joshuafhiggins/realm-chat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Auth moved to SQLite

Browse Source
This commit is contained in:
Joshua Higgins
2024-07-25 20:50:20 -04:00
Unverified
parent f6bce91b49
commit 9c4e0b6f7d
6 changed files with 86 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
auth/Cargo.toml
View File

@@ -12,7 +12,7 @@ tracing = "0.1.40"
serde = { version = "1.0.203", features = ["derive"] } serde = { version = "1.0.203", features = ["derive"] }
chrono = { version = "0.4.24", features = ["serde"] } chrono = { version = "0.4.24", features = ["serde"] }
dotenvy = "0.15" dotenvy = "0.15"
sqlx = { version = "0.7", features = [ "runtime-tokio", "tls-rustls", "mysql", "chrono" ] } sqlx = { version = "0.7", features = [ "runtime-tokio", "tls-rustls", "sqlite", "macros", "migrate", "chrono" ] }
sha3 = "0.10.8" sha3 = "0.10.8"
hex = "0.4.3" hex = "0.4.3"
rand = "0.8.5" rand = "0.8.5"

5
auth/build.rs Normal file
View File

@@ -0,0 +1,5 @@
// generated by `sqlx migrate build-script`
fn main() {
// trigger recompilation when a new migration is added
println!("cargo:rerun-if-changed=migrations");
}

14
auth/migrations/20240725215330_create_everything.sql Normal file
View File

@@ -0,0 +1,14 @@
-- Add migration script here
CREATE TABLE IF NOT EXISTS user (
id INTEGER PRIMARY KEY,
username VARCHAR(255) NOT NULL,
email VARCHAR(255) NOT NULL,
new_email VARCHAR(255),
avatar TEXT NOT NULL,
login_code INT(6),
tokens TEXT,
google_oauth VARCHAR(255),
apple_oauth VARCHAR(255),
github_oauth VARCHAR(255),
discord_oauth VARCHAR(255)
);

36
auth/src/main.rs
View File

@@ -3,7 +3,8 @@ use std::future::Future;
use std::net::{IpAddr, Ipv6Addr}; use std::net::{IpAddr, Ipv6Addr};
use dotenvy::dotenv; use dotenvy::dotenv;
use futures::{future, StreamExt}; use futures::{future, StreamExt};
use sqlx::mysql::MySqlPoolOptions; use sqlx::{migrate, Sqlite, SqlitePool};
use sqlx::migrate::MigrateDatabase;
use tarpc::server::{BaseChannel, Channel}; use tarpc::server::{BaseChannel, Channel};
use tarpc::server::incoming::Incoming; use tarpc::server::incoming::Incoming;
use tarpc::tokio_serde::formats::Json; use tarpc::tokio_serde::formats::Json;
@@ -27,28 +28,21 @@ async fn main() -> anyhow::Result<()> {
auth_password: env::var("SERVER_MAIL_PASSWORD").expect("SERVER_MAIL_PASSWORD must be set"), auth_password: env::var("SERVER_MAIL_PASSWORD").expect("SERVER_MAIL_PASSWORD must be set"),
}; };
let db_pool = MySqlPoolOptions::new() let DB_URL: &str = &env::var("DATABASE_URL").expect("DATABASE_URL must be set");
.max_connections(64)
.connect(env::var("DATABASE_URL").expect("DATABASE_URL must be set").as_str()).await?;
//TODO: In a docker container or figure out somewhere to do this command if !Sqlite::database_exists(DB_URL).await.unwrap_or(false) {
//sqlx::query("CREATE DATABASE IF NOT EXISTS realmauth").execute(&db_pool).await?; println!("Creating database {}", DB_URL);
match Sqlite::create_database(DB_URL).await {
Ok(_) => println!("Create db success"),
Err(error) => panic!("error: {}", error),
}
} else {
println!("Database already exists");
} // TODO: Do in Docker with Sqlx-cli
sqlx::query( let db_pool = SqlitePool::connect(DB_URL).await.unwrap();
"CREATE TABLE IF NOT EXISTS user (
id SERIAL, migrate!().run(&db_pool).await?; // TODO: Do in Docker with Sqlx-cli
username VARCHAR(255) NOT NULL,
email VARCHAR(255) NOT NULL,
new_email VARCHAR(255),
avatar TEXT NOT NULL,
login_code INT(6),
tokens TEXT,
google_oauth VARCHAR(255),
apple_oauth VARCHAR(255),
github_oauth VARCHAR(255),
discord_oauth VARCHAR(255)
);"
).execute(&db_pool).await?;
let server_addr = (IpAddr::V6(Ipv6Addr::LOCALHOST), env::var("PORT").expect("PORT must be set").parse::<u16>().unwrap()); let server_addr = (IpAddr::V6(Ipv6Addr::LOCALHOST), env::var("PORT").expect("PORT must be set").parse::<u16>().unwrap());

