Finished refresh token and remove all warns
This commit is contained in:
parent
030dd43ddf
commit
c877b02286
@ -17,7 +17,6 @@ use {
|
|||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
type Res<T, E> = std::result::Result<T, E>;
|
|
||||||
type DBPool = Arc<Pool<ConnectionMgrTcp>>;
|
type DBPool = Arc<Pool<ConnectionMgrTcp>>;
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
123
src/main.rs
123
src/main.rs
@ -165,7 +165,7 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
|
|
||||||
let cookies = get_cookies(req.headers().clone());
|
let cookies = get_cookies(req.headers().clone());
|
||||||
let token = cookies.get("token");
|
let token = cookies.get("token");
|
||||||
let mut token = match token.is_none() {
|
let token = match token.is_none() {
|
||||||
false => token.unwrap(),
|
false => token.unwrap(),
|
||||||
_ => ""
|
_ => ""
|
||||||
};
|
};
|
||||||
@ -174,7 +174,7 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
match <str as AsRef<str>>::as_ref(req.uri().path()) {
|
match <str as AsRef<str>>::as_ref(req.uri().path()) {
|
||||||
x if x.starts_with("/api/") => {},
|
x if x.starts_with("/api/") => {},
|
||||||
_ => 'jwt_check: {
|
_ => 'jwt_check: {
|
||||||
// if token == "" { break 'jwt_check; }
|
if token == "" { break 'jwt_check; }
|
||||||
/* if token != "" {
|
/* if token != "" {
|
||||||
parts.status = StatusCode::FOUND;
|
parts.status = StatusCode::FOUND;
|
||||||
set_cookie(&mut headers, "token", "");
|
set_cookie(&mut headers, "token", "");
|
||||||
@ -217,7 +217,6 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
let newtok = format!("{}", uuid_v4().as_hyphenated());
|
let newtok = format!("{}", uuid_v4().as_hyphenated());
|
||||||
let newref = format!("{}", uuid_v4().as_hyphenated());
|
let newref = format!("{}", uuid_v4().as_hyphenated());
|
||||||
let time = time();
|
let time = time();
|
||||||
println!("Penis1");
|
|
||||||
let (uuid,) = con.query_parse::<(String,)>(&query!(
|
let (uuid,) = con.query_parse::<(String,)>(&query!(
|
||||||
r#"
|
r#"
|
||||||
SELECT uid
|
SELECT uid
|
||||||
@ -226,7 +225,6 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
"#,
|
"#,
|
||||||
tokenid
|
tokenid
|
||||||
)).await?;
|
)).await?;
|
||||||
println!("Penis2");
|
|
||||||
let (login,) = con.query_parse::<(String,)>(&query!(
|
let (login,) = con.query_parse::<(String,)>(&query!(
|
||||||
r#"
|
r#"
|
||||||
SELECT login
|
SELECT login
|
||||||
@ -235,7 +233,6 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
"#,
|
"#,
|
||||||
uuid.clone()
|
uuid.clone()
|
||||||
)).await?;
|
)).await?;
|
||||||
println!("Penis3");
|
|
||||||
let _ = con.query_parse::<()>(&query!(
|
let _ = con.query_parse::<()>(&query!(
|
||||||
r#"
|
r#"
|
||||||
UPDATE bitauth.tokens
|
UPDATE bitauth.tokens
|
||||||
@ -244,7 +241,6 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
"#,
|
"#,
|
||||||
newtok.clone(), newref.clone(), time + REFRESH_LIFETIME, tokenid
|
newtok.clone(), newref.clone(), time + REFRESH_LIFETIME, tokenid
|
||||||
)).await;
|
)).await;
|
||||||
println!("Penis4");
|
|
||||||
|
|
||||||
set_cookie(&mut headers, "token",
|
set_cookie(&mut headers, "token",
|
||||||
&jwt_sign(pool.clone(), json!({
|
&jwt_sign(pool.clone(), json!({
|
||||||
@ -262,18 +258,8 @@ async fn handle_connection(req: Request<Incoming>, pool: DBPool, ip: String) ->
|
|||||||
"exp": time + REFRESH_LIFETIME
|
"exp": time + REFRESH_LIFETIME
|
||||||
})).await.unwrap()
