Added ability to get the info of the current user

This commit is contained in:
StNicolay 2024-08-03 16:44:34 +03:00
parent cd3ab9b6bc
commit 40f0526500
Signed by: StNicolay
GPG Key ID: 9693D04DCD962B0D
3 changed files with 42 additions and 10 deletions

View File

@ -46,7 +46,7 @@ pub fn force_init_keys() {
LazyLock::force(&KEYS); LazyLock::force(&KEYS);
} }
/// Hashes the bytes with Scrypt with the given salt /// Hashes the bytes using Scrypt with the given salt
#[must_use] #[must_use]
fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] { fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] {
let mut hash = [0; HASH_LENGTH]; let mut hash = [0; HASH_LENGTH];
@ -55,6 +55,7 @@ fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] {
} }
/// Verifieble scrypt hashed bytes /// Verifieble scrypt hashed bytes
#[cfg_attr(test, derive(PartialEq))]
pub struct HashedBytes { pub struct HashedBytes {
pub hash: [u8; HASH_LENGTH], pub hash: [u8; HASH_LENGTH],
pub salt: [u8; SALT_LENGTH], pub salt: [u8; SALT_LENGTH],
@ -163,11 +164,32 @@ impl<T> FromRequestParts<T> for Claims {
.extract::<TypedHeader<Authorization<Bearer>>>() .extract::<TypedHeader<Authorization<Bearer>>>()
.await .await
.map_err(|_| Error::InvalidToken)?; .map_err(|_| Error::InvalidToken)?;
// Decode the user data let token_data = decode(bearer.token(), &KEYS.decoding_key, &Validation::default())
let token_data =
decode::<Claims>(bearer.token(), &KEYS.decoding_key, &Validation::default())
.map_err(|_| Error::InvalidToken)?; .map_err(|_| Error::InvalidToken)?;
Ok(token_data.claims) Ok(token_data.claims)
} }
} }
#[cfg(test)]
mod tests {
use super::HashedBytes;
const PASSWORD: &str = "Password12313#!#4)$*!#";
#[test]
fn test_hash_conversion() {
let bytes = HashedBytes::hash_bytes(PASSWORD.as_bytes());
let bytes2 = HashedBytes::from_bytes(&bytes.as_bytes()).unwrap();
assert!(bytes == bytes2);
}
#[test]
fn test_hash() {
assert!(HashedBytes::hash_bytes(PASSWORD.as_bytes()).verify(PASSWORD.as_bytes()));
}
#[test]
fn test_different_hash() {
assert!(!HashedBytes::hash_bytes(PASSWORD.as_bytes()).verify(b"Different Password"));
}
}

View File

@ -5,12 +5,21 @@ pub struct Params {
user_id: i32, user_id: i32,
} }
pub async fn get( type Response = Result<Json<db::users::UserInfo>, StatusCode>;
State(pool): State<Pool>,
Query(params): Query<Params>, pub async fn get(State(pool): State<Pool>, Query(params): Query<Params>) -> Response {
) -> Result<Json<db::users::UserInfo>, StatusCode> {
let info = db::users::get(params.user_id, &pool) let info = db::users::get(params.user_id, &pool)
.await .await
.handle_internal()?; .handle_internal()?;
Ok(Json(info)) Ok(Json(info))
} }
pub async fn current(state: State<Pool>, claims: Claims) -> Response {
get(
state,
Query(Params {
user_id: claims.user_id,
}),
)
.await
}

View File

@ -120,6 +120,7 @@ fn app(state: AppState) -> Router {
.delete(users::delete::delete) .delete(users::delete::delete)
.put(users::put::put), .put(users::put::put),
) )
.route("/users/current", get(users::get::current))
.route("/users/search", get(users::search::search)) .route("/users/search", get(users::search::search))
.route("/authorize", post(authorization::auth_post::post)) .route("/authorize", post(authorization::auth_post::post))
.layer(middleware) .layer(middleware)