diff --git a/Cargo.lock b/Cargo.lock index 09fecbe..e25a242 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -194,7 +194,6 @@ dependencies = [ "tower", "tower-layer", "tower-service", - "tracing", ] [[package]] @@ -212,7 +211,6 @@ dependencies = [ "rustversion", "tower-layer", "tower-service", - "tracing", ] [[package]] @@ -482,30 +480,15 @@ dependencies = [ "libc", ] -[[package]] -name = "crc" -version = "2.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49fc9a695bca7f35f5f4c15cddc84415f66a74ea78eef08e90c5024f2b540e23" -dependencies = [ - "crc-catalog 1.1.1", -] - [[package]] name = "crc" version = "3.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "86ec7a15cbe22e59248fc7eadb1907dab5ba09372595da4d73dd805ed4417dfe" dependencies = [ - "crc-catalog 2.2.0", + "crc-catalog", ] -[[package]] -name = "crc-catalog" -version = "1.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccaeedb56da03b09f598226e25e80088cb4cd25f316e6e4df7d695f0feeb1403" - [[package]] name = "crc-catalog" version = "2.2.0" @@ -1604,18 +1587,18 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.160" +version = "1.0.163" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb2f3770c8bce3bcda7e149193a069a0f4365bda1fa5cd88e03bca26afc1216c" +checksum = "2113ab51b87a539ae008b5c6c02dc020ffa39afd2d83cffcb3f4eb2722cebec2" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.160" +version = "1.0.163" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "291a097c63d8497e00160b166a967a4a79c64f3facdd01cbd7502231688d77df" +checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e" dependencies = [ "proc-macro2", "quote", @@ -1816,7 +1799,6 @@ dependencies = [ "byteorder", "bytes", "chrono", - "crc 2.1.0", "crossbeam-queue", "either", "event-listener", @@ -1838,7 +1820,6 @@ dependencies = [ "paste", "percent-encoding", "rustls 0.19.1", - "sha2 0.10.6", "smallvec", "sqlformat 0.1.8", "sqlx-rt 0.5.13", @@ -1863,7 +1844,7 @@ dependencies = [ "bitflags", "byteorder", "bytes", - "crc 3.0.1", + "crc", "crossbeam-queue", "dotenvy", "either", @@ -1910,7 +1891,6 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "sha2 0.10.6", "sqlx-core 0.5.13", "sqlx-rt 0.5.13", "syn 1.0.109", @@ -2181,9 +2161,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.28.0" +version = "1.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3c786bf8134e5a3a166db9b29ab8f48134739014a3eca7bc6bfa95d673b136f" +checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105" dependencies = [ "autocfg", "bytes", @@ -2195,6 +2175,7 @@ dependencies = [ "signal-hook-registry", "socket2", "tokio-macros", + "tracing", "windows-sys 0.48.0", ] @@ -2461,9 +2442,9 @@ checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" [[package]] name = "uuid" -version = "1.3.1" +version = "1.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b55a3fef2a1e3b3a00ce878640918820d3c51081576ac657d23af9fc7928fdb" +checksum = "345444e32442451b267fc254ae85a209c64be56d2890e601a0c37ff0c3c5ecd2" dependencies = [ "getrandom", "serde", @@ -2784,6 +2765,7 @@ dependencies = [ "argon2", "askama", "askama_axum", + "async-session", "axum", "axum-login", "axum-macros", @@ -2800,7 +2782,7 @@ dependencies = [ "tracing-subscriber", "unicode-segmentation", "urlencoding", - "uuid 1.3.1", + "uuid 1.3.3", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 49fb315..18ac566 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,18 +4,18 @@ version = "0.0.1" edition = "2021" [dependencies] -axum = { version = "0.6", features = ["macros", "tracing"] } +axum = { version = "0.6", features = ["macros", "headers"] } askama = { version = "0.12", features = ["with-axum"] } askama_axum = "0.3" axum-macros = "0.3" -tokio = { version = "1", features = ["full"] } +tokio = { version = "1", features = ["full", "tracing"], default-features = false } tracing = "0.1" tracing-subscriber = { version = "0.3", features = ["env-filter"] } -tower = { version = "0.4", features = ["util", "timeout"] } +tower = { version = "0.4", features = ["util", "timeout"], default-features = false } tower-http = { version = "0.4", features = ["add-extension", "trace"] } uuid = { version = "1.3", features = ["serde", "v4"] } serde = { version = "1", features = ["derive"] } -sqlx = { version = "0.5.10", features = ["runtime-tokio-rustls", "any", "sqlite", "chrono", "time", "uuid"] } +sqlx = { version = "0.5.10", default-features = false, features = ["runtime-tokio-rustls", "any", "sqlite", "chrono", "time", "uuid"] } argon2 = "0.5" rand_core = { version = "0.6", features = ["getrandom"] } thiserror = "1.0.40" @@ -24,3 +24,5 @@ password-hash = { version = "0.5.0", features = ["std", "getrandom"] } axum-login = { version = "0.5.0", features = ["sqlite", "sqlx"] } unicode-segmentation = "1.10.1" urlencoding = "2.1.2" +async-session = "3.0.0" + diff --git a/src/lib.rs b/src/lib.rs index 1f45553..b0ff663 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -3,6 +3,7 @@ extern crate justerror; pub mod db; pub mod generic_handlers; +pub mod session_store; pub(crate) mod templates; pub mod users; diff --git a/src/users.rs b/src/users.rs index fa6fed1..34a2a05 100644 --- a/src/users.rs +++ b/src/users.rs @@ -1,7 +1,7 @@ use std::fmt::Display; use argon2::{ - password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString}, + password_hash::{rand_core::OsRng, PasswordHasher, SaltString}, Argon2, }; use askama::Template; @@ -10,7 +10,10 @@ use axum::{ http::StatusCode, response::{IntoResponse, Response}, }; -use sqlx::{sqlite::SqliteRow, Row, SqlitePool}; +use axum_login::{ + secrecy::{SecretVec}, AuthUser, +}; +use sqlx::{query_as, sqlite::SqliteRow, Row, SqlitePool}; use unicode_segmentation::UnicodeSegmentation; use uuid::Uuid; @@ -18,16 +21,17 @@ use crate::{templates::CreateUser, ToBlob}; const CREATE_QUERY: &str = "insert into witches (id, username, displayname, email, pwhash) values ($1, $2, $3, $4, $5)"; - const ID_QUERY: &str = "select * from witches where id = $1"; +// const PW_QUERY: &str = "select pwhash from witches where id = $1"; #[derive(Debug, Default, Clone, PartialEq, Eq)] pub struct User { - id: Uuid, - username: String, - displayname: Option, - email: Option, - last_seen: Option, + pub id: Uuid, + pub username: String, + pub displayname: Option, + pub email: Option, + pub last_seen: Option, + pwhash: String, } impl Display for User { @@ -43,6 +47,16 @@ impl Display for User { } } +impl AuthUser for User { + fn get_id(&self) -> Uuid { + self.id + } + + fn get_password_hash(&self) -> SecretVec { + SecretVec::new(self.pwhash.as_bytes().to_vec()) + } +} + #[derive(Debug, Clone, Template)] #[template(path = "signup_success.html")] pub struct CreateUserSuccess(User); @@ -57,6 +71,7 @@ impl sqlx::FromRow<'_, SqliteRow> for User { let displayname: Option = row.get("displayname"); let last_seen: Option = row.get("last_seen"); let email: Option = row.get("email"); + let pwhash: String = row.get("pwhash"); Ok(Self { id, @@ -64,6 +79,7 @@ impl sqlx::FromRow<'_, SqliteRow> for User { displayname, email, last_seen, + pwhash, }) } } @@ -147,7 +163,7 @@ pub async fn handle_signup_success( let user: User = { let id = id.trim(); let id = Uuid::try_parse(id).unwrap_or_default(); - sqlx::query_as(ID_QUERY) + query_as(ID_QUERY) .bind(id.blob()) .fetch_one(&pool) .await @@ -185,7 +201,7 @@ async fn create_user( .bind(username) .bind(displayname) .bind(email) - .bind(pwhash) + .bind(&pwhash) .execute(pool) .await; @@ -197,6 +213,7 @@ async fn create_user( displayname: displayname.to_owned(), email: email.to_owned(), last_seen: None, + pwhash, }; Ok(user) }