actix/examples
1
0
Fork 0
mirror of https://github.com/actix/examples synced 2024-11-27 16:02:57 +01:00
Code Issues Releases Wiki Activity

Update to new actix 1.0 api, drop actix-rt (#158)

Browse Source
This commit is contained in:
Harry Gill 2019-07-18 12:55:14 +01:00 committed by Nikolay Kim
parent 258eae3bb9
commit 7525903fe6
15 changed files with 264 additions and 374 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
simple-auth-server/Cargo.toml
View File

@ -6,23 +6,20 @@ edition = "2018"
workspace = ".."
[dependencies]
actix = "0.8.2"
actix-rt = "0.2.2"
actix-web = "1.0.2"
actix-files = "0.1.1"
actix-identity= "0.1.0"
bcrypt = "0.2.1"
actix-identity = "0.1.0"
actix-web = "1.0.3"
argonautica = "0.2.0"
chrono = { version = "0.4.6", features = ["serde"] }
diesel = { version = "1.3.3", features = ["postgres", "uuid", "r2d2", "chrono"] }
dotenv = "0.13.0"
derive_more = "0.14"
env_logger = "0.6.0"
jsonwebtoken = "6.0.0"
futures = "0.1.25"
r2d2 = "0.8.3"
serde_derive="1.0.80"
serde_json="1.0"
serde="1.0"
derive_more = "0.15.0"
diesel = { version = "1.4.2", features = ["postgres","uuidv07", "r2d2", "chrono"] }
dotenv = "0.14.1"
env_logger = "0.6"
futures = "0.1"
r2d2 = "0.8"
lazy_static = "1.3.0"
serde = "1.0"
serde_derive = "1.0"
serde_json = "1.0"
sparkpost = "0.5.2"
uuid = { version = "0.6.5", features = ["serde", "v4"] }
uuid = { version = "0.7", features = ["serde", "v4"] }

20
simple-auth-server/README.md
View File

@ -1,21 +1,22 @@
## Auth Web Microservice with rust using Actix-Web 1.0
##### Flow of the event would look like this:
- Registers with email address ➡ Receive an 📨 with a link to verify
- Follow the link ➡ register with same email and a password
- Login with email and password ➡ Get verified and receive jwt token
- Login with email and password ➡ Get verified and receive auth cookie
##### Crates we are going to use
##### Crates Used
- [actix](https://crates.io/crates/actix) // Actix is a Rust actors framework.
- [actix-web](https://crates.io/crates/actix-web) // Actix web is a simple, pragmatic and extremely fast web framework for Rust.
- [bcrypt](https://crates.io/crates/bcrypt) // Easily hash and verify passwords using bcrypt.
- [argonautica](https://docs.rs/argonautica) // crate for hashing passwords using the cryptographically-secure Argon2 hashing algorithm.
- [chrono](https://crates.io/crates/chrono) // Date and time library for Rust.
- [diesel](https://crates.io/crates/diesel) // A safe, extensible ORM and Query Builder for PostgreSQL, SQLite, and MySQL.
- [dotenv](https://crates.io/crates/dotenv) // A dotenv implementation for Rust.
- [derive_more](https://crates.io/crates/derive_more) // Convenience macros to derive tarits easily
- [env_logger](https://crates.io/crates/env_logger) // A logging implementation for log which is configured via an environment variable.
- [failure](https://crates.io/crates/failure) // Experimental error handling abstraction.
- [jsonwebtoken](https://crates.io/crates/jsonwebtoken) // Create and parse JWT in a strongly typed way.
- [futures](https://crates.io/crates/futures) // An implementation of futures and streams featuring zero allocations, composability, and iterator-like interfaces.
- [lazy_static](https://docs.rs/lazy_static) // A macro for declaring lazily evaluated statics.
- [r2d2](https://crates.io/crates/r2d2) // A generic connection pool.
- [serde](https://crates.io/crates/serde) // A generic serialization/deserialization framework.
- [serde_json](https://crates.io/crates/serde_json) // A JSON serialization file format.
@ -24,9 +25,6 @@
- [uuid](https://crates.io/crates/uuid) // A library to generate and parse UUIDs.
Read the full tutorial series on [hgill.io](https://hgill.io)
- [Auth Web Microservice with rust using Actix-Web - Complete Tutorial Part 1](https://hgill.io/posts/auth-microservice-rust-actix-web-diesel-complete-tutorial-part-1/)
- [Auth Web Microservice with rust using Actix-Web - Complete Tutorial Part 2](https://hgill.io/posts/auth-microservice-rust-actix-web-diesel-complete-tutorial-part-2/)
- [Auth Web Microservice with rust using Actix-Web - Complete Tutorial Part 3](https://hgill.io/posts/auth-microservice-rust-actix-web-diesel-complete-tutorial-part-3/)
Read the full tutorial series on [gill.net.in](https://gill.net.in)
- [Auth Web Microservice with rust using Actix-Web 1.0 - Complete Tutorial](https://gill.net.in/posts/auth-microservice-rust-actix-web1.0-diesel-complete-tutorial/)

