StNicolay/pass_manager
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Switched from sea-orm to sqlx

Browse Source
This commit is contained in:
StNicolay 2023-11-25 19:29:06 +03:00
parent e4e33f52b1
commit 9f967e82d5
Signed by: StNicolay
GPG Key ID: 9693D04DCD962B0D
40 changed files with 434 additions and 1110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.sqlx/query-06b0592a51c20f754e0c4d9ac2e6c266b47fb9ca86ff37657fe17538b3fb21c6.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "INSERT INTO account VALUES (?, ?, ?, ?, ?)",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "06b0592a51c20f754e0c4d9ac2e6c266b47fb9ca86ff37657fe17538b3fb21c6"
}

12
.sqlx/query-1fc824ca1ca447a990c3e68ee4f2a15b8e5bc260641057d914bb7ff871b51aa3.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "INSERT INTO master_pass VALUES (?, ?, ?)",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "1fc824ca1ca447a990c3e68ee4f2a15b8e5bc260641057d914bb7ff871b51aa3"
}

12
.sqlx/query-20f824c521c2261a9e6c85a8972d83ccdffc2fa110ad152356d6392eb7d84326.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "UPDATE account SET enc_password = ? WHERE user_id = ? AND name = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "20f824c521c2261a9e6c85a8972d83ccdffc2fa110ad152356d6392eb7d84326"
}

12
.sqlx/query-5d0690b7fff7d8b3d8d76631360a2b749d401d5722c1a08186da379cdea35cb9.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "UPDATE account SET enc_login = ? WHERE user_id = ? AND name = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "5d0690b7fff7d8b3d8d76631360a2b749d401d5722c1a08186da379cdea35cb9"
}

12
.sqlx/query-65cf7d5bfa7f322b3294755fcf3678807d31104ef8431f1842cfa05494af1bfd.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "DELETE FROM account WHERE user_id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "65cf7d5bfa7f322b3294755fcf3678807d31104ef8431f1842cfa05494af1bfd"
}

12
.sqlx/query-d24ba49dfa1ba9dc0c3534fe543c8feb3557f8e2bfee2fac0dc37ede2562acfd.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "DELETE FROM account WHERE user_id = ? AND name = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "d24ba49dfa1ba9dc0c3534fe543c8feb3557f8e2bfee2fac0dc37ede2562acfd"
}

12
.sqlx/query-d2b33865cf969bb28341212d7dcac28a2f5832b90cfd7ed6a061e4fe203205a7.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "DELETE FROM master_pass WHERE user_id = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "d2b33865cf969bb28341212d7dcac28a2f5832b90cfd7ed6a061e4fe203205a7"
}

12
.sqlx/query-f9f6cbb6958f2d35d4ba57e9db9b9d7fc9d67c8bbf9d60fd7e55bebd7188cd84.json Normal file
View File

@ -0,0 +1,12 @@
{
"db_name": "MySQL",
"query": "UPDATE account SET name = ? WHERE user_id = ? AND name = ?",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "f9f6cbb6958f2d35d4ba57e9db9b9d7fc9d67c8bbf9d60fd7e55bebd7188cd84"
}

837
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

8
Cargo.toml
View File

@ -9,7 +9,7 @@ edition = "2021"
strip = true
[workspace]
members = [".", "migration", "entity", "cryptography"]
members = [".", "entity", "cryptography"]
[workspace.lints.clippy]
pedantic = "warn"
@ -31,16 +31,12 @@ futures = "0.3"
hex = "0.4"
itertools = "0.12"
log = "0.4"
migration = { version = "0.2", path = "migration" }
parking_lot = "0.12"
pretty_env_logger = "0.5"
sea-orm = { version = "0.12", features = [
"sqlx-mysql",
"runtime-tokio-rustls",
] }
serde = "1"
serde_json = "1"
sha2 = "0.10"
sqlx = { version = "0.7", features = ["mysql", "runtime-tokio-rustls", "macros", "migrate"], default-features = false }
teloxide = { version = "0.12", features = [
"macros",
"ctrlc_handler",

5
build.rs Normal file
View File

@ -0,0 +1,5 @@
// generated by `sqlx migrate build-script`
fn main() {
// trigger recompilation when a new migration is added
println!("cargo:rerun-if-changed=migrations");
}