|
})).await.unwrap()
|
||||||
);
|
);
|
||||||
println!("Penis5");
|
|
||||||
|
|
||||||
logged = true;
|
logged = true;
|
||||||
/*
|
|
||||||
CREATE MODEL IF NOT EXISTS bitauth.tokens(
|
|
||||||
uuid: string,
|
|
||||||
uid: string,
|
|
||||||
sid: string,
|
|
||||||
ref: string,
|
|
||||||
refend: uint32
|
|
||||||
)
|
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -287,6 +273,7 @@ CREATE MODEL IF NOT EXISTS bitauth.tokens(
|
|||||||
"/" => uri_index(),
|
"/" => uri_index(),
|
||||||
"/cabinet" => uri_login(req, pool.clone(), &mut headers).await?,
|
"/cabinet" => uri_login(req, pool.clone(), &mut headers).await?,
|
||||||
"/login" => uri_login(req, pool.clone(), &mut headers).await?,
|
"/login" => uri_login(req, pool.clone(), &mut headers).await?,
|
||||||
|
x if x == "/authorize" && logged => uri_authorize(req, pool.clone()).await?,
|
||||||
"/authorize" => uri_authorize(req, pool.clone()).await?,
|
"/authorize" => uri_authorize(req, pool.clone()).await?,
|
||||||
"/register" => uri_register(req, pool.clone(), &mut headers).await?,
|
"/register" => uri_register(req, pool.clone(), &mut headers).await?,
|
||||||
"/recover" => uri_recover(),
|
"/recover" => uri_recover(),
|
||||||
@ -426,13 +413,19 @@ async fn init_tables(pool: DBPool) -> Res<(), SkyError> {
|
|||||||
let _ = con.query_parse::<()>(&query!("CREATE SPACE IF NOT EXISTS bitauth")).await;
|
let _ = con.query_parse::<()>(&query!("CREATE SPACE IF NOT EXISTS bitauth")).await;
|
||||||
let _ = con.query_parse::<()>(&query!(r#"
|
let _ = con.query_parse::<()>(&query!(r#"
|
||||||
CREATE MODEL IF NOT EXISTS bitauth.users(
|
CREATE MODEL IF NOT EXISTS bitauth.users(
|
||||||
login: string,
|
|
||||||
uuid: string,
|
uuid: string,
|
||||||
|
login: string,
|
||||||
password: string,
|
password: string,
|
||||||
email: string,
|
email: string,
|
||||||
tokens: list {type: string}
|
tokens: list {type: string}
|
||||||
)
|
)
|
||||||
"#)).await;
|
"#)).await;
|
||||||
|
let _ = con.query_parse::<()>(&query!(r#"
|
||||||
|
CREATE MODEL IF NOT EXISTS bitauth.users_uuid(
|
||||||
|
login: string,
|
||||||
|
uuid: string
|
||||||
|
)
|
||||||
|
"#)).await;
|
||||||
let _ = con.query_parse::<()>(&query!(r#"
|
let _ = con.query_parse::<()>(&query!(r#"
|
||||||
CREATE MODEL IF NOT EXISTS bitauth.sites(
|
CREATE MODEL IF NOT EXISTS bitauth.sites(
|
||||||
uuid: string,
|
uuid: string,
|
||||||
@ -451,6 +444,13 @@ async fn init_tables(pool: DBPool) -> Res<(), SkyError> {
|
|||||||
refend: uint32
|
refend: uint32
|
||||||
)
|
)
|
||||||
"#)).await;
|
"#)).await;
|
||||||
|
let _ = con.query_parse::<()>(&query!(r#"
|
||||||
|
CREATE MODEL IF NOT EXISTS bitauth.v0(
|
||||||
|
session: string,
|
||||||
|
login: string,
|
||||||
|
uuid: string
|
||||||
|
)
|
||||||
|
"#)).await;
|
||||||
|
|
||||||
let q = con.query_parse::<Sites>(&query!("SELECT * FROM bitauth.sites WHERE uuid = 0")).await;
|
let q = con.query_parse::<Sites>(&query!("SELECT * FROM bitauth.sites WHERE uuid = 0")).await;
|
||||||
if q.is_err() {
|
if q.is_err() {
|
||||||
@ -475,7 +475,6 @@ async fn get_user(pool: DBPool, login: String) -> Res<Users, SkyError> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async fn login_user(pool: DBPool, data: HashMap<String, String>) -> Res<(String, String), SkyError> {
|
async fn login_user(pool: DBPool, data: HashMap<String, String>) -> Res<(String, String), SkyError> {
|
||||||
let mut err = false;
|
|
||||||
