shockrah/freechat
shockrah/freechat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
638 Commits 1 Branch 0 Tags 11 MiB
d31b02089e
Commit Graph

149 Commits

Author SHA1 Message Date
shockrah
d31b02089e Conceptualizing how future tests will be written. IDeally we can specify them even later in json so that we can generate huge amounts of tests in any language and toss them through this pipeline fast as hell 2021-01-20 20:09:29 -08:00
shockrah
2f15e2ef62 Removal/skeltonizing of a shitload of old code 2021-01-20 17:45:22 -08:00
shockrah
fc74a3dbc7 Moving http logic to its own module under a new 'web' module 
More interfaces for the testing client will be built to better analyze responses in next patches
 2021-01-20 16:56:54 -08:00
shockrah
c61c57c1b8 ignoring pycache 2021-01-20 16:50:54 -08:00
shockrah
79d77e0007 Beginning refactor of test client to more cleanly create new tests 
Body parameters were being polluted so new logic is required to make the worker more stable and ignore its state properly
 2021-01-20 13:50:09 -08:00
shockrah
22d2f3eea0 Adding hooks for /message/from_id handler 2021-01-19 22:27:06 -08:00
shockrah
01320899a3 Base implementation of new /message/from_id route 
! Requires unit testing
! Written with max response length in mind, (still ignores mem limits howevr)
 2021-01-19 22:26:53 -08:00
shockrah
3b3fa14496 * Db::Messages::get_time_range now handles case where 
start_time >= end_time
	Which means we won't get weird requests from clients anymore(hopefully)

* Route handler for /message/time_range now handles db::Response::RestrictedInput
Responds with a simple 400 and nothing else
 2021-01-19 19:43:21 -08:00
shockrah
5c4bc6f96f Updated /message/get_time to pass client api testing 2021-01-18 23:28:32 -08:00
shockrah
c89c2a4469 adding more tests for the new message fetch route 2021-01-18 23:25:11 -08:00
shockrah
6ffcb7a73b + /messages/get_range base route handler, ready for testing 2021-01-18 22:01:11 -08:00
shockrah
b917483dac * Upated message struct initialization to shorthand (cosmetic thing 
* Updated message struct to use channel_id not _name

+ Base implementation f Message::get_time_range, yet to be tested
 2021-01-18 22:00:24 -08:00
shockrah
2fb24ee45e New server meta endpoint to help out clients remember stuff about that server 2020-12-30 01:47:12 -08:00
shockrah
76fc2f66b3 More tests that are passing <o/ 2020-12-30 01:13:15 -08:00
shockrah
dfe53b323e /messages/send now correctyl tells the user they're wrong about sendingmessages to a non-existant channel 2020-12-30 01:00:47 -08:00
shockrah
7c95519402 + Adding option to test everything including cargo and client tests 2020-12-30 00:13:18 -08:00
shockrah
c79cf34dfd slightly more coverage for now not fulll 
- Old tests won't work anymore due to jwt things
 2020-12-29 23:57:40 -08:00
shockrah
ab12283507 + Computing encoding key once in a lazy_static 
+ unit test verifying is extremely sus.jpg but it looks like it passes
! bs detectors on max rn so i'll keep this under close watch for now
 2020-12-29 23:57:11 -08:00
shockrah
477be1fd3f Members now debugable 2020-12-29 23:51:14 -08:00
shockrah
549c69f668 + Added Response::RestrictedInput to db-lib 
Should make it more dsecriptive with really weird input and prevent even more confusing 500 responses to the client

+ db-lib::Channels::add now also potentially returns this new RestrictedInput variant
 2020-12-29 23:50:57 -08:00
shockrah
b7209c000c Changed token in user params to jwt since token was way too vague 2020-12-28 23:05:31 -08:00
shockrah
b351f63db5 db-lib now attempts to update tokens from failed update_jwt call 2020-12-28 23:03:13 -08:00
shockrah
7263ae0980 Preventing outsiders from refreshing someone else's token 
! Unless their id/secret combo is robbed in which case they're screwed anyway /shrug
 2020-12-28 22:16:55 -08:00
shockrah
5366ba9690 * Refactored secret_value generation to be behind an easy to use helper 
* Refactored serde facing puller functions to be more clear
- Removing incorrect commentary
* Changed login handler to start using mysql based api
! Further refactoring in the previous to be more readable
 2020-12-28 22:00:59 -08:00
shockrah
9d01912670 Adding hook for getting jwt from login 
Also missed a lazy_static removal in db-lib
 2020-12-28 21:57:47 -08:00
shockrah
2ad0136e69 JWT Table in mysql, querying with user id's and keeping tokens in string format 2020-12-28 21:56:22 -08:00
shockrah
967782be5f Movng back to mysql from redis due to tokio reactor errors 
At some point we should try moving to redis for better cache performance but that change is massive and this works at least as a poc
 2020-12-28 21:53:57 -08:00
shockrah
55ade005a2 Removing fluff dependancies from db-lib: lazy_static + jsonwebtoken 2020-12-28 21:52:49 -08:00
shockrah
bdecf73000 More notes on jwt authentication 2020-12-22 21:52:30 -08:00
shockrah
11251fe6d3 1. adding hmac_secret as a private lazy_static variable 
This is only initialized once and is read only after the fact so it should be fine