2
simple-auth-server/migrations/2018-10-09-101948_users/up.sql
View File

@ -1,6 +1,6 @@
-- Your SQL goes here
CREATE TABLE users (
email VARCHAR(100) NOT NULL UNIQUE PRIMARY KEY,
password VARCHAR(64) NOT NULL, --bcrypt hash
hash VARCHAR(122) NOT NULL, --argon hash
created_at TIMESTAMP NOT NULL
);

90
simple-auth-server/src/auth_handler.rs
View File

@ -1,12 +1,14 @@
use actix::{Handler, Message};
use actix_identity::Identity;
use actix_web::{dev::Payload, Error, FromRequest, HttpRequest};
use bcrypt::verify;
use actix_web::{
dev::Payload, error::BlockingError, web, Error, FromRequest, HttpRequest, HttpResponse,
};
use diesel::prelude::*;
use diesel::PgConnection;
use futures::Future;
use crate::errors::ServiceError;
use crate::models::{DbExecutor, SlimUser, User};
use crate::utils::decode_token;
use crate::models::{Pool, SlimUser, User};
use crate::utils::verify;
#[derive(Debug, Deserialize)]
pub struct AuthData {
@ -14,34 +16,6 @@ pub struct AuthData {
pub password: String,
}
impl Message for AuthData {
type Result = Result<SlimUser, ServiceError>;
}
impl Handler<AuthData> for DbExecutor {
type Result = Result<SlimUser, ServiceError>;
fn handle(&mut self, msg: AuthData, _: &mut Self::Context) -> Self::Result {
use crate::schema::users::dsl::{email, users};
let conn: &PgConnection = &self.0.get().unwrap();
let mut items = users.filter(email.eq(&msg.email)).load::<User>(conn)?;
if let Some(user) = items.pop() {
match verify(&msg.password, &user.password) {
Ok(matching) => {
if matching {
return Ok(user.into());
}
}
Err(_) => (),
}
}
Err(ServiceError::BadRequest(
"Username and Password don't match".into(),
))
}
}
// we need the same data
// simple aliasing makes the intentions clear and its more readable
pub type LoggedUser = SlimUser;
@ -53,9 +27,55 @@ impl FromRequest for LoggedUser {
fn from_request(req: &HttpRequest, pl: &mut Payload) -> Self::Future {
if let Some(identity) = Identity::from_request(req, pl)?.identity() {
let user: SlimUser = decode_token(&identity)?;
return Ok(user as LoggedUser);
let user: LoggedUser = serde_json::from_str(&identity)?;
return Ok(user);
}
Err(ServiceError::Unauthorized.into())
}
}
pub fn logout(id: Identity) -> HttpResponse {
id.forget();
HttpResponse::Ok().finish()
}
pub fn login(
auth_data: web::Json<AuthData>,
id: Identity,
pool: web::Data<Pool>,
) -> impl Future<Item = HttpResponse, Error = ServiceError> {
web::block(move || query(auth_data.into_inner(), pool)).then(
move |res: Result<SlimUser, BlockingError<ServiceError>>| match res {
Ok(user) => {
let user_string = serde_json::to_string(&user).unwrap();
id.remember(user_string);
Ok(HttpResponse::Ok().finish())
}
Err(err) => match err {
BlockingError::Error(service_error) => Err(service_error),
BlockingError::Canceled => Err(ServiceError::InternalServerError),
},
},
)
}
pub fn get_me(logged_user: LoggedUser) -> HttpResponse {
HttpResponse::Ok().json(logged_user)
}
/// Diesel query
fn query(auth_data: AuthData, pool: web::Data<Pool>) -> Result<SlimUser, ServiceError> {
use crate::schema::users::dsl::{email, users};
let conn: &PgConnection = &pool.get().unwrap();
let mut items = users
.filter(email.eq(&auth_data.email))
.load::<User>(conn)?;
if let Some(user) = items.pop() {
if let Ok(matching) = verify(&user.hash, &auth_data.password) {
if matching {
return Ok(user.into());
}
}
}
Err(ServiceError::Unauthorized)
}

