From 28686a127af9f09c0d3231abb9da1107615e8f3b Mon Sep 17 00:00:00 2001 From: Sebastian Pravda Date: Tue, 25 Oct 2022 18:42:31 +0200 Subject: [PATCH] feat: login --- api/src/lib.rs | 28 +++++++++++++++++- api/src/requests.rs | 9 ++++++ core/src/services/candidate_service.rs | 40 ++++++++++++++------------ 3 files changed, 58 insertions(+), 19 deletions(-) create mode 100644 api/src/requests.rs diff --git a/api/src/lib.rs b/api/src/lib.rs index 9b245e2..ab73f40 100644 --- a/api/src/lib.rs +++ b/api/src/lib.rs @@ -1,6 +1,9 @@ #[macro_use] extern crate rocket; +use guard::candidate_jwt::TokenRequest; +use portfolio_core::services::candidate_service::CandidateService; +use requests::LoginRequest; use rocket::{Rocket, Build}; use rocket::serde::json::Json; use rocket::fairing::{self, AdHoc}; @@ -13,6 +16,7 @@ use sea_orm_rocket::{Connection, Database}; mod pool; mod guard; +mod requests; use pool::Db; @@ -36,6 +40,28 @@ async fn create(conn: Connection<'_, Db>, post_form: Json) -> Ok(plain_text_password) } +#[post("/login", data = "")] +async fn login(conn: Connection<'_, Db>, login_form: Json) -> Result> { + let db = conn.into_inner(); + println!("{} {}", login_form.application_id, login_form.password); + + let jwt = CandidateService::login(db, + login_form.application_id, + login_form.password.to_owned()).await; + + if jwt.is_some() { + return Ok(jwt.unwrap()) + } + Ok("jwt here".to_owned()) +} + +#[get("/whoami")] +async fn whoami(token: TokenRequest) -> Result> { + println!("{:?}", token.to_token()); + + Ok("authenticated!".to_owned()) +} + #[get("/hello")] async fn hello() -> &'static str { "Hello, world!" @@ -53,7 +79,7 @@ async fn start() -> Result<(), rocket::Error> { .attach(Db::init()) .attach(AdHoc::try_on_ignite("Migrations", run_migrations)) //.mount("/", FileServer::from(relative!("/static"))) - .mount("/", routes![create, hello]) + .mount("/", routes![create, login, hello, whoami]) .register("/", catchers![]) .launch() .await diff --git a/api/src/requests.rs b/api/src/requests.rs new file mode 100644 index 0000000..9c86d49 --- /dev/null +++ b/api/src/requests.rs @@ -0,0 +1,9 @@ +use rocket::serde::{Serialize, Deserialize}; + + +#[derive(Serialize, Deserialize)] +#[serde(crate = "rocket::serde")] +pub struct LoginRequest { + pub application_id: i32, + pub password: String, +} \ No newline at end of file diff --git a/core/src/services/candidate_service.rs b/core/src/services/candidate_service.rs index dffb5ba..4ccd003 100644 --- a/core/src/services/candidate_service.rs +++ b/core/src/services/candidate_service.rs @@ -3,26 +3,30 @@ use sea_orm::DatabaseConnection; use crate::{crypto, Query, token::candidate_token::CandidateToken}; -pub async fn login(db: &DatabaseConnection, id: i32, password: String) -> Option { - let candidate = Query::find_candidate_by_id(db, id).await - .unwrap() - .unwrap(); +pub struct CandidateService; +impl CandidateService { + pub async fn login(db: &DatabaseConnection, id: i32, password: String) -> Option { + let candidate = Query::find_candidate_by_id(db, id).await + .unwrap() + .unwrap(); - let valid = crypto::verify_password(&password,&candidate.code ) - .expect("Invalid password"); + + let valid = crypto::verify_password(&password,&candidate.code ) + .expect("Invalid password"); + + if !valid { + return None; + } + let payload = CandidateToken::generate("candidate.name.unwrap()".to_owned(), + "candidate.surname.unwrap()".to_owned()); - if !valid { - return None; + let jwt = jsonwebtoken::encode( + &Header::default(), + &payload, + &EncodingKey::from_secret(&[0]) + ).ok(); + jwt } - let payload = CandidateToken::generate(candidate.name.unwrap(), - candidate.surname.unwrap()); - - let jwt = jsonwebtoken::encode( - &Header::default(), - &payload, - &EncodingKey::from_secret(&[0]) - ).ok(); - jwt -} +}