2. Adding a Claim struct that all JWT's will use for their structure. A helpful .new() function is provided

3. AuthReason::ServerIssue(String) is a now a thing

Should help the auth module be more clear in what's  going on

4. fn get_jwt_json -> renamed from get_jwt to indicate we're getting something from json payload. Nothing more

5. async fn valid_jwt: Attempts to decode the given token, if successful it then looks if that user has given us an active jwt budget-session-key if (returns boolean)

6. wall_entry now returns an AuthReason without the sql wrapping, since thats db-lib's problem anyway

Also we're collecting all data upfront then verifying it as we go.

7. async fn login_get_jwt::ROUTE

On login_auth here we simply create a JWT for the user, store it in cache, then give it back to the user to use.
Tokens take a week to expire

8. Removed busted tests that weren't doing anything useful for the time being
 2020-12-22 21:51:23 -08:00
shockrah
c0f5908089 Tiny auth module for literally just redis and jwt things 
Also we're doing a really budget version of sessions here so we might change things later but this is fine for now
 2020-12-22 21:30:35 -08:00
shockrah
02e6c4145e now hanlding server issues with auth(since those sometimes happen) 
also renamed some vars to be more clear
 2020-12-22 21:29:43 -08:00
shockrah
47b4b7e35f Script for generating a smiple hmac value 2020-12-22 21:28:57 -08:00
shockrah
9a3833ea49 sample .env now uses redis 
Also I'm moving the redis deps to db-lib
Lazy static now added for the sake of holding the only static ref we need/want
the hmac secret
 2020-12-22 21:28:38 -08:00
shockrah
5a5ecfad26 Optimizations for buidling memcacache for our tokens 2020-12-20 19:43:27 -08:00
shockrah
88f6e5b532 skeleton code for jwt things 2020-12-18 13:03:30 -08:00
shockrah
ce79d33380 Basically a rewrite of previous docs but this one is super terse 2020-12-12 15:45:13 -08:00
shockrah
275869a6f7 showing options passed to routes in tests 2020-12-12 14:46:09 -08:00
shockrah
4ac696820e Removing dynamic routes altogether 2020-12-12 14:45:43 -08:00
shockrah
201297f4c1 Checking for valid channel.kind on /channels/create 2020-12-12 13:51:43 -08:00
shockrah
8e2b52d1c9 Moving passable tests to their own function for now as we'll need some failing tests soon 2020-12-12 13:33:21 -08:00
shockrah
13eb58ec06 * Owner perms were not being calculated correctly, this is now fixed 2020-11-21 19:18:40 -08:00
shockrah
063f2c7c48 --create-owner flag now correctly gives back the actual secret value instead of the encrypted value 2020-11-21 19:06:23 -08:00
shockrah
8661bcabe7 Removed redudancies and loud error messages 2020-11-21 19:05:44 -08:00
shockrah
f5f3df2ee2 + Created testing func which is now super easily configurable 
! This lets me specify between release and debug testing now yey
 2020-11-21 19:05:02 -08:00
shockrah
acbbaab68d create_admin flag now behaves correctly 2020-11-21 19:04:06 -08:00
shockrah
1c1bb5f3cd * -c now uses the name parameter given to it 
* new branch for failure of secret generation
 2020-11-21 13:21:44 -08:00
shockrah
b15277348f Better docs inspired jsdocs in db-lib::Member::add 2020-11-21 13:20:46 -08:00
shockrah
c80a1dab40 * clearer branching and some descriptive comments 2020-11-21 13:20:27 -08:00
shockrah
ea5162d185 + Better secret generation 
+ Helper function to clearly encrypt generated secrets
+ New test for auth::valid_secret as a sanity check
! routes::is_open is no longer retarded and behaves as expected
 2020-11-21 13:19:52 -08:00