1
cryptography/Cargo.toml
View File

@ -19,7 +19,6 @@ rand = { version = "0.8", default-features = false, features = [
"std_rng",
"std",
] }
sea-orm = "0.12"
bitflags = "2"
arrayvec = "0.7"
subtle = "2"

27
cryptography/src/account.rs
View File

@ -1,8 +1,7 @@
use chacha20poly1305::{AeadCore, AeadInPlace, ChaCha20Poly1305, KeyInit};
use entity::account::{self, ActiveModel};
use entity::account::Account;
use pbkdf2::pbkdf2_hmac_array;
use rand::{rngs::OsRng, RngCore};
use sea_orm::ActiveValue::Set;
use sha2::Sha256;
pub struct Cipher {
@ -62,7 +61,7 @@ impl Decrypted {
///
/// Returns an error if the tag doesn't match the ciphertext or if the decrypted data isn't valid UTF-8
#[inline]
pub fn from_account(mut account: account::Model, master_pass: &str) -> crate::Result<Self> {
pub fn from_account(mut account: Account, master_pass: &str) -> crate::Result<Self> {
let cipher = Cipher::new(master_pass.as_bytes(), &account.salt);
cipher.decrypt(&mut account.enc_login)?;
cipher.decrypt(&mut account.enc_password)?;
@ -77,22 +76,22 @@ impl Decrypted {
/// Constructs `ActiveModel` with eath field Set by encrypting `self`
#[inline]
#[must_use]
pub fn into_account(self, user_id: u64, master_pass: &str) -> account::ActiveModel {
let mut login = self.login.into_bytes();
let mut password = self.password.into_bytes();
pub fn into_account(self, user_id: u64, master_pass: &str) -> Account {
let mut enc_login = self.login.into_bytes();
let mut enc_password = self.password.into_bytes();
let mut salt = vec![0; 64];
OsRng.fill_bytes(&mut salt);
let cipher = Cipher::new(master_pass.as_bytes(), &salt);
cipher.encrypt(&mut login);
cipher.encrypt(&mut password);
cipher.encrypt(&mut enc_login);
cipher.encrypt(&mut enc_password);
ActiveModel {
user_id: Set(user_id),
name: Set(self.name),
salt: Set(salt),
enc_login: Set(login),
enc_password: Set(password),
Account {
user_id,
name: self.name,
salt,
enc_login,
enc_password,
}
}

10
cryptography/src/hashing.rs
View File

@ -1,4 +1,4 @@
use entity::master_pass;
use entity::master_pass::MasterPass;
use once_cell::sync::Lazy;
use rand::{rngs::OsRng, RngCore};
use scrypt::{scrypt, Params};
@ -55,9 +55,9 @@ where
}
}
impl<'a> From<&'a master_pass::Model> for HashedBytes<&'a [u8], &'a [u8]> {
impl<'a> From<&'a MasterPass> for HashedBytes<&'a [u8], &'a [u8]> {
#[inline]
fn from(value: &'a master_pass::Model) -> Self {
fn from(value: &'a MasterPass) -> Self {
HashedBytes {
hash: &value.password_hash,
salt: &value.salt,
@ -65,8 +65,8 @@ impl<'a> From<&'a master_pass::Model> for HashedBytes<&'a [u8], &'a [u8]> {
}
}
impl From<master_pass::Model> for HashedBytes<Vec<u8>, Vec<u8>> {
fn from(value: master_pass::Model) -> Self {
impl From<MasterPass> for HashedBytes<Vec<u8>, Vec<u8>> {
fn from(value: MasterPass) -> Self {
Self {
hash: value.password_hash,
salt: value.salt,

