bazzar/actors/database_manager/src/tokens.rs

use actix::Message;
use model::{AccountId, Audience, Token};
use sqlx::PgPool;

use crate::{db_async_handler, Result};

#[derive(Debug, Copy, Clone, serde::Serialize, thiserror::Error)]
pub enum Error {
    #[error("Failed to save new token")]
    Create,
    #[error("Failed to find token by jti")]
    Jti,
}

/// Find token by JTI field
///
/// # Examples
///
/// ```
/// use actix::Addr;
/// use database_manager::{Database, TokenByJti};
///
/// async fn find(db: Addr<Database>) {
///     match db.send(TokenByJti {
///         jti: uuid::Uuid::new_v4()
///     }).await {
///         Ok(Ok(token)) => { println!("{:?}", token); }
///         Ok(Err(db_err)) => { println!("{:?}", db_err); }
///         Err(actor_err) => { println!("{:?}", actor_err); }
///     }
/// }
/// ```
#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct TokenByJti {
    pub jti: uuid::Uuid,
}

db_async_handler!(TokenByJti, token_by_jti, Token);

pub(crate) async fn token_by_jti(msg: TokenByJti, pool: PgPool) -> Result<Token> {
    sqlx::query_as(r#"
SELECT id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
FROM tokens
WHERE jwt_id = $1 AND expiration_time > now()
    "#)
        .bind(msg.jti)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Jti)
        })
}

#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct CreateToken {
    pub customer_id: uuid::Uuid,
    pub role: model::Role,
    pub subject: AccountId,
    pub audience: Audience,
}

db_async_handler!(CreateToken, create_token, Token);

pub(crate) async fn create_token(msg: CreateToken, pool: PgPool) -> Result<Token> {
    let CreateToken {
        customer_id,
        role,
        subject,
        audience,
    } = msg;
    sqlx::query_as(r#"
INSERT INTO tokens (customer_id, role, subject, audience)
VALUES ($1, $2, $3, $4)
RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
    "#)
        .bind(customer_id)
        .bind(role)
        .bind(subject)
        .bind(audience)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Create)
        })
}

#[derive(Message)]
#[rtype(result = "Result<Token>")]
pub struct CreateExtendedToken {
    pub customer_id: uuid::Uuid,
    pub role: model::Role,
    pub subject: AccountId,
    pub audience: Audience,
    pub expiration_time: chrono::NaiveDateTime,
}

db_async_handler!(CreateExtendedToken, create_extended_token, Token);

pub(crate) async fn create_extended_token(msg: CreateExtendedToken, pool: PgPool) -> Result<Token> {
    let CreateExtendedToken {
        customer_id,
        role,
        subject,
        audience,
        expiration_time,
    } = msg;
    sqlx::query_as(r#"
INSERT INTO tokens (customer_id, role, subject, audience, expiration_time)
VALUES ($1, $2, $3, $4, $5)
RETURNING id, customer_id, role, issuer, subject, audience, expiration_time, not_before_time, issued_at_time, jwt_id
    "#)
        .bind(customer_id)
        .bind(role)
        .bind(subject)
        .bind(audience)
        .bind(expiration_time)
        .fetch_one(&pool)
        .await
        .map_err(|e| {
            log::error!("{e:?}");
            crate::Error::Token(Error::Create)
        })
}

#[cfg(test)]
mod tests {
    use actix::Addr;
    use fake::*;
    use model::*;
    use uuid::Uuid;

    use crate::*;

    async fn test_create_account(db: Addr<Database>) -> FullAccount {
        use fake::faker::internet::en;
        let login: String = en::Username().fake();
        let email: String = en::FreeEmail().fake();
        let hash: String = en::Password(10..20).fake();

        db.send(CreateAccount {
            email: Email::new(email),
            login: Login::new(login),
            pass_hash: PassHash::new(hash),
            role: Role::Admin,
        })
        .await
        .unwrap()
        .unwrap()
    }

    async fn test_create_token(
        db: Addr<Database>,
        customer_id: Option<uuid::Uuid>,
        role: Option<Role>,
        subject: Option<AccountId>,
        audience: Option<Audience>,
        expiration_time: Option<chrono::NaiveDateTime>,
    ) -> Token {
        let customer_id = customer_id.unwrap_or_else(|| uuid::Uuid::new_v4());
        let role = role.unwrap_or_else(|| Role::Admin);
        let subject = match subject {
            Some(id) => id,
            _ => test_create_account(db.clone()).await.id,
        };
        let audience = audience.unwrap_or_else(|| Audience::Web);
        let expiration_time = expiration_time
            .unwrap_or_else(|| (chrono::Utc::now() + chrono::Duration::days(60)).naive_utc());

        db.send(CreateExtendedToken {
            customer_id,
            role,
            subject,
            audience,
            expiration_time,
        })
        .await
        .unwrap()
        .unwrap()
    }

    #[actix::test]
    async fn create_account() {
        let config = config::default_load(&mut NoOpts);
        config
            .lock()
            .database_mut()
            .set_url("postgres://postgres@localhost/bazzar_test");

        let db = Database::build(config).await.start();

        let account = test_create_account(db.clone()).await;

        db.send(CreateToken {
            customer_id: uuid::Uuid::new_v4(),
            role: Role::Admin,
            subject: account.id,
            audience: Default::default(),
        })
        .await
        .unwrap()
        .unwrap();
    }
}