traxys/regalade
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implement route for logging in

Browse source
This commit is contained in:
Quentin Boyer 2023-05-20 11:40:50 +02:00
parent da7d012393
commit 6be9ce5c1d
1 changed files with 37 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

40
src/routes/mod.rs
View file

@ -8,12 +8,21 @@ use axum::{
routing::post, routing::post,
Json, Router, Json, Router,
}; };
use jwt_simple::prelude::*;
use sea_orm::prelude::*;
use sha2::{Digest, Sha512};
use tower_http::cors::{self, AllowOrigin, CorsLayer}; use tower_http::cors::{self, AllowOrigin, CorsLayer};
use crate::entity::{prelude::*, user};
#[derive(thiserror::Error, Debug)] #[derive(thiserror::Error, Debug)]
enum RouteError { enum RouteError {
#[error("This account does not exist")] #[error("This account does not exist")]
UnknownAccount, UnknownAccount,
#[error("Database encountered an error")]
Db(#[from] DbErr),
#[error("JWT error encountered")]
Jwt(#[from] jwt_simple::Error),
} }
impl IntoResponse for RouteError { impl IntoResponse for RouteError {
@ -22,6 +31,10 @@ impl IntoResponse for RouteError {
RouteError::UnknownAccount => { RouteError::UnknownAccount => {
(StatusCode::NOT_FOUND, "Account not found").into_response() (StatusCode::NOT_FOUND, "Account not found").into_response()
} }
e => {
tracing::error!("Internal error: {e:?}");
StatusCode::INTERNAL_SERVER_ERROR.into_response()
}
} }
} }
} }
@ -31,10 +44,31 @@ type JsonResult<T, E = RouteError> = Result<Json<T>, E>;
type AppState = Arc<crate::AppState>; type AppState = Arc<crate::AppState>;
async fn login( async fn login(
State(_state): State<AppState>, State(state): State<AppState>,
Json(_req): Json<LoginRequest>, Json(req): Json<LoginRequest>,
) -> JsonResult<LoginResponse> { ) -> JsonResult<LoginResponse> {
Err(RouteError::UnknownAccount) let Some(user) = User::find()
.filter(user::Column::Name.eq(&req.username))
.one(&state.db)
.await? else {
return Err(RouteError::UnknownAccount)
};
let mut hasher = Sha512::new();
hasher.update(user.id.as_bytes());
hasher.update(req.password.as_bytes());
let hash = hasher.finalize();
if hash[..] != user.password {
return Err(RouteError::UnknownAccount);
}
let mut claims = Claims::create(Duration::from_secs(3600 * 24 * 31 * 6));
claims.subject = Some(user.id.to_string());
let token = state.jwt_secret.0.authenticate(claims)?;
Ok(Json(LoginResponse { token }))
} }
pub(crate) fn router(api_allowed: Option<HeaderValue>) -> Router<AppState> { pub(crate) fn router(api_allowed: Option<HeaderValue>) -> Router<AppState> {