11
cryptography/src/master_pass.rs
View File

@ -1,20 +1,19 @@
use super::hashing::HashedBytes;
use entity::master_pass;
use sea_orm::ActiveValue::Set;
pub trait FromUnencryptedExt {
fn from_unencrypted(user_id: u64, password: &str) -> master_pass::ActiveModel;
fn from_unencrypted(user_id: u64, password: &str) -> master_pass::MasterPass;
}
impl FromUnencryptedExt for master_pass::ActiveModel {
impl FromUnencryptedExt for master_pass::MasterPass {
/// Hashes the password and creates an `ActiveModel` with all fields set to Set variant
#[inline]
fn from_unencrypted(user_id: u64, password: &str) -> Self {
let hash = HashedBytes::new(password.as_bytes());
Self {
user_id: Set(user_id),
password_hash: Set(hash.hash.to_vec()),
salt: Set(hash.salt.to_vec()),
user_id,
password_hash: hash.hash.to_vec(),
salt: hash.salt.to_vec(),
}
}
}

2
entity/Cargo.toml
View File

@ -10,4 +10,4 @@ workspace = true
[dependencies]
futures = "0.3"
sea-orm = "0.12"
sqlx = "0.7.2"

221
entity/src/account.rs
View File

@ -1,90 +1,96 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.11.3
use super::Pool;
use futures::{Stream, TryStreamExt};
use sqlx::{query, query_as, Executor, FromRow, MySql};
use futures::Stream;
use sea_orm::{entity::prelude::*, ActiveValue::Set, QueryOrder, QuerySelect, Statement};
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq)]
#[sea_orm(table_name = "account")]
pub struct Model {
#[sea_orm(primary_key, auto_increment = false)]
#[derive(Clone, Debug, PartialEq, Eq, FromRow, Default)]
pub struct Account {
pub user_id: u64,
#[sea_orm(primary_key, auto_increment = false)]
pub name: String,
#[sea_orm(column_type = "Binary(BlobSize::Blob(Some(64)))")]
pub salt: Vec<u8>,
#[sea_orm(column_type = "VarBinary(256)")]
pub enc_login: Vec<u8>,
#[sea_orm(column_type = "VarBinary(256)")]
pub enc_password: Vec<u8>,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {}
impl Account {
// Inserts the account into DB
#[inline]
pub async fn insert(&self, pool: &Pool) -> crate::Result<()> {
query!(
"INSERT INTO account VALUES (?, ?, ?, ?, ?)",
self.user_id,
self.name,
self.salt,
self.enc_login,
self.enc_password
)
.execute(pool)
.await
.map(|_| ())
}
impl ActiveModelBehavior for ActiveModel {}
impl Entity {
/// Gets all user's account from DB
#[inline]
pub async fn get_all(
user_id: u64,
db: &DatabaseConnection,
) -> crate::Result<impl Stream<Item = crate::Result<Model>> + '_> {
Self::find()
.filter(Column::UserId.eq(user_id))
.stream(db)
.await
pub fn get_all(user_id: u64, pool: &Pool) -> impl Stream<Item = crate::Result<Self>> + '_ {
query_as("SELECT * FROM account WHERE user_id = ?")
.bind(user_id)
.fetch(pool)
}
/// Streams the names of the user accounts
#[inline]
pub async fn get_names(
user_id: u64,
db: &DatabaseConnection,
) -> crate::Result<impl Stream<Item = crate::Result<String>> + '_> {
Self::find()
.select_only()
.column(Column::Name)
.filter(Column::UserId.eq(user_id))
.order_by_asc(Column::Name)
.into_tuple()
.stream(db)
.await
pub fn get_names(user_id: u64, pool: &Pool) -> impl Stream<Item = crate::Result<String>> + '_ {
query_as::<_, (String,)>("SELECT name FROM account WHERE user_id = ?")
.bind(user_id)
.fetch(pool)
.map_ok(|(name,)| name)
}
/// Checks if the account exists
#[inline]
pub async fn exists(
user_id: u64,
account_name: impl Into<String> + Send,
db: &DatabaseConnection,
) -> crate::Result<bool> {
let count = Self::find_by_id((user_id, account_name.into()))
.count(db)
.await?;
Ok(count != 0)
pub async fn exists(user_id: u64, account_name: &str, pool: &Pool) -> crate::Result<bool> {