126
auth/src/server.rs
View File

@@ -8,7 +8,7 @@ use rand::Rng;
use regex::Regex; use regex::Regex;
use sha3::{Digest, Sha3_256}; use sha3::{Digest, Sha3_256};
use sha3::digest::Update; use sha3::digest::Update;
use sqlx::{MySql, Pool, Row}; use sqlx::{Pool, query, Sqlite};
use tarpc::context::Context; use tarpc::context::Context;
use crate::types::{AuthEmail, AuthUser, RealmAuth}; use crate::types::{AuthEmail, AuthUser, RealmAuth};
@@ -18,7 +18,7 @@ use realm_shared::types::ErrorCode::*;
#[derive(Clone)] #[derive(Clone)]
pub struct RealmAuthServer { pub struct RealmAuthServer {
pub socket: SocketAddr, pub socket: SocketAddr,
pub db_pool: Pool<MySql>, pub db_pool: Pool<Sqlite>,
pub auth_email: AuthEmail, pub auth_email: AuthEmail,
pub template_html: String, pub template_html: String,
pub template_txt: String, pub template_txt: String,
@@ -26,7 +26,7 @@ pub struct RealmAuthServer {
} }
impl RealmAuthServer { impl RealmAuthServer {
pub fn new(socket: SocketAddr, db_pool: Pool<MySql>, auth_email: AuthEmail) -> RealmAuthServer { pub fn new(socket: SocketAddr, db_pool: Pool<Sqlite>, auth_email: AuthEmail) -> RealmAuthServer {
RealmAuthServer { RealmAuthServer {
socket, socket,
db_pool, db_pool,
@@ -52,34 +52,29 @@ impl RealmAuthServer {
} }
pub async fn is_username_taken(&self, username: &str) -> Result<bool, ErrorCode> { pub async fn is_username_taken(&self, username: &str) -> Result<bool, ErrorCode> {
let result = sqlx::query("SELECT NOT EXISTS (SELECT 1 FROM user WHERE username = ?) AS does_exist") let result = query!("SELECT NOT EXISTS (SELECT 1 FROM user WHERE username = ?) AS does_exist", username).fetch_one(&self.db_pool).await;
.bind(username)
.fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => Ok(row.try_get("does_exist").unwrap()), Ok(row) => Ok(row.does_exist.unwrap() != 0),
Err(_) => Err(InvalidUsername) Err(_) => Err(InvalidUsername)
} }
} }
pub async fn is_email_taken(&self, email: &str) -> Result<bool, ErrorCode> { pub async fn is_email_taken(&self, email: &str) -> Result<bool, ErrorCode> {
let result = sqlx::query("SELECT NOT EXISTS (SELECT 1 FROM user WHERE email = ?) AS does_exist") let result = query!("SELECT NOT EXISTS (SELECT 1 FROM user WHERE email = ?) AS does_exist", email).fetch_one(&self.db_pool).await;
.bind(email)
.fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => Ok(row.try_get("does_exist").unwrap()), Ok(row) => Ok(row.does_exist.unwrap() != 0),
Err(_) => Err(InvalidUsername) Err(_) => Err(InvalidUsername)
} }
} }
pub async fn is_authorized(&self, username: &str, token: &str) -> Result<bool, ErrorCode> { pub async fn is_authorized(&self, username: &str, token: &str) -> Result<bool, ErrorCode> {
let result = sqlx::query("SELECT tokens FROM user WHERE username = ?") let result = query!("SELECT tokens FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
.bind(username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
let token_long: &str = row.try_get("tokens").unwrap(); let token_long: &str = &row.tokens.unwrap();
let tokens = token_long.split(',').collect::<Vec<&str>>(); let tokens = token_long.split(',').collect::<Vec<&str>>();
for i in 0..tokens.len() { for i in 0..tokens.len() {
@@ -129,13 +124,11 @@ impl RealmAuthServer {
} }
pub async fn is_login_code_valid(&self, username: &str, login_code: u16) -> Result<bool, ErrorCode> { pub async fn is_login_code_valid(&self, username: &str, login_code: u16) -> Result<bool, ErrorCode> {
let result = sqlx::query("SELECT login_code FROM user WHERE username = ?;") let result = query!("SELECT login_code FROM user WHERE username = ?;", username).fetch_one(&self.db_pool).await;
