From 8360efced5b3770be7871696701722c245ac9e37 Mon Sep 17 00:00:00 2001 From: shockrah Date: Tue, 2 Jun 2020 00:32:15 -0700 Subject: [PATCH] auth::wall_entry now verifies keys upon request We can now decide what kind of authorization result triggers what kind of responses to the users Further more error handling has to happen closer to application logic which is the main trade-off of our architecture --- server/src/auth.rs | 42 ++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 40 insertions(+), 2 deletions(-) diff --git a/server/src/auth.rs b/server/src/auth.rs index 9e5676f..05abb9b 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -1,8 +1,46 @@ +use mysql_async::Conn; +use mysql_async::prelude::{params, Queryable}; use hyper::{Response, Body}; use std::collections::HashMap; -pub async fn wall_entry(params: &HashMap<&str, Option<&str>>) -> bool { - unimplemented!() +pub enum AuthReason { + Good, + LimitPassed, + NoKey, + InternalFailure, +} + +fn check_key_row(row: Option<(String, i32, i32)>) -> AuthReason { + use self::AuthReason::*; + match row { + Some(data) => { + if data.2 > data.1 { + LimitPassed + } + else { + Good + } + }, + None => NoKey + } +} +pub async fn wall_entry(conn: Conn, params: &HashMap<&str, &str>) -> AuthReason { + // Start by Checking if the api key is in our keystore + if let Some(key) = params.get("key") { + // (id, limit, current counter) + let db_request: Result<(Conn, Option<(String, i32, i32)>), mysql_async::error::Error> = conn + .first_exec(r"SELECT * FROM keys WHERE id = :id ", mysql_async::params!{ "id" => key}) + .await; + + // Error case should probably have some kind of error checking + match db_request { + Ok(db_tup) => check_key_row(db_tup.1), + Err(_) => AuthReason::InternalFailure + } + } + else { + AuthReason::NoKey + } } pub fn wall_failure(resp: &Response) {