34
simple-auth-server/src/auth_routes.rs
View File

@ -1,34 +0,0 @@
use actix::Addr;
use actix_identity::Identity;
use actix_web::{web, Error, HttpRequest, HttpResponse, Responder, ResponseError};
use futures::Future;
use crate::auth_handler::{AuthData, LoggedUser};
use crate::models::DbExecutor;
use crate::utils::create_token;
pub fn login(
auth_data: web::Json<AuthData>,
id: Identity,
db: web::Data<Addr<DbExecutor>>,
) -> impl Future<Item = HttpResponse, Error = Error> {
db.send(auth_data.into_inner())
.from_err()
.and_then(move |res| match res {
Ok(user) => {
let token = create_token(&user)?;
id.remember(token);
Ok(HttpResponse::Ok().into())
}
Err(err) => Ok(err.error_response()),
})
}
pub fn logout(id: Identity) -> impl Responder {
id.forget();
HttpResponse::Ok()
}
pub fn get_me(logged_user: LoggedUser) -> HttpResponse {
HttpResponse::Ok().json(logged_user)
}

19
simple-auth-server/src/email_service.rs
View File

@ -1,16 +1,18 @@
// email_service.rs
use crate::errors::ServiceError;
use crate::models::Invitation;
use sparkpost::transmission::{
EmailAddress, Message, Options, Recipient, Transmission, TransmissionResponse,
};
fn get_api_key() -> String {
std::env::var("SPARKPOST_API_KEY").expect("SPARKPOST_API_KEY must be set")
lazy_static::lazy_static! {
static ref API_KEY: String = std::env::var("SPARKPOST_API_KEY").expect("SPARKPOST_API_KEY must be set");
}
pub fn send_invitation(invitation: &Invitation) {
let tm = Transmission::new_eu(get_api_key());
let sending_email = std::env::var("SENDING_EMAIL_ADDRESS")
.expect("SENDING_EMAIL_ADDRESS must be set");
pub fn send_invitation(invitation: &Invitation) -> Result<(), ServiceError> {
let tm = Transmission::new_eu(API_KEY.as_str());
let sending_email =
std::env::var("SENDING_EMAIL_ADDRESS").expect("SENDING_EMAIL_ADDRESS must be set");
// new email message with sender name and email
let mut email = Message::new(EmailAddress::new(sending_email, "Let's Organise"));
@ -53,13 +55,16 @@ pub fn send_invitation(invitation: &Invitation) {
Ok(res) => match res {
TransmissionResponse::ApiResponse(api_res) => {
println!("API Response: \n {:#?}", api_res);
Ok(())
}
TransmissionResponse::ApiError(errors) => {
println!("Response Errors: \n {:#?}", &errors);
Err(ServiceError::InternalServerError)
}
},
Err(error) => {
println!("error \n {:#?}", error);
println!("Send Email Error: \n {:#?}", error);
Err(ServiceError::InternalServerError)
}
}
}

