From 9033c80369af7eca783344745a5eb3a9d7df6186 Mon Sep 17 00:00:00 2001
From: shockrah <alejandros714@protonmail.com>
Date: Tue, 2 Jun 2020 00:47:28 -0700
Subject: [PATCH] Exhaustive response to various authentication failures
 response route_dispatcher now guaranteed to fire on proper authentication
 only

---
 server/src/main.rs | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/server/src/main.rs b/server/src/main.rs
index d24f79a..e32075a 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -5,7 +5,7 @@ extern crate base64;
 
 use std::net::SocketAddr;
 use std::convert::Infallible; // our main dispatcher basically never fails hence why we use this
-use std::env::var;
+use std::env;
 use std::collections::HashMap;
 
 use tokio;
@@ -13,12 +13,14 @@ use hyper::{
     self, 
     Server,
     Response, Request, Body,
-    Method, 
+    Method, StatusCode,
     service::{make_service_fn, service_fn}
 };
+use mysql_async::Conn;
 use dotenv::dotenv;
 
 mod auth;
+use auth::AuthReason;
 
 fn map_qs(query_string_raw: Option<&str>) -> HashMap<&str, &str> {
     /*
@@ -38,7 +40,7 @@ fn map_qs(query_string_raw: Option<&str>) -> HashMap<&str, &str> {
     map
 }
 
-async fn route_dispatcher(resp: &Response<Body>, meth: &Method, path: &str, params: &HashMap<&str, Option<&str>>) {
+async fn route_dispatcher(resp: &Response<Body>, meth: &Method, path: &str, params: &HashMap<&str, &str>) {
     // we do have to handle some general hyper errors
     unimplemented!()
 }
@@ -49,12 +51,17 @@ async fn main_responder(request: Request<Body>) -> Result<Response<Body>, hyper:
     let path = request.uri().path();
     let params = map_qs(request.uri().query());
 
-    // go through our auth wall first
-    if auth::wall_entry(&params).await {
-        route_dispatcher(&response, &method, path, &params);
+    if let Ok(conn) = Conn::from_url(env::var("DATABASE_URL").unwrap()).await {
+        // some more information in the response would be great right about here
+        match auth::wall_entry(conn, &params).await {
+            AuthReason::Good =>             route_dispatcher(&response, &method, path, &params).await,
+            AuthReason::LimitPassed =>      *response.status_mut() = StatusCode::UNAUTHORIZED,
+            AuthReason::NoKey =>            *response.status_mut() = StatusCode::UNAUTHORIZED,
+            AuthReason::InternalFailure =>  *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR
+        }
     }
     else {
-        auth::wall_failure(&response);
+        *response.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
     }
 
     Ok(response)