*Speccing the rows which wall_entry requests

Generally more explicit behavior is provided *NOTE: if this call succeeds then we have fully authenticated and subsequent calls should have acccess to "secret" in the serialized params structure, thus unwraps should be fine as they'll be proven via informal induction
2020-07-04 23:05:58 -07:00 · 2020-07-04 23:05:58 -07:00 · 0d9b945301
commit 0d9b945301
parent cdc88b8365
2 changed files with 12 additions and 10 deletions
--- a/server/src/auth.rs
+++ b/server/src/auth.rs
@ -10,11 +10,12 @@ pub enum AuthReason {
    NoKey,
 }

-fn check_key_row(row: Option<(String, i32, i32)>) -> AuthReason {
+fn check_key_row(row: &Option<(i32, i32, u64)>) -> AuthReason {
+    // (limit, uses, _userid)
    use self::AuthReason::*;
    match row {
        Some(data) => {
-            if data.2 > data.1 {
+            if data.1 > data.0 {
                LimitPassed
            }
            else {
@ -35,15 +36,15 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
        Ok(AuthReason::OpenAuth)
    }
    else {
-        if let Some(key) = params.get("key") {
+        if let Some(key) = params.get("secret") {
            let conn = pool.get_conn().await?;
-            // (id, limit, current counter)
-            let db_tup: (Conn, Option<(String, i32, i32)>) = conn
-                .first_exec(r"SELECT * FROM keys WHERE id = :id ", mysql_async::params!{ "id" => key})
+            // (id, name, secret)
+            let (_con, row): (Conn, Option<(i32, i32, u64)>) = conn
+                .first_exec(r"SELECT limit, uses, userid, FROM keys WHERE secret = :secret ", mysql_async::params!{ "secret" => key})
                .await?;
            
            // Error case should probably have some kind of error checking
-            Ok(check_key_row(db_tup.1))
+            Ok(check_key_row(&row))
        }
        else {
            Ok(AuthReason::NoKey)
--- a/server/src/channels.rs
+++ b/server/src/channels.rs
@ -49,8 +49,9 @@ impl ChannelType {
 }

 // Primary way of interpretting sql data on our channels table
+pub type ChannelID = u64;
 pub struct Channel {
-    id: i32,
+    id: u64,
    name: String,
    description: String,
    kind: ChannelType
@ -67,7 +68,7 @@ impl Channel {
     * When our sql library queries things we generally get back tuples rather reasily 
     * we can use this method to get something that makes more sense
    */
-    fn from_tup(tup: (i32, String, String, i32))  -> Channel {
+    fn from_tup(tup: (u64, String, String, i32))  -> Channel {
        Channel {
            id: tup.0,
            name: tup.1,
@ -103,7 +104,7 @@ impl Channel {
 async fn get_channels_vec(conn: Conn) -> Result<Vec<Channel>, Error> {
    let rows_db = conn.prep_exec(r"SELECT * FROM channels", ()).await?;
    let (_, rows) = rows_db.map_and_drop(|row| {
-        let (id, name, desc, kind): (i32, String, String, i32) = mysql_async::from_row(row);
+        let (id, name, desc, kind): (u64, String, String, i32) = mysql_async::from_row(row);
        Channel::from_tup((id, name, desc, kind))
    }).await?;