skeleton code for jwt things

2020-12-18 13:03:30 -08:00 · 2020-12-18 13:03:30 -08:00 · 88f6e5b532
commit 88f6e5b532
parent 97028f8bd2
1 changed files with 31 additions and 4 deletions
--- a/server-api/src/auth.rs
+++ b/server-api/src/auth.rs
@ -1,5 +1,5 @@
 use bcrypt::{self, BcryptResult};
-use mysql_async::{Pool};
+use mysql_async::Pool;
 use mysql_async::error::Error as SqlError;


@ -58,21 +58,44 @@ pub fn encrypt_secret(raw: &str) -> BcryptResult<String> {
    return bcrypt::hash(raw, BCRYPT_COST);
 }

+fn get_jwt(params: &serde_json::Value) -> Option<&str> {
+    // gets the `token` from the parameters
+    // option<value> -> some(value) -> string
+    return params.get("token")?.as_str();
+}
+
+fn valid_jwt(token: &str)  -> AuthReason {
+    // TODO
+    return AuthReason::Good;
+}
+
 pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> {
    use std::borrow::Cow;

    // Dont need to auth if it's not required
-    if routes::is_open(path) {
-        Ok(AuthReason::OpenAuth)
+    let open_path = routes::is_open(path);
+    let jwt = get_jwt(params);
+
+    if open_path { // ignore the parameters since they're irelevant
+        return Ok(AuthReason::OpenAuth);
+    }
+
+    else if let Some(jwt) = jwt {
+        // if we have a jwt then verify its validity
+        return Ok(valid_jwt(jwt)); // Good|BadKey
    }
    else {
-        // make sure we have some legit parameter to use
+
+        // Last chance we might be hitting the /login route so we have to do the  heavy auth flow
        match (params.get("id"), params.get("secret")) {
            /* 
             * If we apparantly have user data then check for validity in credentials
             */
            (Some(id_v), Some(secret_v)) => {
                /* unwrapping because i couldn't care less about poorly formatted request data */
+                if path != "/login" {
+                    return Ok(AuthReason::BadKey);
+                }
                let id = id_v.as_u64().unwrap_or(0); // basically nobody is allowed to have 0 as its supposed to be reserved
                let secret = secret_v.as_str().unwrap_or("");
                return match Member::get(pool, id).await {
@ -96,7 +119,11 @@ pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) ->
    }
 }

+pub async fn login_get_jwt(pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, SqlError> {
+    let (id_v, secret_v) = (params.get("id"), params.get("secret"));

+    return Ok(AuthReason::Good);
+}


 #[cfg(test)]