bazzar/actors/database_manager/src/tokens.rs

use actix::Message;
use model::{AccountId, Audience, Token};
use sqlx::PgPool;

use crate::{db_async_handler, Result};

#[derive(Debug, Copy, Clone, serde::Serialize, thiserror::Error)]
pub enum Error {
    #[error("Failed to save new token")]
    Create,
    #[error("Failed to find token by jti")]
    Jti,
}

/// Find token by JTI field
///
/// # Examples
///
/// ```
/// use actix::Addr;
/// use database_manager::{Database, TokenByJti};
///
/// async fn find(db: Addr<Database>) {
///     match db.send(TokenByJti {
///         jti: uuid::Uuid::new_v4()
///     }).await {
///         Ok(Ok(token)) => { println!("{:?}", token); }
///         Ok(Err(db_err)) => { println!("{:?}", db_err); }
///         Err(actor_err) => { println!("{:?}", actor_err); }
///     }
/// }
/// ```
#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct TokenByJti {
    pub jti: uuid::Uuid,
}

db_async_handler!(TokenByJti, token_by_jti, Token);

pub(crate) async fn token_by_jti(msg: TokenByJti, pool: PgPool) -> Result<Token> {
    sqlx::query_as(r#"
SELECT id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
FROM tokens
WHERE jwt_id = $1 AND expiration_time > now()
    "#)
        .bind(msg.jti)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Jti)
        })
}

#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct CreateToken {
    pub customer_id: uuid::Uuid,
    pub role: model::Role,
    pub subject: AccountId,
    pub audience: Audience,
}

db_async_handler!(CreateToken, create_token, Token);

pub(crate) async fn create_token(msg: CreateToken, pool: PgPool) -> Result<Token> {
    let CreateToken {
        customer_id,
        role,
        subject,
        audience,
    } = msg;
    sqlx::query_as(r#"
INSERT INTO tokens (customer_id, role, subject, audience)
VALUES ($1, $2, $3, $4)
RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
    "#)
        .bind(customer_id)
        .bind(role)
        .bind(subject)
        .bind(audience)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Create)
        })
}

#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct CreateExtendedToken {
    pub customer_id: uuid::Uuid,
    pub role: model::Role,
    pub subject: AccountId,
    pub audience: Audience,
    pub expiration_time: chrono::NaiveDateTime,
}

db_async_handler!(CreateExtendedToken, create_extended_token, Token);

pub(crate) async fn create_extended_token(msg: CreateExtendedToken, pool: PgPool) -> Result<Token> {
    let CreateExtendedToken {
        customer_id,
        role,
        subject,
        audience,
        expiration_time,
    } = msg;
    sqlx::query_as(r#"
INSERT INTO tokens (customer_id, role, subject, audience, expiration_time)
VALUES ($1, $2, $3, $4, $5)
RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
    "#)
        .bind(customer_id)
        .bind(role)
        .bind(subject)
        .bind(audience)
        .bind(expiration_time)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Create)
        })
}

#[cfg(test)]
mod tests {
    use actix::Addr;
    use config::UpdateConfig;
    use fake::Fake;
    use model::*;
    use uuid::Uuid;

    use crate::*;

    pub struct NoOpts;

    impl UpdateConfig for NoOpts {}

    async fn test_create_account(db: Addr<Database>) -> FullAccount {
        use fake::faker::internet::en;
        let login: String = en::Username().fake();
        let email: String = en::FreeEmail().fake();
        let hash: String = en::Password(10..20).fake();

        db.send(CreateAccount {
            email: Email::new(email),
            login: Login::new(login),
            pass_hash: PassHash::new(hash),
            role: Role::Admin,
        })
        .await
        .unwrap()
        .unwrap()
    }

    async fn test_create_token_extended(
        db: Addr<Database>,
        customer_id: Option<Uuid>,
        role: Option<Role>,
        subject: Option<AccountId>,
        audience: Option<Audience>,
        expiration_time: Option<chrono::NaiveDateTime>,
    ) -> Token {
        let customer_id = customer_id.unwrap_or_else(|| Uuid::new_v4());
        let role = role.unwrap_or_else(|| Role::Admin);
        let subject = match subject {
            Some(id) => id,
            _ => test_create_account(db.clone()).await.id,
        };
        let audience = audience.unwrap_or_else(|| Audience::Web);
        let expiration_time = expiration_time
            .unwrap_or_else(|| (chrono::Utc::now() + chrono::Duration::days(60)).naive_utc());

        db.send(CreateExtendedToken {
            customer_id,
            role,
            subject,
            audience,
            expiration_time,
        })
        .await
        .unwrap()
        .unwrap()
    }

