2021-10-16 13:33:38 +00:00
|
|
|
use crate::{
|
|
|
|
newtypes::LocalUserId,
|
2022-11-19 04:33:54 +00:00
|
|
|
schema::password_reset_request::dsl::{password_reset_request, published, token_encrypted},
|
|
|
|
source::password_reset_request::{PasswordResetRequest, PasswordResetRequestForm},
|
2021-10-16 13:33:38 +00:00
|
|
|
traits::Crud,
|
2022-11-09 10:05:00 +00:00
|
|
|
utils::{get_conn, DbPool},
|
2021-03-18 20:25:21 +00:00
|
|
|
};
|
2022-11-19 04:33:54 +00:00
|
|
|
use diesel::{
|
|
|
|
dsl::{insert_into, now, IntervalDsl},
|
|
|
|
result::Error,
|
|
|
|
ExpressionMethods,
|
|
|
|
QueryDsl,
|
|
|
|
};
|
2022-11-09 10:05:00 +00:00
|
|
|
use diesel_async::RunQueryDsl;
|
2019-12-26 19:48:13 +00:00
|
|
|
use sha2::{Digest, Sha256};
|
2019-10-30 03:35:39 +00:00
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
#[async_trait]
|
2021-08-17 18:04:58 +00:00
|
|
|
impl Crud for PasswordResetRequest {
|
2022-10-27 09:24:07 +00:00
|
|
|
type InsertForm = PasswordResetRequestForm;
|
|
|
|
type UpdateForm = PasswordResetRequestForm;
|
2021-08-17 18:04:58 +00:00
|
|
|
type IdType = i32;
|
2022-11-09 10:05:00 +00:00
|
|
|
async fn read(pool: &DbPool, password_reset_request_id: i32) -> Result<Self, Error> {
|
|
|
|
let conn = &mut get_conn(pool).await?;
|
2019-11-02 06:43:21 +00:00
|
|
|
password_reset_request
|
|
|
|
.find(password_reset_request_id)
|
|
|
|
.first::<Self>(conn)
|
2022-11-09 10:05:00 +00:00
|
|
|
.await
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
2022-11-09 10:05:00 +00:00
|
|
|
async fn create(pool: &DbPool, form: &PasswordResetRequestForm) -> Result<Self, Error> {
|
|
|
|
let conn = &mut get_conn(pool).await?;
|
2019-11-02 06:43:21 +00:00
|
|
|
insert_into(password_reset_request)
|
|
|
|
.values(form)
|
|
|
|
.get_result::<Self>(conn)
|
2022-11-09 10:05:00 +00:00
|
|
|
.await
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
2022-11-09 10:05:00 +00:00
|
|
|
async fn update(
|
|
|
|
pool: &DbPool,
|
2019-11-02 06:43:21 +00:00
|
|
|
password_reset_request_id: i32,
|
|
|
|
form: &PasswordResetRequestForm,
|
|
|
|
) -> Result<Self, Error> {
|
2022-11-09 10:05:00 +00:00
|
|
|
let conn = &mut get_conn(pool).await?;
|
2019-10-30 03:35:39 +00:00
|
|
|
diesel::update(password_reset_request.find(password_reset_request_id))
|
|
|
|
.set(form)
|
|
|
|
.get_result::<Self>(conn)
|
2022-11-09 10:05:00 +00:00
|
|
|
.await
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-16 13:33:38 +00:00
|
|
|
impl PasswordResetRequest {
|
2022-11-09 10:05:00 +00:00
|
|
|
pub async fn create_token(
|
|
|
|
pool: &DbPool,
|
2021-03-18 20:25:21 +00:00
|
|
|
from_local_user_id: LocalUserId,
|
2020-12-21 13:38:34 +00:00
|
|
|
token: &str,
|
|
|
|
) -> Result<PasswordResetRequest, Error> {
|
2019-11-02 06:41:57 +00:00
|
|
|
let mut hasher = Sha256::new();
|
2020-07-01 12:54:29 +00:00
|
|
|
hasher.update(token);
|
2020-12-21 13:38:34 +00:00
|
|
|
let token_hash: String = bytes_to_hex(hasher.finalize().to_vec());
|
2019-10-30 03:35:39 +00:00
|
|
|
|
|
|
|
let form = PasswordResetRequestForm {
|
2021-02-26 13:49:58 +00:00
|
|
|
local_user_id: from_local_user_id,
|
2019-10-30 03:35:39 +00:00
|
|
|
token_encrypted: token_hash,
|
|
|
|
};
|
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
Self::create(pool, &form).await
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
2022-11-09 10:05:00 +00:00
|
|
|
pub async fn read_from_token(pool: &DbPool, token: &str) -> Result<PasswordResetRequest, Error> {
|
|
|
|
let conn = &mut get_conn(pool).await?;
|
2019-11-02 06:41:57 +00:00
|
|
|
let mut hasher = Sha256::new();
|
2020-07-01 12:54:29 +00:00
|
|
|
hasher.update(token);
|
2020-12-21 13:38:34 +00:00
|
|
|
let token_hash: String = bytes_to_hex(hasher.finalize().to_vec());
|
2019-11-02 06:41:57 +00:00
|
|
|
password_reset_request
|
|
|
|
.filter(token_encrypted.eq(token_hash))
|