query_as::<_, (bool,)>(
"SELECT EXISTS(SELECT * FROM account WHERE user_id = ? AND name = ? LIMIT 1) as value",
)
.bind(user_id)
.bind(account_name)
.fetch_one(pool)
.await
.map(|(exists,)| exists)
}
/// Gets the account from the DB
#[inline]
pub async fn get(
user_id: u64,
account_name: impl Into<String> + Send,
db: &DatabaseConnection,
) -> crate::Result<Option<Model>> {
Self::find_by_id((user_id, account_name.into()))
.one(db)
pub async fn get(user_id: u64, account_name: &str, pool: &Pool) -> crate::Result<Option<Self>> {
query_as("SELECT * FROM account WHERE user_id = ? AND name = ?")
.bind(user_id)
.bind(account_name)
.fetch_optional(pool)
.await
}
// Deletes the account from DB
#[inline]
pub async fn delete(user_id: u64, name: &str, pool: &Pool) -> crate::Result<()> {
query!(
"DELETE FROM account WHERE user_id = ? AND name = ?",
user_id,
name
)
.execute(pool)
.await
.map(|_| ())
}
/// Deletes all the user's accounts from DB
#[inline]
pub async fn delete_all(user_id: u64, db: &impl ConnectionTrait) -> crate::Result<()> {
Self::delete_many()
.filter(Column::UserId.eq(user_id))
.exec(db)
.await?;
Ok(())
pub async fn delete_all(
user_id: u64,
pool: impl Executor<'_, Database = MySql>,
) -> crate::Result<()> {
query!("DELETE FROM account WHERE user_id = ?", user_id)
.execute(pool)
.await
.map(|_| ())
}
/// Gets a name by a hex of a SHA256 hash of the name
@ -92,49 +98,82 @@ impl Entity {
pub async fn get_name_by_hash(
user_id: u64,
hash: String,
db: &DatabaseConnection,
pool: &Pool,
) -> crate::Result<Option<String>> {
db.query_one(Statement::from_sql_and_values(
sea_orm::DatabaseBackend::MySql,
let name = query_as::<_, (String,)>(
"SELECT `name` FROM `account` WHERE SHA2(`name`, 256) = ? AND `user_id` = ?;",
[hash.into(), user_id.into()],
))
.await?
.map(|result| result.try_get_by_index(0))
.transpose()
)
.bind(hash)
.bind(user_id)
.fetch_optional(pool)
.await?;
Ok(name.map(|(name,)| name))
}
#[inline]
pub async fn get_salt(
user_id: u64,
name: String,
db: &DatabaseConnection,
) -> crate::Result<Option<Vec<u8>>> {
Self::find_by_id((user_id, name))
.select_only()
.column(Column::Salt)
.into_tuple()
.one(db)
.await
pub async fn get_salt(user_id: u64, name: &str, pool: &Pool) -> crate::Result<Option<Vec<u8>>> {
let salt =
query_as::<_, (Vec<u8>,)>("SELECT salt FROM account WHERE user_id = ? AND name = ?")
.bind(user_id)
.bind(name)
.fetch_optional(pool)
.await?;
Ok(salt.map(|(salt,)| salt))
}
#[inline]
pub async fn update_name(
user_id: u64,
original_name: String,
new_name: String,
db: &DatabaseConnection,
original_name: &str,
new_name: &str,
pool: &Pool,
) -> crate::Result<()> {
Self::update_many()
.set(ActiveModel {
name: Set(new_name),
..Default::default()
})
.filter(Column::UserId.eq(user_id))
.filter(Column::Name.eq(original_name))
.exec(db)
.await?;
query!(
"UPDATE account SET name = ? WHERE user_id = ? AND name = ?",
new_name,
user_id,
original_name
)
.execute(pool)
.await
.map(|_| ())
}
Ok(())
#[inline]
pub async fn update_login(
user_id: u64,
name: &str,
login: Vec<u8>,
pool: &Pool,
) -> crate::Result<()> {
query!(
"UPDATE account SET enc_login = ? WHERE user_id = ? AND name = ?",
login,
user_id,
name
)
.execute(pool)
.await
.map(|_| ())
}
#[inline]
pub async fn update_password(
user_id: u64,
name: &str,
password: Vec<u8>,
pool: &Pool,
) -> crate::Result<()> {
query!(
"UPDATE account SET enc_password = ? WHERE user_id = ? AND name = ?",
password,
user_id,
name
)
.execute(pool)
.await
.map(|_| ())
}
}