let mut ret: (String, String) = Default::default();
|
let mut ret: (String, String) = Default::default();
|
||||||
let mut con = pool.get().await.unwrap();
|
let mut con = pool.get().await.unwrap();
|
||||||
|
|
||||||
@ -483,43 +482,48 @@ async fn login_user(pool: DBPool, data: HashMap<String, String>) -> Res<(String,
|
|||||||
let pass = data.get("password").unwrap().trim();
|
let pass = data.get("password").unwrap().trim();
|
||||||
|
|
||||||
let q = con
|
let q = con
|
||||||
.query_parse::<Users>(&query!("SELECT * FROM bitauth.users WHERE login = ?", login))
|
.query_parse::<(String,)>(&query!("SELECT uuid FROM bitauth.users_uuid WHERE login = ?", login))
|
||||||
.await;
|
.await;
|
||||||
if q.is_err() { err = true };
|
if q.is_err() { println!("{:?}", q.err()); return Ok(ret); };
|
||||||
|
let (uuid,) = q.unwrap();
|
||||||
|
|
||||||
if !err {
|
let q = con
|
||||||
let q = q.unwrap();
|
.query_parse::<Users>(&query!("SELECT * FROM bitauth.users WHERE uuid = ?", uuid.clone()))
|
||||||
if bcrypt::verify(pass, q.password.as_str()).unwrap() {
|
.await;
|
||||||
let token = format!("{}", uuid_v4().as_hyphenated());
|
// TODO: Send to admin notify about trouble!
|
||||||
let reftoken = format!("{}", uuid_v4().as_hyphenated());
|
if q.is_err() { return Ok(ret); };
|
||||||
let time = time();
|
|
||||||
let uuid: String = q.uuid;
|
|
||||||
let login: String = q.login;
|
|
||||||
|
|
||||||
let _ = con.query_parse::<()>(&query!(
|
let q = q.unwrap();
|
||||||
"INSERT INTO bitauth.tokens { uuid: ?, uid: ?, sid: ?, ref: ?, refend: ? }",
|
if bcrypt::verify(pass, q.password.as_str()).unwrap() {
|
||||||
token.clone(), uuid.clone(), "0", reftoken.clone(), time + REFRESH_LIFETIME
|
let token = format!("{}", uuid_v4().as_hyphenated());
|
||||||
)).await;
|
let reftoken = format!("{}", uuid_v4().as_hyphenated());
|
||||||
let _ = con.query_parse::<()>(&query!(
|
let time = time();
|
||||||
"UPDATE bitauth.users SET tokens += ? WHERE login = ?",
|
let uuid: String = q.uuid;
|
||||||
token.clone(), login.clone()
|
let login: String = q.login;
|
||||||
)).await;
|
|
||||||
|
|
||||||
ret = (
|
let _ = con.query_parse::<()>(&query!(
|
||||||
jwt_sign(pool.clone(), json!({
|
"INSERT INTO bitauth.tokens { uuid: ?, uid: ?, sid: ?, ref: ?, refend: ? }",
|
||||||
"login": login.clone(),
|
token.clone(), uuid.clone(), "0", reftoken.clone(), time + REFRESH_LIFETIME
|
||||||
"uuid": uuid.clone(),
|
)).await;
|
||||||
"iat": time,
|
let _ = con.query_parse::<()>(&query!(
|
||||||
"exp": time + TOKEN_LIFETIME
|
"UPDATE bitauth.users SET tokens += ? WHERE login = ?",
|
||||||
})).await.unwrap(),
|
token.clone(), login.clone()
|
||||||
jwt_sign(pool.clone(), json!({
|
)).await;
|
||||||
"uuid": token.clone(),
|
|
||||||
"iat": time,
|
ret = (
|
||||||
"ref": reftoken.clone(),
|
jwt_sign(pool.clone(), json!({
|
||||||
"exp": time + REFRESH_LIFETIME
|
"login": login.clone(),
|
||||||
})).await.unwrap()
|
"uuid": uuid.clone(),
|
||||||
);
|
"iat": time,
|
||||||
}
|
"exp": time + TOKEN_LIFETIME
|
||||||
|
})).await.unwrap(),
|
||||||
|
jwt_sign(pool.clone(), json!({
|
||||||
|
"uuid": token.clone(),
|
||||||
|
"iat": time,
|
||||||
|
"ref": reftoken.clone(),
|
||||||
|
"exp": time + REFRESH_LIFETIME
|
||||||
|
})).await.unwrap()
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
Ok(ret)
|
Ok(ret)
|
||||||
@ -538,7 +542,7 @@ async fn create_user(pool: DBPool, data: HashMap<String, String>) -> Res<bool, S