25
simple-auth-server/src/errors.rs
View File

@ -1,8 +1,8 @@
use actix_web::{error::ResponseError, HttpResponse};
use derive_more::Display;
use diesel::result::{DatabaseErrorKind, Error};
use diesel::result::{DatabaseErrorKind, Error as DBError};
use std::convert::From;
use uuid::ParseError;
use uuid::parser::ParseError;
#[derive(Debug, Display)]
pub enum ServiceError {
@ -19,15 +19,13 @@ pub enum ServiceError {
// impl ResponseError trait allows to convert our errors into http responses with appropriate data
impl ResponseError for ServiceError {
fn error_response(&self) -> HttpResponse {
match *self {
match self {
ServiceError::InternalServerError => HttpResponse::InternalServerError()
.json("Internal Server Error, Please try later"),
ServiceError::BadRequest(ref message) => {
HttpResponse::BadRequest().json(message)
}
ServiceError::Unauthorized => {
HttpResponse::Unauthorized().json("Unauthorized")
}
ServiceError::BadRequest(ref message) => HttpResponse::BadRequest()
.json(message),
ServiceError::Unauthorized => HttpResponse::Unauthorized()
.json("Unauthorized"),
}
}
}
@ -40,15 +38,14 @@ impl From<ParseError> for ServiceError {
}
}
impl From<Error> for ServiceError {
fn from(error: Error) -> ServiceError {
impl From<DBError> for ServiceError {
fn from(error: DBError) -> ServiceError {
// Right now we just care about UniqueViolation from diesel
// But this would be helpful to easily map errors as our app grows
match error {
Error::DatabaseError(kind, info) => {
DBError::DatabaseError(kind, info) => {
if let DatabaseErrorKind::UniqueViolation = kind {
let message =
info.details().unwrap_or_else(|| info.message()).to_string();
let message = info.details().unwrap_or_else(|| info.message()).to_string();
return ServiceError::BadRequest(message);
}
ServiceError::InternalServerError

68
simple-auth-server/src/invitation_handler.rs
View File

@ -1,38 +1,50 @@
use actix::{Handler, Message};
use chrono::{Duration, Local};
use diesel::{self, prelude::*};
use uuid::Uuid;
use actix_web::{error::BlockingError, web, HttpResponse};
use diesel::{prelude::*, PgConnection};
use futures::Future;
use crate::email_service::send_invitation;
use crate::errors::ServiceError;
use crate::models::{DbExecutor, Invitation};
use crate::models::{Invitation, Pool};
#[derive(Deserialize)]
pub struct CreateInvitation {
pub struct InvitationData {
pub email: String,
}
impl Message for CreateInvitation {
type Result = Result<Invitation, ServiceError>;
pub fn post_invitation(
invitation_data: web::Json<InvitationData>,
pool: web::Data<Pool>,
) -> impl Future<Item = HttpResponse, Error = ServiceError> {
// run diesel blocking code
web::block(move || create_invitation(invitation_data.into_inner().email, pool)).then(|res| {
match res {
Ok(_) => Ok(HttpResponse::Ok().finish()),
Err(err) => match err {
BlockingError::Error(service_error) => Err(service_error),
BlockingError::Canceled => Err(ServiceError::InternalServerError),
},
}
})
}
impl Handler<CreateInvitation> for DbExecutor {
type Result = Result<Invitation, ServiceError>;
fn handle(&mut self, msg: CreateInvitation, _: &mut Self::Context) -> Self::Result {
use crate::schema::invitations::dsl::*;
let conn: &PgConnection = &self.0.get().unwrap();
// creating a new Invitation object with expired at time that is 24 hours from now
let new_invitation = Invitation {
id: Uuid::new_v4(),
email: msg.email.clone(),
expires_at: Local::now().naive_local() + Duration::hours(24),
};
let inserted_invitation = diesel::insert_into(invitations)
.values(&new_invitation)
.get_result(conn)?;
Ok(inserted_invitation)
}
fn create_invitation(
eml: String,
pool: web::Data<Pool>,
) -> Result<(), crate::errors::ServiceError> {
let invitation = dbg!(query(eml, pool)?);
send_invitation(&invitation)
}
/// Diesel query
fn query(eml: String, pool: web::Data<Pool>) -> Result<Invitation, crate::errors::ServiceError> {
use crate::schema::invitations::dsl::invitations;
let new_invitation : Invitation = eml.into();
let conn: &PgConnection = &pool.get().unwrap();
let inserted_invitation = diesel::insert_into(invitations)
.values(&new_invitation)
.get_result(conn)?;
Ok(inserted_invitation)
}