4
entity/src/lib.rs
View File

@ -5,6 +5,6 @@ pub mod account;
pub mod master_pass;
pub mod prelude;
use sea_orm::DbErr;
pub use sqlx::Result;
type Result<T> = std::result::Result<T, DbErr>;
pub type Pool = sqlx::mysql::MySqlPool;

61
entity/src/master_pass.rs
View File

@ -1,40 +1,57 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.11.3
use super::Pool;
use sqlx::{prelude::FromRow, query, query_as, Executor, MySql};
use sea_orm::entity::prelude::*;
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq)]
#[sea_orm(table_name = "master_pass")]
pub struct Model {
#[sea_orm(primary_key, auto_increment = false)]
#[derive(Clone, Debug, PartialEq, FromRow, Eq)]
pub struct MasterPass {
pub user_id: u64,
#[sea_orm(column_type = "Binary(BlobSize::Blob(Some(64)))")]
pub salt: Vec<u8>,
#[sea_orm(column_type = "Binary(BlobSize::Blob(Some(64)))")]
pub password_hash: Vec<u8>,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
pub enum Relation {}
impl MasterPass {
// Inserts the master password into DB
#[inline]
pub async fn insert(&self, pool: &Pool) -> crate::Result<()> {
query!(
"INSERT INTO master_pass VALUES (?, ?, ?)",
self.user_id,
self.salt,
self.password_hash
)
.execute(pool)
.await
.map(|_| ())
}
impl ActiveModelBehavior for ActiveModel {}
impl Entity {
/// Gets the master password from the database
#[inline]
pub async fn get(user_id: u64, db: &DatabaseConnection) -> crate::Result<Option<Model>> {
Self::find_by_id(user_id).one(db).await
pub async fn get(user_id: u64, pool: &Pool) -> crate::Result<Option<Self>> {
query_as("SELECT * FROM master_pass WHERE user_id = ?")
.bind(user_id)
.fetch_optional(pool)
.await
}
/// Checks if the master password for the user exists
#[inline]
pub async fn exists(user_id: u64, db: &DatabaseConnection) -> Result<bool, DbErr> {
let count = Self::find_by_id(user_id).count(db).await?;
Ok(count != 0)
pub async fn exists(user_id: u64, pool: &Pool) -> crate::Result<bool> {
query_as::<_, (bool,)>(
"SELECT EXISTS(SELECT * FROM master_pass WHERE user_id = ? LIMIT 1) as value",
)
.bind(user_id)
.fetch_one(pool)
.await
.map(|(exists,)| exists)
}
/// Removes a master password of the user from the database
pub async fn remove(user_id: u64, db: &impl ConnectionTrait) -> Result<(), DbErr> {
Self::delete_by_id(user_id).exec(db).await?;
Ok(())
pub async fn remove(
user_id: u64,
pool: impl Executor<'_, Database = MySql>,
) -> crate::Result<()> {
query!("DELETE FROM master_pass WHERE user_id = ?", user_id)
.execute(pool)
.await
.map(|_| ())
}
}

6
entity/src/prelude.rs
View File

@ -1,4 +1,2 @@
//! `SeaORM` Entity. Generated by sea-orm-codegen 0.11.3
pub use crate::account::{self, Entity as Account};
pub use crate::master_pass::{self, Entity as MasterPass};
pub use crate::account::Account;
pub use crate::master_pass::MasterPass;

12
migration/Cargo.toml
View File

@ -1,12 +0,0 @@
[package]
name = "migration"
version = "0.2.0"
edition = "2021"
[lints]
workspace = true
[dependencies.sea-orm-migration]
version = "0.12"
features = ["runtime-tokio-rustls", "sqlx-mysql"]
default-features = false

16
migration/src/lib.rs
View File

@ -1,16 +0,0 @@
pub use sea_orm_migration::prelude::*;
mod m20220101_000001_create_table;
mod m20230427_142510_change_password_hash_size;
pub struct Migrator;
#[async_trait::async_trait]
impl MigratorTrait for Migrator {
fn migrations() -> Vec<Box<dyn MigrationTrait>> {
vec![
Box::new(m20220101_000001_create_table::Migration),
Box::new(m20230427_142510_change_password_hash_size::Migration),
]
}
}

