rmanach/simple-auth
1
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases 5 Wiki Activity

update is_auth trait + deserialize credentials with serde

Browse Source
This commit is contained in:
landrigun 2023-02-16 09:11:15 +00:00
parent 141a79c409
commit 3b6e208004
6 changed files with 47 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Cargo.lock generated
View File

@ -635,8 +635,8 @@ dependencies = [
[[package]]
name = "http"
version = "0.1.3"
source = "git+https://gitea.thegux.fr/rmanach/http#b8c0fbba0b62906823a79e34bb2eadc1fe419d90"
version = "0.1.4"
source = "git+https://gitea.thegux.fr/rmanach/http#7d4aabad2c6d2cc07359b64214ba6e61f42ed80f"
dependencies = [
"json",
"lazy_static",
@ -1239,6 +1239,7 @@ dependencies = [
"log",
"regex",
"serde",
"serde_json",
"simple_logger",
"tokio",
]

3
Cargo.toml
View File

@ -15,8 +15,9 @@ jwt-simple = "0.11.1"
simple_logger = "4.0.0"
log = "0.4.17"
base64 = "0.13.1"
serde_json = "1.0"
http = { git = "https://gitea.thegux.fr/rmanach/http", version = "0.1.3" }
http = { git = "https://gitea.thegux.fr/rmanach/http", version = "0.1.4" }
# useful for tests (embedded files should be delete in release ?)
#rust-embed="6.4.1"

6
src/jwt/jwt.rs
View File

@ -5,6 +5,8 @@ use serde::{Deserialize, Serialize};
use std::collections::HashSet;
use tokio::fs;
use crate::stores::Credentials;
#[derive(Serialize, Deserialize)]
struct JWTCustomClaims {
email: String,
@ -59,7 +61,7 @@ impl JWTSigner {
}
/// builds and signs the token
pub fn sign(&self, email: String) -> Result<String, String> {
pub fn sign(&self, credentials: Credentials) -> Result<String, String> {
let jwt_key = {
match RS384KeyPair::from_pem(&self.private_key) {
Ok(k) => k,
@ -69,7 +71,7 @@ impl JWTSigner {
}
};
let mut claims = Claims::with_custom_claims(
JWTCustomClaims { email },
JWTCustomClaims { email: credentials.get_email() },
Duration::from_hours(self.exp_time),
);
claims.issuer = Some(self.issuer.clone());

14
src/router/router.rs
View File

@ -7,7 +7,7 @@ use json::JsonValue;
use crate::config::Config;
use crate::jwt::JWTSigner;
use crate::stores::{FileStore, Store};
use crate::stores::{Credentials, FileStore, Store};
// TODO: must be mapped with corresponding handler
const GET_ROUTE: &'static str = "/get/";
@ -23,8 +23,14 @@ async fn handle_get(request: HTTPRequest<'_>, config: Config, method: &str) -> H
match request.get_body() {
Some(d) => {
let credentials = store.is_auth(d).await;
if credentials.is_none() {
let credentials = Credentials::from(d);
if credentials.is_empty() {
log::error!("unable to parse the credentials correctly from the incoming request");
return HTTPResponse::as_400();
}
if !store.is_auth(&credentials).await {
return HTTPResponse::as_403();
}
@ -38,7 +44,7 @@ async fn handle_get(request: HTTPRequest<'_>, config: Config, method: &str) -> H
}
};
match jwt_signer.sign(credentials.unwrap().email) {
match jwt_signer.sign(credentials) {
Ok(t) => send_token(&t),
Err(e) => {
let message = JSONMessage::error(&e);

27
src/stores/file.rs
View File

@ -1,5 +1,4 @@
use async_trait::async_trait;
use json::JsonValue;
use std::path::Path;
use super::store::{Credentials, Store};
@ -47,41 +46,31 @@ impl FileStore {
self.credentials = credentials;
}
/// checks if the credentials exist in the `FileStore`
fn auth(&self, email: String, password: String) -> Option<Credentials> {
/// auth checks if the credentials exist in the `FileStore`
fn auth(&self, email: String, password: String) -> bool {
let credentials: Vec<&Credentials> = self
.credentials
.iter()
.filter(|x| x.email == email && x.password == password)
.filter(|x| *x.get_email() == email && *x.get_password() == password)
.collect();
if credentials.len() == 1 {
// no need to store the password again
return Some(Credentials::new(
credentials[0].email.clone(),
"".to_string(),
));
return true;
}
None
false
}
}
#[async_trait]
impl Store for FileStore {
async fn is_auth(&mut self, data: &JsonValue) -> Option<Credentials> {
async fn is_auth(&mut self, credentials: &Credentials) -> bool {
// ensure that the store file already exists even after its instanciation
if !Path::new(&self.path).is_file() {
log::error!("{} path referencing file store does not exist", self.path);
return None;
}
let credentials = Credentials::from(data);
if credentials.is_empty() {
log::error!("unable to parse the credentials correctly from the incoming request");
return None;
return false;
}
self.parse_contents().await;
self.auth(credentials.email, credentials.password)
self.auth(credentials.get_email(), credentials.get_password())
}
}

33
src/stores/store.rs
View File

@ -1,17 +1,16 @@
use async_trait::async_trait;
use json::JsonValue;
use http::extract_json_value;
use serde::Deserialize;
#[async_trait]
pub trait Store {
async fn is_auth(&mut self, data: &JsonValue) -> Option<Credentials>;
async fn is_auth(&mut self, data: &Credentials) -> bool;
}
#[derive(Default, Debug)]
#[derive(Default, Debug, Deserialize)]
pub struct Credentials {
pub email: String,
pub password: String,
email: String,
password: String,
}
impl Credentials {
@ -19,22 +18,30 @@ impl Credentials {
Credentials { email, password }
}
pub fn get_email(&self) -> String {
self.email.clone()
}
pub fn get_password(&self) -> String {
self.password.clone()
}
pub fn is_empty(&self) -> bool {
self.email == "" || self.password == ""
}
}
// TODO: could be less restrictive with `From<&str>`
impl From<&JsonValue> for Credentials {
fn from(data: &JsonValue) -> Self {
let mut credentials = Credentials::default();
match data {
JsonValue::Object(ref d) => {
credentials.email = extract_json_value(&d, "email").unwrap_or("".to_string());
credentials.password = extract_json_value(&d, "password").unwrap_or("".to_string());
let res = serde_json::from_str(&data.dump());
match res {
Ok(c) => c,
Err(e) => {
log::warn!("unable to deserialize credentials: {}", e);
return Credentials::default();
}
_ => return credentials,
}
credentials
}
}