shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

skeleton code for jwt things

Browse Source
This commit is contained in:
shockrah 2020-12-18 13:03:30 -08:00
parent 97028f8bd2
commit 88f6e5b532
1 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
server-api/src/auth.rs
View File

@ -1,5 +1,5 @@
use bcrypt::{self, BcryptResult}; use bcrypt::{self, BcryptResult};
use mysql_async::{Pool}; use mysql_async::Pool;
use mysql_async::error::Error as SqlError; use mysql_async::error::Error as SqlError;
@ -58,21 +58,44 @@ pub fn encrypt_secret(raw: &str) -> BcryptResult<String> {
return bcrypt::hash(raw, BCRYPT_COST); return bcrypt::hash(raw, BCRYPT_COST);
} }
fn get_jwt(params: &serde_json::Value) -> Option<&str> {
// gets the `token` from the parameters
// option<value> -> some(value) -> string
return params.get("token")?.as_str();
}
fn valid_jwt(token: &str) -> AuthReason {
// TODO
return AuthReason::Good;
}
pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> { pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> {
use std::borrow::Cow; use std::borrow::Cow;
// Dont need to auth if it's not required // Dont need to auth if it's not required
if routes::is_open(path) { let open_path = routes::is_open(path);
Ok(AuthReason::OpenAuth) let jwt = get_jwt(params);
if open_path { // ignore the parameters since they're irelevant
return Ok(AuthReason::OpenAuth);
}
else if let Some(jwt) = jwt {
// if we have a jwt then verify its validity
return Ok(valid_jwt(jwt)); // Good|BadKey
} }
else { else {
// make sure we have some legit parameter to use
// Last chance we might be hitting the /login route so we have to do the heavy auth flow
match (params.get("id"), params.get("secret")) { match (params.get("id"), params.get("secret")) {
/* /*
* If we apparantly have user data then check for validity in credentials * If we apparantly have user data then check for validity in credentials
*/ */
(Some(id_v), Some(secret_v)) => { (Some(id_v), Some(secret_v)) => {
/* unwrapping because i couldn't care less about poorly formatted request data */ /* unwrapping because i couldn't care less about poorly formatted request data */
if path != "/login" {
return Ok(AuthReason::BadKey);
}
let id = id_v.as_u64().unwrap_or(0); // basically nobody is allowed to have 0 as its supposed to be reserved let id = id_v.as_u64().unwrap_or(0); // basically nobody is allowed to have 0 as its supposed to be reserved
let secret = secret_v.as_str().unwrap_or(""); let secret = secret_v.as_str().unwrap_or("");
return match Member::get(pool, id).await { return match Member::get(pool, id).await {
@ -96,7 +119,11 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
} }
} }
pub async fn login_get_jwt(pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> {
let (id_v, secret_v) = (params.get("id"), params.get("secret"));
return Ok(AuthReason::Good);
}
#[cfg(test)] #[cfg(test)]