add pw digest to user

This commit is contained in:
Joe Ardent 2023-12-20 21:50:55 -08:00
parent dfbf605257
commit 91a0ba05c4
2 changed files with 16 additions and 8 deletions

View file

@ -56,14 +56,17 @@ impl AuthnBackend for AuthStore {
) -> Result<Option<Self::User>, Self::Error> { ) -> Result<Option<Self::User>, Self::Error> {
let username = creds.username.trim(); let username = creds.username.trim();
let password = creds.password.trim(); let password = creds.password.trim();
let user = User::try_get(username, self).await.map_err(|_| AuthError)?;
let user = User::try_get(username, self).await.map_err(|_| AuthError)?;
let verifier = Argon2::default(); let verifier = Argon2::default();
let hash = PasswordHash::new(&user.pwhash).map_err(|_| AuthError)?; let hash = PasswordHash::new(&user.pwhash).map_err(|_| AuthError)?;
match verifier.verify_password(password.as_bytes(), &hash) { Ok(
Ok(_) => Ok(Some(user)), if verifier.verify_password(password.as_bytes(), &hash).is_ok() {
_ => Ok(None), Some(user)
} } else {
None
},
)
} }
async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> { async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> {

View file

@ -22,6 +22,8 @@ pub struct User {
pub email: Option<String>, pub email: Option<String>,
pub last_seen: Option<i64>, pub last_seen: Option<i64>,
pub pwhash: String, pub pwhash: String,
#[sqlx(default)]
pub digest: String,
} }
impl Debug for User { impl Debug for User {
@ -32,6 +34,7 @@ impl Debug for User {
.field("displayname", &self.displayname) .field("displayname", &self.displayname)
.field("email", &self.email) .field("email", &self.email)
.field("last_seen", &self.last_seen) .field("last_seen", &self.last_seen)
.field("digest", &self.digest)
.finish() .finish()
} }
} }
@ -50,11 +53,13 @@ impl Display for User {
} }
impl User { impl User {
pub async fn try_get(username: &str, db: &SqlitePool) -> Result<Self, impl std::error::Error> { pub async fn try_get(username: &str, db: &SqlitePool) -> Result<Self, sqlx::Error> {
sqlx::query_as(USERNAME_QUERY) let mut user: Self = sqlx::query_as(USERNAME_QUERY)
.bind(username) .bind(username)
.fetch_one(db) .fetch_one(db)
.await .await?;
user.digest = sha256::digest(&user.pwhash);
Ok(user)
} }
pub async fn update_last_seen(&self, pool: &SqlitePool) { pub async fn update_last_seen(&self, pool: &SqlitePool) {