.bind(username)
.fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
if row.try_get::<u16, _>("login_code").unwrap() != login_code { if row.login_code.unwrap() as u16 != login_code {
return Ok(false) return Ok(false)
} }
Ok(true) Ok(true)
@@ -171,11 +164,11 @@ impl RealmAuth for RealmAuthServer {
} }
async fn server_token_validation(self, _: Context, server_token: String, username: String, server_id: String, domain: String, tarpc_port: u16) -> bool { async fn server_token_validation(self, _: Context, server_token: String, username: String, server_id: String, domain: String, tarpc_port: u16) -> bool {
let result = sqlx::query("SELECT tokens FROM user WHERE username = ?").bind(username).fetch_one(&self.db_pool).await; let result = query!("SELECT tokens FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
let token_long: &str = row.try_get("tokens").unwrap(); let token_long: &str = &row.tokens.unwrap();
let tokens = token_long.split(',').collect::<Vec<&str>>(); let tokens = token_long.split(',').collect::<Vec<&str>>();
for token in tokens { for token in tokens {
@@ -207,8 +200,8 @@ impl RealmAuth for RealmAuthServer {
let code = self.gen_login_code(); let code = self.gen_login_code();
self.send_login_message(&username, &email, code).await?; self.send_login_message(&username, &email, code).await?;
let result = sqlx::query("INSERT INTO user (username, email, avatar, login_code, tokens) VALUES (?, ?, '', ?, '')") let result = query!("INSERT INTO user (username, email, avatar, login_code, tokens) VALUES (?, ?, '', ?, '')", username, email, code)
.bind(&username).bind(&email).bind(code).execute(&self.db_pool).await; .execute(&self.db_pool).await;
match result { match result {
Ok(_) => Ok(()), Ok(_) => Ok(()),
@@ -222,26 +215,26 @@ impl RealmAuth for RealmAuthServer {
} }
if username.is_none() { if username.is_none() {
let result = sqlx::query("SELECT username FROM user WHERE email = ?;") let tmp = email.clone().unwrap();
.bind(&email.clone().unwrap()) let result = query!("SELECT username FROM user WHERE email = ?;", tmp)
.fetch_one(&self.db_pool).await; .fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
username = row.try_get("username").unwrap(); username = Some(row.username);
} }
Err(_) => return Err(InvalidEmail) Err(_) => return Err(InvalidEmail)
} }
} }
if email.is_none() { if email.clone().is_none() {
let result = sqlx::query("SELECT email FROM user WHERE username = ?;") let tmp = username.clone().unwrap();
.bind(&username.clone().unwrap()) let result = query!("SELECT email FROM user WHERE username = ?;", tmp)
.fetch_one(&self.db_pool).await; .fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
email = row.try_get("email").unwrap(); email = Some(row.email);
} }
Err(_) => return Err(InvalidUsername) Err(_) => return Err(InvalidUsername)
} }
@@ -249,9 +242,7 @@ impl RealmAuth for RealmAuthServer {
let code = self.gen_login_code(); let code = self.gen_login_code();
let result = sqlx::query("UPDATE user SET login_code = ? WHERE username = ?;") let result = query!("UPDATE user SET login_code = ? WHERE username = ?;", code, username)
.bind(code)
.bind(&username)
.execute(&self.db_pool).await; .execute(&self.db_pool).await;
match result { match result {
@@ -265,21 +256,20 @@ impl RealmAuth for RealmAuthServer {
return Err(InvalidLoginCode) return Err(InvalidLoginCode)
} }
let _ = sqlx::query("UPDATE user SET login_code = NULL WHERE username = ?").bind(&username).execute(&self.db_pool).await; let _ = query!("UPDATE user SET login_code = NULL WHERE username = ?", username).execute(&self.db_pool).await;