80
migration/src/m20220101_000001_create_table.rs
View File

@ -1,80 +0,0 @@
use sea_orm_migration::prelude::*;
#[derive(Iden)]
enum MasterPass {
Table,
#[iden = "user_id"]
UserId,
Salt,
#[iden = "password_hash"]
PasswordHash,
}
#[derive(Iden)]
enum Account {
Table,
#[iden = "user_id"]
UserId,
Name,
Salt,
#[iden = "enc_login"]
EncLogin,
#[iden = "enc_password"]
EncPassword,
}
#[derive(DeriveMigrationName)]
pub struct Migration;
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.create_table(
Table::create()
.table(MasterPass::Table)
.if_not_exists()
.col(
ColumnDef::new(MasterPass::UserId)
.big_unsigned()
.primary_key()
.not_null(),
)
.col(ColumnDef::new(MasterPass::Salt).binary_len(64).not_null())
.col(
ColumnDef::new(MasterPass::PasswordHash)
.binary_len(128)
.not_null(),
)
.to_owned(),
)
.await?;
manager
.create_table(
Table::create()
.table(Account::Table)
.if_not_exists()
.col(ColumnDef::new(Account::UserId).big_unsigned().not_null())
.col(ColumnDef::new(Account::Name).string_len(256).not_null())
.col(ColumnDef::new(Account::Salt).binary_len(64).not_null())
.col(ColumnDef::new(Account::EncLogin).var_binary(256).not_null())
.col(
ColumnDef::new(Account::EncPassword)
.var_binary(256)
.not_null(),
)
.primary_key(Index::create().col(Account::UserId).col(Account::Name))
.to_owned(),
)
.await
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.drop_table(sea_query::Table::drop().table(MasterPass::Table).to_owned())
.await?;
manager
.drop_table(sea_query::Table::drop().table(Account::Table).to_owned())
.await
}
}

44
migration/src/m20230427_142510_change_password_hash_size.rs
View File

@ -1,44 +0,0 @@
use sea_orm_migration::prelude::*;
#[derive(DeriveMigrationName)]
pub struct Migration;
#[derive(Iden)]
enum MasterPass {
Table,
#[iden = "password_hash"]
PasswordHash,
}
#[async_trait::async_trait]
impl MigrationTrait for Migration {
async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
sea_query::Table::alter()
.table(MasterPass::Table)
.modify_column(
ColumnDef::new(MasterPass::PasswordHash)
.binary_len(64)
.not_null(),
)
.to_owned(),
)
.await
}
async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
manager
.alter_table(
sea_query::Table::alter()
.table(MasterPass::Table)
.modify_column(
ColumnDef::new(MasterPass::PasswordHash)
.binary_len(128)
.not_null(),
)
.to_owned(),
)
.await
}
}

3
migrations/0001_init.down.sql Normal file
View File

@ -0,0 +1,3 @@
DROP TABLE account;
DROP TABLE master_pass;

16
migrations/0001_init.up.sql Normal file
View File

@ -0,0 +1,16 @@
CREATE TABLE
master_pass (
user_id BIGINT UNSIGNED NOT NULL PRIMARY KEY,
salt BINARY(64) NOT NULL,
password_hash BINARY(64) NOT NULL
);
CREATE TABLE
account (
user_id BIGINT UNSIGNED NOT NULL,
name VARCHAR(255) NOT NULL,
salt BINARY(64) NOT NULL,
enc_login VARBINARY(256) NOT NULL,
enc_password VARBINARY(256) NOT NULL,
PRIMARY KEY (user_id, name)
);