    #[actix::test]
    async fn create_token() {
        let config = config::default_load(&mut NoOpts);
        config
            .lock()
            .database_mut()
            .set_url("postgres://postgres@localhost/bazzar_test");

        let db = Database::build(config).await.start();

        db.send(CreateToken {
            customer_id: Uuid::new_v4(),
            role: Role::Admin,
            subject: test_create_account(db.clone()).await.id,
            audience: Audience::Web,
        })
        .await
        .unwrap()
        .unwrap();
    }

    #[actix::test]
    async fn create_extended_token() {
        let config = config::default_load(&mut NoOpts);
        config
            .lock()
            .database_mut()
            .set_url("postgres://postgres@localhost/bazzar_test");

        let db = Database::build(config).await.start();

        test_create_account(db).await;
    }
}
Token validation 2022-04-18 22:07:52 +02:00			`use actix::Message;`
Add working search ingest 2022-05-06 11:47:18 +02:00			`use model::{AccountId, Audience, Token};`
Token validation 2022-04-18 22:07:52 +02:00			`use sqlx::PgPool;`

Add seed and photos 2022-05-06 16:02:38 +02:00			`use crate::{db_async_handler, Result};`
Token validation 2022-04-18 22:07:52 +02:00
Better errors, move create auth pair 2022-05-22 14:19:11 +02:00			`#[derive(Debug, Copy, Clone, serde::Serialize, thiserror::Error)]`
Token validation 2022-04-18 22:07:52 +02:00			`pub enum Error {`
			`#[error("Failed to save new token")]`
			`Create,`
			`#[error("Failed to find token by jti")]`
			`Jti,`
			`}`

Fix update account, db tests 2022-06-04 16:05:18 +02:00			`/// Find token by JTI field`
			`///`
			`/// # Examples`
			`///`
			/// ```
			`/// use actix::Addr;`
			`/// use database_manager::{Database, TokenByJti};`
			`///`
			`/// async fn find(db: Addr<Database>) {`
			`/// match db.send(TokenByJti {`
			`/// jti: uuid::Uuid::new_v4()`
			`/// }).await {`
			`/// Ok(Ok(token)) => { println!("{:?}", token); }`
			`/// Ok(Err(db_err)) => { println!("{:?}", db_err); }`
			`/// Err(actor_err) => { println!("{:?}", actor_err); }`
			`/// }`
			`/// }`
			/// ```
Token validation 2022-04-18 22:07:52 +02:00			`#[derive(Message)]`
			`#[rtype(result = "Result<Token>")]`
			`pub struct TokenByJti {`
Add lots of API endpoints 2022-04-19 16:49:30 +02:00			`pub jti: uuid::Uuid,`
Token validation 2022-04-18 22:07:52 +02:00			`}`

			`db_async_handler!(TokenByJti, token_by_jti, Token);`

			`pub(crate) async fn token_by_jti(msg: TokenByJti, pool: PgPool) -> Result<Token> {`
			`sqlx::query_as(r#"`
			`SELECT id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id`
			`FROM tokens`
Refresh tokens, sign in and so on 2022-05-10 16:20:37 +02:00			`WHERE jwt_id = $1 AND expiration_time > now()`
Token validation 2022-04-18 22:07:52 +02:00			`"#)`
			`.bind(msg.jti)`
			`.fetch_one(&pool)`
			`.await`
			`.map_err(\|e\| {`
			`log::error!("{e:?}");`
Add working search ingest 2022-05-06 11:47:18 +02:00			`crate::Error::Token(Error::Jti)`
Token validation 2022-04-18 22:07:52 +02:00			`})`
			`}`

			`#[derive(Message)]`
			`#[rtype(result = "Result<Token>")]`
			`pub struct CreateToken {`
			`pub customer_id: uuid::Uuid,`
Add working search ingest 2022-05-06 11:47:18 +02:00			`pub role: model::Role,`
Token validation 2022-04-18 22:07:52 +02:00			`pub subject: AccountId,`
			`pub audience: Audience,`
			`}`

			`db_async_handler!(CreateToken, create_token, Token);`

			`pub(crate) async fn create_token(msg: CreateToken, pool: PgPool) -> Result<Token> {`
			`let CreateToken {`
			`customer_id,`
			`role,`
			`subject,`
			`audience,`
			`} = msg;`
			`sqlx::query_as(r#"`
			`INSERT INTO tokens (customer_id, role, subject, audience)`
			`VALUES ($1, $2, $3, $4)`
			`RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id`
			`"#)`
			`.bind(customer_id)`
			`.bind(role)`
			`.bind(subject)`
			`.bind(audience)`
			`.fetch_one(&pool)`
			`.await`
			`.map_err(\|e\| {`
			`log::error!("{e:?}");`
Add working search ingest 2022-05-06 11:47:18 +02:00			`crate::Error::Token(Error::Create)`
Token validation 2022-04-18 22:07:52 +02:00			`})`
			`}`
Refresh tokens, sign in and so on 2022-05-10 16:20:37 +02:00
			`#[derive(Message)]`
			`#[rtype(result = "Result<Token>")]`
			`pub struct CreateExtendedToken {`
			`pub customer_id: uuid::Uuid,`
			`pub role: model::Role,`
			`pub subject: AccountId,`
			`pub audience: Audience,`
			`pub expiration_time: chrono::NaiveDateTime,`
			`}`