let hash = Sha3_256::new().chain(format!("{}{}{}", username, login_code, Utc::now().to_utc())).finalize(); let hash = Sha3_256::new().chain(format!("{}{}{}", username, login_code, Utc::now().to_utc())).finalize();
let token = hex::encode(hash); let token = hex::encode(hash);
let result = sqlx::query("SELECT tokens FROM user WHERE username = ?").bind(&username).fetch_one(&self.db_pool).await; let result = query!("SELECT tokens FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
let token_long: &str = row.try_get("tokens").unwrap(); let token_long: &str = &row.tokens.unwrap();
let mut tokens = token_long.split(',').collect::<Vec<&str>>(); let mut tokens = token_long.split(',').collect::<Vec<&str>>();
tokens.push(&token); tokens.push(&token);
let result = sqlx::query("UPDATE user SET tokens = ? WHERE username = ?") let mega_token = tokens.join(",");
.bind(tokens.join(",")) // TODO: This doesn't seem right and may cause problems let result = query!("UPDATE user SET tokens = ? WHERE username = ?", mega_token, username)
.bind(&username)
.execute(&self.db_pool).await; .execute(&self.db_pool).await;
match result { match result {
Ok(_) => Ok(token), Ok(_) => Ok(token),
@@ -299,9 +289,7 @@ impl RealmAuth for RealmAuthServer {
return Err(EmailTaken) return Err(EmailTaken)
} }
let result = sqlx::query("UPDATE user SET new_email = ? WHERE username = ?") let result = query!("UPDATE user SET new_email = ? WHERE username = ?", new_email, username)
.bind(&new_email)
.bind(&username)
.execute(&self.db_pool).await; .execute(&self.db_pool).await;
match result { match result {
Ok(_) => {} Ok(_) => {}
@@ -310,9 +298,7 @@ impl RealmAuth for RealmAuthServer {
let code = self.gen_login_code(); let code = self.gen_login_code();
let result = sqlx::query("UPDATE user SET login_code = ? WHERE username = ?;") let result = query!("UPDATE user SET login_code = ? WHERE username = ?;", code, username)
.bind(code)
.bind(&username)
.execute(&self.db_pool).await; .execute(&self.db_pool).await;
match result { match result {
@@ -334,14 +320,9 @@ impl RealmAuth for RealmAuthServer {
return Err(InvalidLoginCode) return Err(InvalidLoginCode)
} }
let _ = sqlx::query("UPDATE user SET new_email = NULL WHERE username = ?") let _ = query!("UPDATE user SET new_email = NULL WHERE username = ?", username).execute(&self.db_pool).await;
.bind(&username)
.execute(&self.db_pool).await;
let _ = sqlx::query("UPDATE user SET email = ? WHERE username = ?") let _ = query!("UPDATE user SET email = ? WHERE username = ?", new_email, username).execute(&self.db_pool).await;
.bind(&new_email)
.bind(&username)
.execute(&self.db_pool).await;
Ok(()) Ok(())
} }
@@ -359,9 +340,7 @@ impl RealmAuth for RealmAuthServer {
return Err(UsernameTaken) return Err(UsernameTaken)
} }
let result = sqlx::query("UPDATE user SET username = ? WHERE username = ?") let result = query!("UPDATE user SET username = ? WHERE username = ?", new_username, username).execute(&self.db_pool).await;
.bind(&new_username)
.bind(&username).execute(&self.db_pool).await;
match result { match result {
Ok(_) => Ok(()), Ok(_) => Ok(()),
Err(_) => Err(Error) Err(_) => Err(Error)
@@ -373,9 +352,7 @@ impl RealmAuth for RealmAuthServer {
return Err(Unauthorized) return Err(Unauthorized)
} }
let result = sqlx::query("UPDATE user SET avatar = ? WHERE username = ?") let result = query!("UPDATE user SET avatar = ? WHERE username = ?", new_avatar, username).execute(&self.db_pool).await;
.bind(&new_avatar)