18
src/callbacks/alter.rs
View File

@ -1,9 +1,7 @@
use super::AlterableField::{self, Login, Name, Pass};
use crate::{change_state, prelude::*};
use account::ActiveModel;
use cryptography::account::Cipher;
use futures::TryFutureExt;
use sea_orm::ActiveValue::Set;
use tokio::{task::spawn_blocking, try_join};
#[inline]
@ -16,12 +14,12 @@ async fn update_account(
master_pass: String,
) -> crate::Result<()> {
if field == Name {
Account::update_name(user_id, name, field_value, db).await?;
Account::update_name(user_id, &name, &field_value, db).await?;
return Ok(());
}
let salt = Account::get_salt(user_id, name.clone(), db).await?.unwrap();
let salt = Account::get_salt(user_id, &name, db).await?.unwrap();
let field_value = spawn_blocking(move || {
let cipher = Cipher::new(master_pass.as_bytes(), &salt);
@ -31,20 +29,12 @@ async fn update_account(
})
.await?;
let mut model = ActiveModel {
user_id: Set(user_id),
name: Set(name),
..Default::default()
};
match field {
Login => model.enc_login = Set(field_value),
Pass => model.enc_password = Set(field_value),
Login => Account::update_login(user_id, &name, field_value, db).await?,
Pass => Account::update_password(user_id, &name, field_value, db).await?,
Name => unreachable!(),
}
model.update(db).await?;
Ok(())
}

2
src/callbacks/delete.rs
View File

@ -16,7 +16,7 @@ async fn get_master_pass(
dialogue.exit().await?;
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
Account::delete_by_id((user_id, name)).exec(&db).await?;
Account::delete(user_id, &name, &db).await?;
ids.alter_message(
&bot,

5
src/commands/delete.rs
View File

@ -5,10 +5,7 @@ use tokio::task::spawn_blocking;
pub async fn delete(bot: Throttle<Bot>, msg: Message, db: DatabaseConnection) -> crate::Result<()> {
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
let names: Vec<String> = Account::get_names(user_id, &db)
.await?
.try_collect()
.await?;
let names: Vec<String> = Account::get_names(user_id, &db).try_collect().await?;
if names.is_empty() {
bot.send_message(msg.chat.id, "You don't have any accounts")

14
src/commands/delete_all.rs
View File

@ -1,7 +1,5 @@
use crate::prelude::*;
use log::error;
use sea_orm::TransactionTrait;
use tokio::try_join;
/// Gets the master password, deletes the accounts and the master password from DB.
/// Although it doesn't use the master password, we get it to be sure that it's the user who used that command
@ -16,17 +14,17 @@ async fn get_master_pass(
) -> crate::Result<()> {
dialogue.exit().await?;
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
let txn = db.begin().await?;
let result = try_join!(
Account::delete_all(user_id, &txn),
MasterPass::remove(user_id, &txn),
let mut txn = db.begin().await?;
let result = (
Account::delete_all(user_id, &mut *txn).await,
MasterPass::remove(user_id, &mut *txn).await,
);
let text = match result {
Ok(_) => {
(Ok(()), Ok(())) => {
txn.commit().await?;
"Everything was deleted"
}
Err(err) => {
(Err(err), _) | (_, Err(err)) => {
error!("{}", crate::Error::from(err));
txn.rollback().await?;
"Something went wrong. Try again later"

3
src/commands/export.rs
View File

@ -7,7 +7,7 @@ use tokio::task::spawn_blocking;
/// Decryptes the account on a worker thread and adds it to the accounts vector
#[inline]
async fn decrypt_account(
account: account::Model,
account: Account,
master_pass: Arc<str>,
accounts: &Mutex<&mut Vec<DecryptedAccount>>,
) -> crate::Result<()> {
@ -38,7 +38,6 @@ async fn get_master_pass(
let master_pass: Arc<str> = master_pass.into();
Account::get_all(user_id, &db)
.await?
.err_into::<crate::Error>()
.try_for_each_concurrent(3, |account| {
decrypt_account(account, master_pass.clone(), &accounts)

5
src/commands/get_account.rs
View File

@ -9,10 +9,7 @@ pub async fn get_account(
) -> crate::Result<()> {
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
let names: Vec<String> = Account::get_names(user_id, &db)
.await?
.try_collect()
.await?;
let names: Vec<String> = Account::get_names(user_id, &db).try_collect().await?;
if names.is_empty() {
bot.send_message(msg.chat.id, "You don't have any accounts")

2
src/commands/get_accounts.rs
View File

@ -11,7 +11,7 @@ pub async fn get_accounts(
db: DatabaseConnection,
) -> crate::Result<()> {
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
let mut account_names = Account::get_names(user_id, &db).await?;
let mut account_names = Account::get_names(user_id, &db);
let mut text = if let Some(name) = account_names.try_next().await? {
format!("Accounts:\n`{name}`")

