info_log;
use http::{header::HeaderMap, StatusCode};
use mongodb::bson::{doc, oid::ObjectId};
type AuthenticationSession = AuthSession<User, ObjectId, SessionMongoPool, Client>;
type ApiResult = Result<Response, AppError>;
pub fn router() -> Router {
Router::new()
.nest("/:user_id", user_router())
.route("/sign-up",
post(post_sign_up)
)
}
fn user_router() -> Router {
Router::new()
.route("/sign-in",
get(get_sign_in)
.post(post_sign_in)
)
.route("/sign-up",
post(post_sign_up))
.route("/sign-out",
post(post_sign_out))
.route("/backup",
@ -47,24 +32,19 @@ fn user_router() -> Router {
)
}
pub async fn get_sign_in(Path(user_id): Path<ObjectId>) -> ApiResult {
let id = format!("user_id: {}", user_id);
macro_info_log!(&Utc::now().to_string(), &id, "Salt request initiated");
pub async fn get_sign_in(Json(body): Json<User>) -> ApiResult {
let db = get_users().await?;
let query = doc! { "_id" : user_id};
let query = doc! {
"$expr": { "$eq": ["$username", body.username] }
};
match db.find_one(query, None).await? {
Some(user) => {
macro_info_log!(&Utc::now().to_string(), &id, "Salt request successful");
Some(user) => {
Ok(Response::builder()
.status(StatusCode::CREATED)
.body(Body::from(user.auth.salt.unwrap()))?)
.body(Body::from(user.auth.unwrap().salt.unwrap()))?)
},
None => {
macro_info_log!(&Utc::now().to_string(), &id, "Salt Request unsuccessful: username does not exist");
Ok(Response::builder()
.status(StatusCode::NOT_FOUND)
.body(Body::from("User does not exist"))?)
@ -72,27 +52,32 @@ pub async fn get_sign_in(Path(user_id): Path<ObjectId>) -> ApiResult {
}
}
pub async fn post_sign_in(Path(user_id): Path<ObjectId>, auth: AuthenticationSession, body: String) -> ApiResult {
let id = format!("user_id: {}", user_id);
macro_info_log!(&Utc::now().to_string(), &id, "Sign-in request initiated");
pub async fn post_sign_in(Json(body): Json<User>) -> ApiResult {
let db = get_users().await?;
let query = doc! { "_id": &user_id, "_auth._hash": body };
let api = ObjectId::new();
let query = doc! {
"$expr": {
"$and": [
{ "$eq": ["$username", body.username]},
{ "$eq": ["$_auth._hash", body.auth.unwrap_or_default().hash]}
]
}
};
let update = doc! {
"$set": {
"_auth._api": api
}
};
match db.find_one(query, None).await? {
match db.find_one(query.clone(), None).await? {
Some(_user) => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-in request successful");
auth.login_user(user_id);
auth.remember_user(true);
db.update_one(query, update, None).await?;
Ok(Response::builder()
.status(StatusCode::OK)
.body(Body::from(format!("{}", user_id)))?)
.body(Body::from(api.to_string()))?)
},
None => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-in request unsuccessful: incorrect credentials");
Ok(Response::builder()
.status(StatusCode::UNAUTHORIZED)
.body(Body::from("Username or password is incorrect"))?)
@ -101,24 +86,27 @@ pub async fn post_sign_in(Path(user_id): Path<ObjectId>, auth: AuthenticationSes
}
pub async fn post_sign_up(Json(body): Json<User>) -> ApiResult {
let id = "guest_user";
macro_info_log!(&Utc::now().to_string(), &id, "Sign-up request initiated");
let db = get_users().await?;
let query = to_document(&body)?;
let auth = body.clone().auth.unwrap_or_default();
let query = doc! {
"$expr": {
"$and": [
{ "$eq": ["$username", &body.username] },
{ "$eq": ["$_auth._hash", &auth.hash]},
{ "$eq": ["$_auth._salt", &auth.salt]}
]
}
};
match db.find_one(query.clone(), None).await? {
match db.find_one(query, None).await? {
Some(_user) => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-up request unsuccessful: username already exists");
Ok(Response::builder()
.status(StatusCode::NOT_ACCEPTABLE)
.body(Body::from("Username is already taken"))?)
},
None => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-up request successful");
db.insert_one(body, None).await?;
Ok(Response::builder()
.status(StatusCode::CREATED)
.body(Body::from("Account created successfully"))?)
@ -127,25 +115,30 @@ pub async fn post_sign_up(Json(body): Json<User>) -> ApiResult {
}
pub async fn post_sign_out(Path(user_id): Path<ObjectId>, auth: AuthenticationSession) -> ApiResult {
let id = format!("user_id: {}", user_id);
macro_info_log!(&Utc::now().to_string(), &id, "Sign-out request initiated");
pub async fn post_sign_out(headers: HeaderMap) -> ApiResult {
let db = get_users().await?;
let api = headers["api_key"].to_str()?;
match auth.is_authenticated() {
true => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-out request successful");
let query = doc! {
"$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(api)?] }
};
let update = doc! {
"$unset": {
"_auth._api": ObjectId::new()
}
};
auth.logout_user();
match db.find_one(query.clone(), None).await? {
Some(_user) => {
db.update_one(query, update, None).await?;
Ok(Response::builder()
.status(StatusCode::OK)
.body(Body::from("Sign out successful"))?)
},
false => {
macro_info_log!(&Utc::now().to_string(), &id, "Sign-out request unsuccessful: user was not logged in");
None => {
Ok(Response::builder()
.status(StatusCode::NOT_ACCEPTABLE)
.body(Body::from("No user is not logged in"))?)
.body(Body::from("User does not exist"))?)
},
}
}