|
|
|
.filter(published.gt(now - 1.days()))
|
|
|
|
.first::<Self>(conn)
|
2022-11-09 10:05:00 +00:00
|
|
|
.await
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
2020-12-21 13:38:34 +00:00
|
|
|
}
|
2019-12-22 16:08:03 +00:00
|
|
|
|
2020-12-21 13:38:34 +00:00
|
|
|
fn bytes_to_hex(bytes: Vec<u8>) -> String {
|
|
|
|
let mut str = String::new();
|
|
|
|
for byte in bytes {
|
2023-01-30 19:17:24 +00:00
|
|
|
str = format!("{str}{byte:02x}");
|
2019-12-22 16:08:03 +00:00
|
|
|
}
|
2020-12-21 13:38:34 +00:00
|
|
|
str
|
2019-10-30 03:35:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
2020-12-21 16:30:34 +00:00
|
|
|
use crate::{
|
2021-10-16 13:33:38 +00:00
|
|
|
source::{
|
2022-10-27 09:24:07 +00:00
|
|
|
instance::Instance,
|
|
|
|
local_user::{LocalUser, LocalUserInsertForm},
|
2021-10-16 13:33:38 +00:00
|
|
|
password_reset_request::PasswordResetRequest,
|
2022-11-19 04:33:54 +00:00
|
|
|
person::{Person, PersonInsertForm},
|
2021-10-16 13:33:38 +00:00
|
|
|
},
|
|
|
|
traits::Crud,
|
2022-11-09 10:05:00 +00:00
|
|
|
utils::build_db_pool_for_tests,
|
2021-03-11 16:41:04 +00:00
|
|
|
};
|
2021-02-25 19:43:39 +00:00
|
|
|
use serial_test::serial;
|
2019-10-30 03:35:39 +00:00
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
#[tokio::test]
|
2021-02-25 19:43:39 +00:00
|
|
|
#[serial]
|
2022-11-09 10:05:00 +00:00
|
|
|
async fn test_crud() {
|
|
|
|
let pool = &build_db_pool_for_tests().await;
|
2019-10-30 03:35:39 +00:00
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
let inserted_instance = Instance::create(pool, "my_domain.tld").await.unwrap();
|
2022-10-27 09:24:07 +00:00
|
|
|
|
|
|
|
let new_person = PersonInsertForm::builder()
|
|
|
|
.name("thommy prw".into())
|
|
|
|
.public_key("pubkey".to_string())
|
|
|
|
.instance_id(inserted_instance.id)
|
|
|
|
.build();
|
2019-10-30 03:35:39 +00:00
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
let inserted_person = Person::create(pool, &new_person).await.unwrap();
|
2019-10-30 03:35:39 +00:00
|
|
|
|
2022-10-27 09:24:07 +00:00
|
|
|
let new_local_user = LocalUserInsertForm::builder()
|
|
|
|
.person_id(inserted_person.id)
|
|
|
|
.password_encrypted("pass".to_string())
|
|
|
|
.build();
|
2021-03-11 16:41:04 +00:00
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
let inserted_local_user = LocalUser::create(pool, &new_local_user).await.unwrap();
|
2021-03-11 16:41:04 +00:00
|
|
|
|
2019-12-28 21:06:37 +00:00
|
|
|
let token = "nope";
|
|
|
|
let token_encrypted_ = "ca3704aa0b06f5954c79ee837faa152d84d6b2d42838f0637a15eda8337dbdce";
|
2019-11-02 06:43:21 +00:00
|
|
|
|
|
|
|
let inserted_password_reset_request =
|
2022-11-09 10:05:00 +00:00
|
|
|
PasswordResetRequest::create_token(pool, inserted_local_user.id, token)
|
|
|
|
.await
|
|
|
|
.unwrap();
|
2019-10-30 03:35:39 +00:00
|
|
|
|
|
|
|
let expected_password_reset_request = PasswordResetRequest {
|
|
|
|
id: inserted_password_reset_request.id,
|
2021-03-11 16:41:04 +00:00
|
|
|
local_user_id: inserted_local_user.id,
|
2019-12-28 21:06:37 +00:00
|
|
|
token_encrypted: token_encrypted_.to_string(),
|
2019-10-30 03:35:39 +00:00
|
|
|
published: inserted_password_reset_request.published,
|
|
|
|
};
|
|
|
|
|
2022-11-09 10:05:00 +00:00
|
|
|
let read_password_reset_request = PasswordResetRequest::read_from_token(pool, token)
|
|
|
|
.await
|
|
|
|
.unwrap();
|
|
|
|
let num_deleted = Person::delete(pool, inserted_person.id).await.unwrap();
|
|
|
|
Instance::delete(pool, inserted_instance.id).await.unwrap();
|
2019-10-30 03:35:39 +00:00
|
|
|
|
|
|
|
assert_eq!(expected_password_reset_request, read_password_reset_request);
|
2019-11-02 06:43:21 +00:00
|
|
|
assert_eq!(
|
|
|
|
expected_password_reset_request,
|
|
|
|
inserted_password_reset_request
|
|
|
|
);
|
2019-10-30 03:35:39 +00:00
|
|
|
assert_eq!(1, num_deleted);
|
|
|
|
}
|
|
|
|
}
|