2
src/commands/import.rs
View File

@ -18,7 +18,7 @@ async fn encrypt_account(
let name = account.name.clone();
match spawn_blocking(move || account.into_account(user_id, &master_pass)).await {
Ok(account) => match account.insert(db).await {
Ok(_) => (),
Ok(()) => (),
Err(_) => failed.lock().push(name),
},
_ => failed.lock().push(name),

5
src/commands/menu.rs
View File

@ -5,10 +5,7 @@ use tokio::task::spawn_blocking;
pub async fn menu(bot: Throttle<Bot>, msg: Message, db: DatabaseConnection) -> crate::Result<()> {
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
let names: Vec<String> = Account::get_names(user_id, &db)
.await?
.try_collect()
.await?;
let names: Vec<String> = Account::get_names(user_id, &db).try_collect().await?;
if names.is_empty() {
bot.send_message(msg.chat.id, "You don't have any accounts")

9
src/commands/set_master_pass.rs
View File

@ -1,6 +1,5 @@
use crate::{change_state, prelude::*};
use cryptography::hashing::HashedBytes;
use sea_orm::ActiveValue::Set;
use tokio::task::spawn_blocking;
#[inline]
@ -14,7 +13,7 @@ async fn get_master_pass2(
master_pass: String,
) -> crate::Result<()> {
dialogue.exit().await?;
let user_id = Set(msg.from().ok_or(NoUserInfo)?.id.0);
let user_id = msg.from().ok_or(NoUserInfo)?.id.0;
if !hash.verify(master_pass.as_bytes()) {
ids.alter_message(
@ -28,10 +27,10 @@ async fn get_master_pass2(
return Ok(());
}
let model = master_pass::ActiveModel {
let model = MasterPass {
user_id,
password_hash: Set(hash.hash.to_vec()),
salt: Set(hash.salt.to_vec()),
password_hash: hash.hash.to_vec(),
salt: hash.salt.to_vec(),
};
model.insert(&db).await?;

13
src/main.rs
View File

@ -1,6 +1,3 @@
// #![warn(clippy::pedantic, clippy::all, clippy::nursery)]
// #![allow(clippy::single_match_else)]
mod callbacks;
mod commands;
mod default;
@ -16,9 +13,7 @@ mod utils;
use anyhow::{Error, Result};
use dotenvy::dotenv;
use migration::{Migrator, MigratorTrait};
use prelude::*;
use sea_orm::Database;
use std::env;
use teloxide::{adaptors::throttle::Limits, dispatching::dialogue::InMemStorage, filter_command};
@ -92,8 +87,10 @@ async fn main() -> Result<()> {
let token = env::var("TOKEN").expect("expected TOKEN in the enviroment");
let database_url = env::var("DATABASE_URL").expect("expected DATABASE_URL in the enviroment");
let db = Database::connect(database_url).await?;
Migrator::up(&db, None).await?;
get_dispatcher(token, db).dispatch().await;
let pool = sqlx::mysql::MySqlPool::connect(&database_url).await?;
sqlx::migrate!().run(&pool).await?;
get_dispatcher(token, pool).dispatch().await;
Ok(())
}

2
src/markups.rs
View File

@ -32,7 +32,7 @@ pub async fn menu_markup(
db: &DatabaseConnection,
) -> crate::Result<InlineKeyboardMarkup> {
let command: String = command.into();
let names: Vec<String> = Account::get_names(user_id, db).await?.try_collect().await?;
let names: Vec<String> = Account::get_names(user_id, db).try_collect().await?;
spawn_blocking(move || menu_markup_sync(&command, names))
.await

3
src/prelude.rs
View File

@ -8,7 +8,6 @@ pub use crate::{
utils::*,
};
pub use cryptography::prelude::*;
pub use entity::prelude::*;
pub use entity::{prelude::*, Pool as DatabaseConnection};
pub use futures::{StreamExt, TryStreamExt};
pub use sea_orm::prelude::*;
pub use teloxide::{adaptors::Throttle, prelude::*};

1
src/state/get_user.rs
View File

@ -165,7 +165,6 @@ pub async fn get_user(
let existing_names = async {
Account::get_names(user_id, &db)
.await?
.try_collect()
.await
.map_err(Into::into)