32
src/account/db.rs
View File

@ -6,9 +6,8 @@ use mongodb::{
bson::{doc, oid::ObjectId, DateTime},
Client, Collection, Database,
};
pub async fn get_db_client() -> Result<Client> {
Ok(Client::with_uri_str("mongodb://localhost:27017").await?)
Ok(Client::with_uri_str("mongodb://root:example@localhost:27017").await?)
}
pub async fn get_database() -> Result<Database> {
@ -100,46 +99,21 @@ impl LogEntry {
pub struct User {
#[serde(rename = "_id", skip_serializing_if = "Option::is_none")]
pub id: Option<ObjectId>,
#[serde(rename="_auth")]
pub auth: Auth,
#[serde(rename="_auth", skip_serializing_if = "Option::is_none")]
pub auth: Option<Auth>,
pub username: String,
#[serde(skip_serializing)]
logged_in: bool,
}
impl User {
pub fn new(username: String) -> Self {
let id = None;
let auth = Default::default();
let logged_in = false;
Self {
id,
auth,
username,
logged_in,
}
}
}
#[async_trait]
impl Authentication<User, ObjectId, Client> for User {
async fn load_user(user_id: ObjectId, db: Option<&Client>) -> Result<User> {
Ok(db.unwrap()
.database("dermy")
.collection::<User>("users")
.find_one(doc! {"_id": user_id}, None).await?.unwrap())
}
fn is_authenticated(&self) -> bool {
self.logged_in
}
fn is_active(&self) -> bool {
self.logged_in
}
fn is_anonymous(&self) -> bool {
!self.logged_in
}
}
#[derive(Clone, Default, Serialize, Deserialize)]
pub struct Auth {
#[serde(rename = "_hash", skip_serializing_if = "Option::is_none")]

47
src/lib.rs
View File

@ -1,40 +1,21 @@
mod account;
mod model;
use account::db::{User, get_db_client};
use anyhow::Result;
use axum::response::{IntoResponse, Response};
use axum_session::{SessionConfig, SessionLayer, SessionStore};
use axum_session_auth::{AuthConfig, AuthSessionLayer};
use axum_session::{SessionConfig, SessionStore};
use axum_session_mongo::SessionMongoPool;
use chrono::Utc;
use http::StatusCode;
use mongodb::{bson::oid::ObjectId, Client};
use rlg::{config::Config, macro_info_log};
use mongodb::Client;
pub async fn run() -> Result<()> {
let id = "server";
init_logging();
macro_info_log!(&Utc::now().to_string(), id, "Server Initializing...");
let db = get_db_client().await?;
let session_store = session(db.clone()).await?;
let auth_config = AuthConfig::<ObjectId>::default();
macro_info_log!(&Utc::now().to_string(), id, "Routes Initializing...");
let app = router()
.layer(SessionLayer::new(session_store))
.layer(AuthSessionLayer::<User, ObjectId, SessionMongoPool, Client>
::new(Some(db)).with_config(auth_config)
);
macro_info_log!(&Utc::now().to_string(), id, "Routes Initialized");
let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
axum::serve(listener, app).await?;
macro_info_log!(&Utc::now().to_string(), id, "Server Initialized");
let app = router();
let listener = tokio::net::TcpListener::bind("127.0.0.1:3000").await.unwrap();
axum::serve(listener, app).await.unwrap();
Ok(())
}
@ -44,14 +25,6 @@ fn router() -> axum::Router {
//.nest("/predict", model::router())
}
async fn session(db: Client) -> Result<SessionStore<SessionMongoPool>> {
let session_config = SessionConfig::default()
.with_table_name("sessions");
Ok(SessionStore::<SessionMongoPool>
::new(Some(db.clone().into()), session_config).await?)
}
struct AppError(anyhow::Error);
impl IntoResponse for AppError {
@ -72,9 +45,3 @@ where
Self(err.into())
}
}
fn init_logging() {
std::env::set_var("LOG_FILE_PATH", "$HOME/.dermy/server.log");
let config = Config::load();
}