|
|||||||
if pass.len() < 8 { ret = false };
|
if pass.len() < 8 { ret = false };
|
||||||
|
|
||||||
let q = con
|
let q = con
|
||||||
.query_parse::<(String,)>(&query!("SELECT uuid FROM bitauth.users WHERE login = ?", login))
|
.query_parse::<(String,)>(&query!("SELECT uuid FROM bitauth.users_uuid WHERE login = ?", login))
|
||||||
.await;
|
.await;
|
||||||
if q.is_ok() { ret = false };
|
if q.is_ok() { ret = false };
|
||||||
|
|
||||||
@ -548,18 +552,27 @@ async fn create_user(pool: DBPool, data: HashMap<String, String>) -> Res<bool, S
|
|||||||
|
|
||||||
let q = con.query_parse::<()>(&query!(
|
let q = con.query_parse::<()>(&query!(
|
||||||
r#"INSERT INTO bitauth.users {
|
r#"INSERT INTO bitauth.users {
|
||||||
login: ?,
|
|
||||||
uuid: ?,
|
uuid: ?,
|
||||||
|
login: ?,
|
||||||
password: ?,
|
password: ?,
|
||||||
email: ?,
|
email: ?,
|
||||||
tokens: []
|
tokens: []
|
||||||
}"#,
|
}"#,
|
||||||
login,
|
uuid.clone(),
|
||||||
uuid,
|
login.clone(),
|
||||||
pass,
|
pass,
|
||||||
email,
|
email,
|
||||||
)).await;
|
)).await;
|
||||||
|
if q.is_err() { ret = false }
|
||||||
|
|
||||||
|
let q = con.query_parse::<()>(&query!(
|
||||||
|
r#"INSERT INTO bitauth.users_uuid {
|
||||||
|
login: ?,
|
||||||
|
uuid: ?
|
||||||
|
}"#,
|
||||||
|
login.clone(),
|
||||||
|
uuid.clone()
|
||||||
|
)).await;
|
||||||
if q.is_err() { ret = false }
|
if q.is_err() { ret = false }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -10,18 +10,18 @@ use skytable::{
|
|||||||
|
|
||||||
|
|
||||||
pub struct Users {
|
pub struct Users {
|
||||||
pub login: String,
|
|
||||||
pub uuid: String,
|
pub uuid: String,
|
||||||
|
pub login: String,
|
||||||
pub password: String,
|
pub password: String,
|
||||||
pub email: String,
|
pub email: String,
|
||||||
pub tokens: Vec<Value>,
|
pub tokens: Vec<Value>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Users {
|
impl Users {
|
||||||
pub fn new(login: String, uuid: String, password: String, email: String, tokens: Vec<Value>) -> Self {
|
pub fn new(uuid: String, login: String, password: String, email: String, tokens: Vec<Value>) -> Self {
|
||||||
Self {
|
Self {
|
||||||
login,
|
|
||||||
uuid,
|
uuid,
|
||||||
|
login,
|
||||||
password,
|
password,
|
||||||
email,
|
email,
|
||||||
tokens,
|
tokens,
|
||||||
@ -31,8 +31,8 @@ impl Users {
|
|||||||
|
|
||||||
impl SQParam for Users {
|
impl SQParam for Users {
|
||||||
fn append_param(&self, q: &mut Vec<u8>) -> usize {
|
fn append_param(&self, q: &mut Vec<u8>) -> usize {
|
||||||
self.login.append_param(q)
|
self.uuid.append_param(q)
|
||||||
+ self.uuid.append_param(q)
|
+ self.login.append_param(q)
|
||||||
+ self.password.append_param(q)
|
+ self.password.append_param(q)
|
||||||
+ self.email.append_param(q)
|
+ self.email.append_param(q)
|
||||||
}
|
}
|
||||||
@ -40,7 +40,7 @@ impl SQParam for Users {
|
|||||||
|
|
||||||
impl FromResponse for Users {
|
impl FromResponse for Users {
|
||||||
fn from_response(resp: Response) -> ClientResult<Self> {
|
fn from_response(resp: Response) -> ClientResult<Self> {
|
||||||
let (login, uuid, password, email, tokens) = FromResponse::from_response(resp)?;
|
let (uuid, login, password, email, tokens) = FromResponse::from_response(resp)?;
|
||||||
Ok(Self::new(login, uuid, password, email, tokens))
|
Ok(Self::new(uuid, login, password, email, tokens))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user