22
simple-auth-server/src/invitation_routes.rs
View File

@ -1,22 +0,0 @@
use actix::Addr;
use actix_web::{web, Error, HttpResponse, ResponseError};
use futures::future::Future;
use crate::email_service::send_invitation;
use crate::invitation_handler::CreateInvitation;
use crate::models::DbExecutor;
pub fn register_email(
signup_invitation: web::Json<CreateInvitation>,
db: web::Data<Addr<DbExecutor>>,
) -> impl Future<Item = HttpResponse, Error = Error> {
db.send(signup_invitation.into_inner())
.from_err()
.and_then(|db_response| match db_response {
Ok(invitation) => {
send_invitation(&invitation);
Ok(HttpResponse::Ok().into())
}
Err(err) => Ok(err.error_response()),
})
}

72
simple-auth-server/src/main.rs
View File

@ -1,98 +1,72 @@
#![allow(unused_imports)]
#[macro_use]
extern crate diesel;
#[macro_use]
extern crate serde_derive;
use actix::prelude::*;
use actix_files as fs;
use actix_identity::{CookieIdentityPolicy, IdentityService};
use actix_web::middleware::Logger;
use actix_web::{web, App, HttpServer};
use chrono::Duration;
use diesel::{r2d2::ConnectionManager, PgConnection};
use dotenv::dotenv;
use actix_web::{middleware, web, App, HttpServer};
use diesel::prelude::*;
use diesel::r2d2::{self, ConnectionManager};
mod auth_handler;
mod auth_routes;
mod email_service;
mod errors;
mod invitation_handler;
mod invitation_routes;
mod models;
mod register_handler;
mod register_routes;
mod schema;
mod utils;
use crate::models::DbExecutor;
fn main() -> std::io::Result<()> {
dotenv().ok();
dotenv::dotenv().ok();
std::env::set_var(
"RUST_LOG",
"simple-auth-server=debug,actix_web=info,actix_server=info",
);
env_logger::init();
let sys = actix_rt::System::new("example");
let database_url = std::env::var("DATABASE_URL").expect("DATABASE_URL must be set");
// create db connection pool
let manager = ConnectionManager::<PgConnection>::new(database_url);
let pool = r2d2::Pool::builder()
let pool: models::Pool = r2d2::Pool::builder()
.build(manager)
.expect("Failed to create pool.");
let domain: String = std::env::var("DOMAIN").unwrap_or_else(|_| "localhost".to_string());
let address: Addr<DbExecutor> =
SyncArbiter::start(4, move || DbExecutor(pool.clone()));
// Start http server
HttpServer::new(move || {
// secret is a random minimum 32 bytes long base 64 string
let secret: String =
std::env::var("SECRET_KEY").unwrap_or_else(|_| "0123".repeat(8));
let domain: String =
std::env::var("DOMAIN").unwrap_or_else(|_| "localhost".to_string());
App::new()
.data(address.clone())
.wrap(Logger::default())
.data(pool.clone())
// enable logger
.wrap(middleware::Logger::default())
.wrap(IdentityService::new(
CookieIdentityPolicy::new(secret.as_bytes())
CookieIdentityPolicy::new(utils::SECRET_KEY.as_bytes())
.name("auth")
.path("/")
.domain(domain.as_str())
.max_age_time(Duration::days(1))
.max_age_time(chrono::Duration::days(1))
.secure(false), // this can only be true if you have https
))
.data(web::JsonConfig::default().limit(4096))
// everything under '/api/' route
.service(
web::scope("/api")
// routes for authentication
.service(
web::resource("/auth")
.route(web::post().to_async(auth_routes::login))
.route(web::delete().to(auth_routes::logout))
.route(web::get().to_async(auth_routes::get_me)),
web::resource("/invitation")
.route(web::post().to_async(invitation_handler::post_invitation)),
)
// routes to invitation
.service(
web::resource("/invitation").route(
web::post().to_async(invitation_routes::register_email),
),
)
// routes to register as a user after the
.service(
web::resource("/register/{invitation_id}")
.route(web::post().to_async(register_routes::register_user)),
.route(web::post().to_async(register_handler::register_user)),
)
.service(
web::resource("/auth")
.route(web::post().to_async(auth_handler::login))
.route(web::delete().to(auth_handler::logout))
.route(web::get().to(auth_handler::get_me)),
),
)
// serve static files
.service(fs::Files::new("/", "./static/").index_file("index.html"))
})
.bind("127.0.0.1:3000")?
.start();
sys.run()
.run()
}

