Added ability to get the info of the current user
This commit is contained in:
parent
cd3ab9b6bc
commit
40f0526500
34
src/auth.rs
34
src/auth.rs
@ -46,7 +46,7 @@ pub fn force_init_keys() {
|
|||||||
LazyLock::force(&KEYS);
|
LazyLock::force(&KEYS);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Hashes the bytes with Scrypt with the given salt
|
/// Hashes the bytes using Scrypt with the given salt
|
||||||
#[must_use]
|
#[must_use]
|
||||||
fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] {
|
fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] {
|
||||||
let mut hash = [0; HASH_LENGTH];
|
let mut hash = [0; HASH_LENGTH];
|
||||||
@ -55,6 +55,7 @@ fn hash_scrypt(bytes: &[u8], salt: &[u8]) -> [u8; HASH_LENGTH] {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// Verifieble scrypt hashed bytes
|
/// Verifieble scrypt hashed bytes
|
||||||
|
#[cfg_attr(test, derive(PartialEq))]
|
||||||
pub struct HashedBytes {
|
pub struct HashedBytes {
|
||||||
pub hash: [u8; HASH_LENGTH],
|
pub hash: [u8; HASH_LENGTH],
|
||||||
pub salt: [u8; SALT_LENGTH],
|
pub salt: [u8; SALT_LENGTH],
|
||||||
@ -163,11 +164,32 @@ impl<T> FromRequestParts<T> for Claims {
|
|||||||
.extract::<TypedHeader<Authorization<Bearer>>>()
|
.extract::<TypedHeader<Authorization<Bearer>>>()
|
||||||
.await
|
.await
|
||||||
.map_err(|_| Error::InvalidToken)?;
|
.map_err(|_| Error::InvalidToken)?;
|
||||||
// Decode the user data
|
let token_data = decode(bearer.token(), &KEYS.decoding_key, &Validation::default())
|
||||||
let token_data =
|
.map_err(|_| Error::InvalidToken)?;
|
||||||
decode::<Claims>(bearer.token(), &KEYS.decoding_key, &Validation::default())
|
|
||||||
.map_err(|_| Error::InvalidToken)?;
|
|
||||||
|
|
||||||
Ok(token_data.claims)
|
Ok(token_data.claims)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod tests {
|
||||||
|
use super::HashedBytes;
|
||||||
|
|
||||||
|
const PASSWORD: &str = "Password12313#!#4)$*!#";
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_hash_conversion() {
|
||||||
|
let bytes = HashedBytes::hash_bytes(PASSWORD.as_bytes());
|
||||||
|
let bytes2 = HashedBytes::from_bytes(&bytes.as_bytes()).unwrap();
|
||||||
|
assert!(bytes == bytes2);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_hash() {
|
||||||
|
assert!(HashedBytes::hash_bytes(PASSWORD.as_bytes()).verify(PASSWORD.as_bytes()));
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_different_hash() {
|
||||||
|
assert!(!HashedBytes::hash_bytes(PASSWORD.as_bytes()).verify(b"Different Password"));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -5,12 +5,21 @@ pub struct Params {
|
|||||||
user_id: i32,
|
user_id: i32,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get(
|
type Response = Result<Json<db::users::UserInfo>, StatusCode>;
|
||||||
State(pool): State<Pool>,
|
|
||||||
Query(params): Query<Params>,
|
pub async fn get(State(pool): State<Pool>, Query(params): Query<Params>) -> Response {
|
||||||
) -> Result<Json<db::users::UserInfo>, StatusCode> {
|
|
||||||
let info = db::users::get(params.user_id, &pool)
|
let info = db::users::get(params.user_id, &pool)
|
||||||
.await
|
.await
|
||||||
.handle_internal()?;
|
.handle_internal()?;
|
||||||
Ok(Json(info))
|
Ok(Json(info))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn current(state: State<Pool>, claims: Claims) -> Response {
|
||||||
|
get(
|
||||||
|
state,
|
||||||
|
Query(Params {
|
||||||
|
user_id: claims.user_id,
|
||||||
|
}),
|
||||||
|
)
|
||||||
|
.await
|
||||||
|
}
|
||||||
|
@ -120,6 +120,7 @@ fn app(state: AppState) -> Router {
|
|||||||
.delete(users::delete::delete)
|
.delete(users::delete::delete)
|
||||||
.put(users::put::put),
|
.put(users::put::put),
|
||||||
)
|
)
|
||||||
|
.route("/users/current", get(users::get::current))
|
||||||
.route("/users/search", get(users::search::search))
|
.route("/users/search", get(users::search::search))
|
||||||
.route("/authorize", post(authorization::auth_post::post))
|
.route("/authorize", post(authorization::auth_post::post))
|
||||||
.layer(middleware)
|
.layer(middleware)
|
||||||
|
Reference in New Issue
Block a user