Pull in code from pool_elo

need to re-integrate yugioh code
2024-09-03 01:52:20 -04:00
parent 921f2de61a
commit 4674289473
54 changed files with 1775 additions and 164 deletions
--- a/src/server/auth/login.rs
+++ b/src/server/auth/login.rs
@@ -0,0 +1,115 @@
+use crate::{
+    entity::{
+        prelude::*,
+        user::{self},
+    },
+    models::{
+        auth::{Claims, LoginInfo, LoginResponse},
+        generic::GenericResponse,
+    },
+    server::server_state::ServerState,
+};
+use argon2::{Argon2, PasswordHash, PasswordVerifier};
+use axum::{
+    extract::{Json, State},
+    http::{HeaderMap, StatusCode},
+};
+use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation};
+use sea_orm::{ColumnTrait, EntityTrait, QueryFilter};
+
+pub async fn credentials_are_correct(
+    username: &str,
+    password: &str,
+    state: &ServerState,
+) -> Result<(), String> {
+    // Get user
+    let existing_user: Option<user::Model> = User::find()
+        .filter(user::Column::Username.eq(username))
+        .one(&state.db_conn)
+        .await
+        .unwrap();
+    let hash_to_check: String = match existing_user {
+        Some(user) => user.password_hash_and_salt,
+        None => {
+            // @todo make dummy password hash
+            return Err("Username doesn't exist".to_owned());
+        }
+    };
+
+    match Argon2::default().verify_password(
+        password.as_bytes(),
+        &PasswordHash::new(hash_to_check.as_str()).unwrap(),
+    ) {
+        Ok(_) => Ok(()),
+        Err(_) => Err("Invalid credentials".to_owned()),
+    }
+}
+
+pub async fn post_login_user(
+    State(state): State<ServerState>,
+    Json(login_info): Json<LoginInfo>,
+) -> (
+    StatusCode,
+    Result<Json<LoginResponse>, Json<GenericResponse>>,
+) {
+    let user_authenticated =
+        credentials_are_correct(&login_info.username, &login_info.password, &state);
+
+    match user_authenticated.await {
+        Err(why) => (
+            StatusCode::UNAUTHORIZED,
+            Err(Json(GenericResponse::err(why.as_str()))),
+        ),
+        Ok(_) => {
+            let expires = match login_info.remember_me {
+                true => chrono::Utc::now() + chrono::Duration::days(365),
+                false => chrono::Utc::now() + chrono::Duration::days(1),
+            };
+
+            let claims = Claims {
+                sub: login_info.username.clone(),
+                exp: expires.timestamp() as usize,
+            };
+            // @todo change secret
+            let token = match encode(
+                &Header::default(),
+                &claims,
+                &EncodingKey::from_secret("secret".as_ref()),
+            ) {
+                Ok(token) => token,
+                Err(_) => {
+                    return (
+                        StatusCode::INTERNAL_SERVER_ERROR,
+                        Err(Json(GenericResponse::err("Failed to get token"))),
+                    )
+                }
+            };
+
+            (StatusCode::OK, Ok(Json(LoginResponse { token, expires })))
+        }
+    }
+}
+
+pub async fn post_test_login(
+    State(_): State<ServerState>,
+    header_map: HeaderMap,
+) -> Result<Json<String>, StatusCode> {
+    if let Some(auth_header) = header_map.get("Authorization") {
+        if let Ok(auth_header_str) = auth_header.to_str() {
+            if auth_header_str.starts_with("Bearer ") {
+                let token = auth_header_str.trim_start_matches("Bearer ").to_string();
+                // @todo change secret
+                if decode::<Claims>(
+                    &token,
+                    &DecodingKey::from_secret("secret".as_ref()),
+                    &Validation::default(),
+                )
+                .is_ok()
+                {
+                    return Ok(Json("Logged in".to_owned()));
+                }
+            }
+        }
+    }
+    Err(StatusCode::UNAUTHORIZED)
+}