50
simple-auth-server/src/models.rs
View File

@ -1,37 +1,23 @@
use actix::{Actor, SyncContext};
use chrono::{Local, NaiveDateTime};
use diesel::pg::PgConnection;
use diesel::r2d2::{ConnectionManager, Pool};
use std::convert::From;
use uuid::Uuid;
use super::schema::*;
use diesel::{r2d2::ConnectionManager, PgConnection};
use crate::schema::{invitations, users};
/// This is db executor actor. can be run in parallel
pub struct DbExecutor(pub Pool<ConnectionManager<PgConnection>>);
// Actors communicate exclusively by exchanging messages.
// The sending actor can optionally wait for the response.
// Actors are not referenced directly, but by means of addresses.
// Any rust type can be an actor, it only needs to implement the Actor trait.
impl Actor for DbExecutor {
type Context = SyncContext<Self>;
}
// type alias to use in multiple places
pub type Pool = r2d2::Pool<ConnectionManager<PgConnection>>;
#[derive(Debug, Serialize, Deserialize, Queryable, Insertable)]
#[table_name = "users"]
pub struct User {
pub email: String,
pub password: String,
pub created_at: NaiveDateTime,
pub hash: String,
pub created_at: chrono::NaiveDateTime,
}
impl User {
pub fn with_details(email: String, password: String) -> Self {
pub fn from_details<S: Into<String>, T: Into<String>>(email: S, pwd: T) -> Self {
User {
email,
password,
created_at: Local::now().naive_local(),
email: email.into(),
hash: pwd.into(),
created_at: chrono::Local::now().naive_local(),
}
}
}
@ -39,9 +25,21 @@ impl User {
#[derive(Debug, Serialize, Deserialize, Queryable, Insertable)]
#[table_name = "invitations"]
pub struct Invitation {
pub id: Uuid,
pub id: uuid::Uuid,
pub email: String,
pub expires_at: NaiveDateTime,
pub expires_at: chrono::NaiveDateTime,
}
// any type that implements Into<String> can be used to create Invitation
impl<T> From<T> for Invitation where
T: Into<String> {
fn from(email: T) -> Self {
Invitation {
id: uuid::Uuid::new_v4(),
email: email.into(),
expires_at: chrono::Local::now().naive_local() + chrono::Duration::hours(24),
}
}
}
#[derive(Debug, Serialize, Deserialize)]