			`db_async_handler!(CreateExtendedToken, create_extended_token, Token);`

			`pub(crate) async fn create_extended_token(msg: CreateExtendedToken, pool: PgPool) -> Result<Token> {`
			`let CreateExtendedToken {`
			`customer_id,`
			`role,`
			`subject,`
			`audience,`
			`expiration_time,`
			`} = msg;`
			`sqlx::query_as(r#"`
			`INSERT INTO tokens (customer_id, role, subject, audience, expiration_time)`
			`VALUES ($1, $2, $3, $4, $5)`
			`RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id`
			`"#)`
			`.bind(customer_id)`
			`.bind(role)`
			`.bind(subject)`
			`.bind(audience)`
			`.bind(expiration_time)`
			`.fetch_one(&pool)`
			`.await`
			`.map_err(\|e\| {`
			`log::error!("{e:?}");`
			`crate::Error::Token(Error::Create)`
			`})`
			`}`
Fix update account, db tests 2022-06-04 16:05:18 +02:00
			`#[cfg(test)]`
			`mod tests {`
			`use actix::Addr;`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`use config::UpdateConfig;`
			`use fake::Fake;`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`use model::*;`
			`use uuid::Uuid;`

			`use crate::*;`

Fix update account, db tests 2022-06-04 16:42:27 +02:00			`pub struct NoOpts;`

			`impl UpdateConfig for NoOpts {}`

Fix update account, db tests 2022-06-04 16:05:18 +02:00			`async fn test_create_account(db: Addr<Database>) -> FullAccount {`
			`use fake::faker::internet::en;`
			`let login: String = en::Username().fake();`
			`let email: String = en::FreeEmail().fake();`
			`let hash: String = en::Password(10..20).fake();`

			`db.send(CreateAccount {`
			`email: Email::new(email),`
			`login: Login::new(login),`
			`pass_hash: PassHash::new(hash),`
			`role: Role::Admin,`
			`})`
			`.await`
			`.unwrap()`
			`.unwrap()`
			`}`

Fix update account, db tests 2022-06-04 16:42:27 +02:00			`async fn test_create_token_extended(`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`db: Addr<Database>,`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`customer_id: Option<Uuid>,`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`role: Option<Role>,`
			`subject: Option<AccountId>,`
			`audience: Option<Audience>,`
			`expiration_time: Option<chrono::NaiveDateTime>,`
			`) -> Token {`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`let customer_id = customer_id.unwrap_or_else(\|\| Uuid::new_v4());`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`let role = role.unwrap_or_else(\|\| Role::Admin);`
			`let subject = match subject {`
			`Some(id) => id,`
			`_ => test_create_account(db.clone()).await.id,`
			`};`
			`let audience = audience.unwrap_or_else(\|\| Audience::Web);`
			`let expiration_time = expiration_time`
			`.unwrap_or_else(\|\| (chrono::Utc::now() + chrono::Duration::days(60)).naive_utc());`

			`db.send(CreateExtendedToken {`
			`customer_id,`
			`role,`
			`subject,`
			`audience,`
			`expiration_time,`
			`})`
			`.await`
			`.unwrap()`
			`.unwrap()`
			`}`

			`#[actix::test]`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`async fn create_token() {`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`let config = config::default_load(&mut NoOpts);`
			`config`
			`.lock()`
			`.database_mut()`
			`.set_url("postgres://postgres@localhost/bazzar_test");`

			`let db = Database::build(config).await.start();`

			`db.send(CreateToken {`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`customer_id: Uuid::new_v4(),`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`role: Role::Admin,`
Fix update account, db tests 2022-06-04 16:42:27 +02:00			`subject: test_create_account(db.clone()).await.id,`
			`audience: Audience::Web,`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`})`
			`.await`
			`.unwrap()`
			`.unwrap();`
			`}`
Fix update account, db tests 2022-06-04 16:42:27 +02:00
			`#[actix::test]`
			`async fn create_extended_token() {`
			`let config = config::default_load(&mut NoOpts);`
			`config`
			`.lock()`
			`.database_mut()`
			`.set_url("postgres://postgres@localhost/bazzar_test");`

			`let db = Database::build(config).await.start();`

			`test_create_account(db).await;`
			`}`
Fix update account, db tests 2022-06-04 16:05:18 +02:00			`}`