.bind(&username).execute(&self.db_pool).await;
match result { match result {
Ok(_) => Ok(()), Ok(_) => Ok(()),
Err(_) => Err(Error) Err(_) => Err(Error)
@@ -393,21 +370,20 @@ impl RealmAuth for RealmAuthServer {
Err(error) => return Err(error) Err(error) => return Err(error)
} }
let result = sqlx::query("SELECT * FROM user WHERE username = ?") let result = query!(r"SELECT * FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
.bind(&username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
Ok(AuthUser { Ok(AuthUser {
id: row.try_get("id").unwrap(), id: row.id,
username: row.try_get("username").unwrap(), username: row.username,
email: row.try_get("email").unwrap(), email: row.email,
avatar: row.try_get("avatar").unwrap(), avatar: row.avatar,
login_code: None, login_code: None,
bigtoken: row.try_get("tokens").unwrap(), bigtoken: row.tokens,
google_oauth: row.try_get("google_oauth").unwrap(), google_oauth: row.google_oauth,
apple_oauth: row.try_get("apple_oauth").unwrap(), apple_oauth: row.apple_oauth,
github_oauth: row.try_get("github_oauth").unwrap(), github_oauth: row.github_oauth,
discord_oauth: row.try_get("discord_oauth").unwrap(), discord_oauth: row.discord_oauth,
}) })
} }
Err(_) => Err(InvalidUsername) Err(_) => Err(InvalidUsername)
@@ -415,21 +391,19 @@ impl RealmAuth for RealmAuthServer {
} }
async fn sign_out(self, _: Context, username: String, token: String) -> Result<(), ErrorCode> { async fn sign_out(self, _: Context, username: String, token: String) -> Result<(), ErrorCode> {
let result = sqlx::query("SELECT tokens FROM user WHERE username = ?") let result = query!("SELECT tokens FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
.bind(&username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => { Ok(row) => {
let token_long: &str = row.try_get("tokens").unwrap(); let token_long: &str = &row.tokens.unwrap();
let mut tokens = token_long.split(',').collect::<Vec<&str>>(); let mut tokens = token_long.split(',').collect::<Vec<&str>>();
for i in 0..tokens.len() { for i in 0..tokens.len() {
if tokens.get(i).unwrap().eq(&token.as_str()) { if tokens.get(i).unwrap().eq(&token.as_str()) {
tokens.remove(i); tokens.remove(i);
let result = sqlx::query("UPDATE user SET tokens = ? WHERE username = ?") let mega_token = tokens.join(",").to_string();
.bind(tokens.join(",")) let result = query!("UPDATE user SET tokens = ? WHERE username = ?", mega_token, username)
.bind(&username)
.execute(&self.db_pool).await; .execute(&self.db_pool).await;
return match result { return match result {
@@ -446,10 +420,10 @@ impl RealmAuth for RealmAuthServer {
} }
async fn get_avatar_for_user(self, _: Context, username: String) -> Result<String, ErrorCode> { async fn get_avatar_for_user(self, _: Context, username: String) -> Result<String, ErrorCode> {
let result = sqlx::query("SELECT tokens FROM user WHERE username = ?").bind(username).fetch_one(&self.db_pool).await; let result = query!("SELECT avatar FROM user WHERE username = ?", username).fetch_one(&self.db_pool).await;
match result { match result {
Ok(row) => Ok(row.try_get("avatar").unwrap_or("".to_string())), Ok(row) => Ok(row.avatar),
Err(_) => Err(InvalidUsername) Err(_) => Err(InvalidUsername)
} }
} }

2
auth/src/types.rs
View File

@@ -24,7 +24,7 @@ pub trait RealmAuth {
#[derive(Debug, Clone, Serialize, Deserialize)] #[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AuthUser { pub struct AuthUser {
pub id: u32, pub id: i64,
pub username: String, pub username: String,
pub email: String, pub email: String,
pub avatar: String, pub avatar: String,