93
simple-auth-server/src/register_handler.rs
View File

@ -1,58 +1,65 @@
use actix::{Handler, Message};
use chrono::Local;
use actix_web::{error::BlockingError, web, HttpResponse};
use diesel::prelude::*;
use uuid::Uuid;
use futures::Future;
use crate::errors::ServiceError;
use crate::models::{DbExecutor, Invitation, SlimUser, User};
use crate::models::{Invitation, Pool, SlimUser, User};
use crate::utils::hash_password;
// UserData is used to extract data from a post request by the client
#[derive(Debug, Deserialize)]
pub struct UserData {
pub password: String,
}
// to be used to send data via the Actix actor system
#[derive(Debug)]
pub struct RegisterUser {
pub invitation_id: String,
pub password: String,
pub fn register_user(
invitation_id: web::Path<String>,
user_data: web::Json<UserData>,
pool: web::Data<Pool>,
) -> impl Future<Item = HttpResponse, Error = ServiceError> {
web::block(move || {
query(
invitation_id.into_inner(),
user_data.into_inner().password,
pool,
)
})
.then(|res| match res {
Ok(user) => Ok(HttpResponse::Ok().json(&user)),
Err(err) => match err {
BlockingError::Error(service_error) => Err(service_error),
BlockingError::Canceled => Err(ServiceError::InternalServerError),
},
})
}
impl Message for RegisterUser {
type Result = Result<SlimUser, ServiceError>;
}
fn query(
invitation_id: String,
password: String,
pool: web::Data<Pool>,
) -> Result<SlimUser, crate::errors::ServiceError> {
use crate::schema::invitations::dsl::{id, invitations};
use crate::schema::users::dsl::users;
let invitation_id = uuid::Uuid::parse_str(&invitation_id)?;
impl Handler<RegisterUser> for DbExecutor {
type Result = Result<SlimUser, ServiceError>;
fn handle(&mut self, msg: RegisterUser, _: &mut Self::Context) -> Self::Result {
use crate::schema::invitations::dsl::{id, invitations};
use crate::schema::users::dsl::users;
let conn: &PgConnection = &self.0.get().unwrap();
// try parsing the string provided by the user as url parameter
// return early with error that will be converted to ServiceError
let invitation_id = Uuid::parse_str(&msg.invitation_id)?;
invitations
.filter(id.eq(invitation_id))
.load::<Invitation>(conn)
.map_err(|_db_error| ServiceError::BadRequest("Invalid Invitation".into()))
.and_then(|mut result| {
if let Some(invitation) = result.pop() {
// if invitation is not expired
if invitation.expires_at > Local::now().naive_local() {
// try hashing the password, else return the error that will be converted to ServiceError
let password: String = hash_password(&msg.password)?;
let user = User::with_details(invitation.email, password);
let inserted_user: User =
diesel::insert_into(users).values(&user).get_result(conn)?;
return Ok(inserted_user.into());
}
let conn: &PgConnection = &pool.get().unwrap();
invitations
.filter(id.eq(invitation_id))
.load::<Invitation>(conn)
.map_err(|_db_error| ServiceError::BadRequest("Invalid Invitation".into()))
.and_then(|mut result| {
if let Some(invitation) = result.pop() {
// if invitation is not expired
if invitation.expires_at > chrono::Local::now().naive_local() {
// try hashing the password, else return the error that will be converted to ServiceError
let password: String = hash_password(&password)?;
dbg!(&password);
let user = User::from_details(invitation.email, password);
let inserted_user: User =
diesel::insert_into(users).values(&user).get_result(conn)?;
dbg!(&inserted_user);
return Ok(inserted_user.into());
}
Err(ServiceError::BadRequest("Invalid Invitation".into()))
})
}
}
Err(ServiceError::BadRequest("Invalid Invitation".into()))
})
}

