auth::wall_entry now verifies keys upon request

We can now decide what kind of authorization result triggers what kind of responses to the users Further more error handling has to happen closer to application logic which is the main trade-off of our architecture
2020-06-02 00:32:15 -07:00 · 2020-06-02 00:32:15 -07:00 · 8360efced5
commit 8360efced5
parent 5ad23eed8c
1 changed files with 40 additions and 2 deletions
--- a/server/src/auth.rs
+++ b/server/src/auth.rs
@ -1,8 +1,46 @@
+use mysql_async::Conn;
+use mysql_async::prelude::{params, Queryable};
 use hyper::{Response, Body};
 use std::collections::HashMap;

-pub async fn wall_entry(params: &HashMap<&str, Option<&str>>) -> bool {
-    unimplemented!()
+pub enum AuthReason {
+    Good,
+    LimitPassed,
+    NoKey,
+    InternalFailure,
+}
+
+fn check_key_row(row: Option<(String, i32, i32)>) -> AuthReason {
+    use self::AuthReason::*;
+    match row {
+        Some(data) => {
+            if data.2 > data.1 {
+                LimitPassed
+            }
+            else {
+                Good
+            }
+        },
+        None => NoKey
+    }
+}
+pub async fn wall_entry(conn: Conn, params: &HashMap<&str, &str>) -> AuthReason {
+    // Start by Checking if the api key is in our keystore
+    if let Some(key) = params.get("key") {
+        // (id, limit, current counter)
+        let db_request: Result<(Conn, Option<(String, i32, i32)>), mysql_async::error::Error> = conn
+            .first_exec(r"SELECT * FROM keys WHERE id = :id ", mysql_async::params!{ "id" => key})
+            .await;
+        
+        // Error case should probably have some kind of error checking
+        match db_request {
+            Ok(db_tup) => check_key_row(db_tup.1),
+            Err(_) => AuthReason::InternalFailure
+        }
+    }
+    else {
+        AuthReason::NoKey
+    }
 }

 pub fn wall_failure(resp: &Response<Body>) {