25
simple-auth-server/src/register_routes.rs
View File

@ -1,25 +0,0 @@
use actix::Addr;
use actix_web::{web, Error, HttpResponse, ResponseError};
use futures::Future;
use crate::models::DbExecutor;
use crate::register_handler::{RegisterUser, UserData};
pub fn register_user(
invitation_id: web::Path<String>,
user_data: web::Json<UserData>,
db: web::Data<Addr<DbExecutor>>,
) -> impl Future<Item = HttpResponse, Error = Error> {
let msg = RegisterUser {
// into_inner() returns the inner string value from Path
invitation_id: invitation_id.into_inner(),
password: user_data.password.clone(),
};
db.send(msg)
.from_err()
.and_then(|db_response| match db_response {
Ok(slim_user) => Ok(HttpResponse::Ok().json(slim_user)),
Err(service_error) => Ok(service_error.error_response()),
})
}

2
simple-auth-server/src/schema.rs
View File

@ -9,7 +9,7 @@ table! {
table! {
users (email) {
email -> Varchar,
password -> Varchar,
hash -> Varchar,
created_at -> Timestamp,
}
}

83
simple-auth-server/src/utils.rs
View File

@ -1,67 +1,30 @@
use bcrypt::{hash, DEFAULT_COST};
use chrono::{Duration, Local};
use jsonwebtoken::{decode, encode, Header, Validation};
use crate::errors::ServiceError;
use crate::models::SlimUser;
use argonautica::{Hasher, Verifier};
pub fn hash_password(plain: &str) -> Result<String, ServiceError> {
// get the hashing cost from the env variable or use default
let hashing_cost: u32 = match std::env::var("HASH_ROUNDS") {
Ok(cost) => cost.parse().unwrap_or(DEFAULT_COST),
_ => DEFAULT_COST,
};
println!("{}", &hashing_cost);
hash(plain, hashing_cost).map_err(|_| ServiceError::InternalServerError)
lazy_static::lazy_static! {
pub static ref SECRET_KEY: String = std::env::var("SECRET_KEY").unwrap_or_else(|_| "0123".repeat(8));
}
#[derive(Debug, Serialize, Deserialize)]
struct Claims {
// issuer
iss: String,
// subject
sub: String,
//issued at
iat: i64,
// expiry
exp: i64,
// user email
email: String,
// WARNING THIS IS ONLY FOR DEMO PLEASE DO MORE RESEARCH FOR PRODUCTION USE
pub fn hash_password(password: &str) -> Result<String, ServiceError> {
Hasher::default()
.with_password(password)
.with_secret_key(SECRET_KEY.as_str())
.hash()
.map_err(|err| {
dbg!(err);
ServiceError::InternalServerError
})
}
// struct to get converted to token and back
impl Claims {
fn with_email(email: &str) -> Self {
Claims {
iss: "localhost".into(),
sub: "auth".into(),
email: email.to_owned(),
iat: Local::now().timestamp(),
exp: (Local::now() + Duration::hours(24)).timestamp(),
}
}
}
impl From<Claims> for SlimUser {
fn from(claims: Claims) -> Self {
SlimUser {
email: claims.email,
}
}
}
pub fn create_token(data: &SlimUser) -> Result<String, ServiceError> {
let claims = Claims::with_email(data.email.as_str());
encode(&Header::default(), &claims, get_secret().as_ref())
.map_err(|_err| ServiceError::InternalServerError)
}
pub fn decode_token(token: &str) -> Result<SlimUser, ServiceError> {
decode::<Claims>(token, get_secret().as_ref(), &Validation::default())
.map(|data| Ok(data.claims.into()))
.map_err(|_err| ServiceError::Unauthorized)?
}
fn get_secret() -> String {
std::env::var("JWT_SECRET").unwrap_or_else(|_| "my secret".into())
pub fn verify(hash: &str, password: &str) -> Result<bool, ServiceError> {
Verifier::default()
.with_hash(hash)
.with_password(password)
.with_secret_key(SECRET_KEY.as_str())
.verify()
.map_err(|err| {
dbg!(err);
ServiceError::Unauthorized
})
}