feat: encrypted PIDN in db

api/src/lib.rs

@@ -5,7 +5,7 @@ use std::net::SocketAddr;
 
 use portfolio_core::error::ServiceError;
 use portfolio_core::services::candidate_service::CandidateService;
-use requests::LoginRequest;
+use requests::{LoginRequest, RegisterRequest};
 use rocket::http::Status;
 use rocket::{Rocket, Build};
 use rocket::serde::json::Json;
@@ -35,13 +35,13 @@ fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
 }
 
 #[post("/", data = "<post_form>")]
-async fn create(conn: Connection<'_, Db>, post_form: Json<candidate::Model>) -> Result<String, Custom<String>> {   
+async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> Result<String, Custom<String>> {   
     let db = conn.into_inner();
     let form = post_form.into_inner();
 
     let plain_text_password = random_8_char_string();
 
-    Mutation::create_candidate(db, form, &plain_text_password)
+    Mutation::create_candidate(db, form.application_id, &plain_text_password, form.personal_id_number)
         .await
         .expect("Could not insert candidate");
 

api/src/requests.rs

@@ -6,4 +6,11 @@ use rocket::serde::{Serialize, Deserialize};
 pub struct LoginRequest {
     pub application_id: i32,
     pub password: String,
+}
+
+#[derive(Serialize, Deserialize)]
+#[serde(crate = "rocket::serde")]
+pub struct RegisterRequest {
+    pub application_id: i32,
+    pub personal_id_number: String,
 }

core/src/mutation.rs

@@ -1,3 +1,5 @@
+use std::vec;
+
 use chrono::{Utc, Duration};
 use ::entity::{candidate, session};
 use sea_orm::{*, prelude::Uuid};
@@ -8,17 +10,23 @@ pub struct Mutation;
 impl Mutation {
     pub async fn create_candidate(
         db: &DbConn,
-        form_data: candidate::Model,
+        application_id: i32,
         plain_text_password: &String,
+        personal_id_number: String,
     ) -> Result<candidate::Model, DbErr> {
         // TODO: unwrap pro testing..
         let hashed_password = hash_password(plain_text_password.to_string()).await.unwrap();
         let (pubkey, priv_key_plain_text) = crypto::create_identity();
         let encrypted_priv_key = crypto::encrypt_password(&priv_key_plain_text, &plain_text_password.to_string()).await.unwrap();
 
+        let encrypted_personal_id_number = crypto::encrypt_password_with_recipients(
+            &personal_id_number, vec![&pubkey]
+        ).await.unwrap();
+
 
         candidate::ActiveModel {
-            application: Set(form_data.application),
+            application: Set(application_id),
+            personal_identification_number: Set(Some(encrypted_personal_id_number)),
             code: Set(hashed_password),
             public_key: Set(pubkey),
             private_key: Set(encrypted_priv_key),
@@ -97,7 +105,7 @@ mod tests {
         let secret_message = "trnka".to_string();
 
         
-        let candidate = Mutation::create_candidate(&db, form, &plain_text_password).await.unwrap();
+        let candidate = Mutation::create_candidate(&db, form, &plain_text_password, "".to_string()).await.unwrap();
 
         let encrypted_message = crypto::encrypt_password_with_recipients(&secret_message, vec![&candidate.public_key]).await.unwrap();
 

core/src/services/candidate_service.rs

@@ -121,7 +121,7 @@ mod tests {
                 "application": 5555555,
             })).unwrap();
     
-        let candidate = Mutation::create_candidate(&db, form, &SECRET.to_string()).await.unwrap();
+        let candidate = Mutation::create_candidate(&db, form, &SECRET.to_string(), "".to_string()).await.unwrap();
     
         assert_eq!(candidate.application, 5555555);
         assert_ne!(candidate.code, SECRET.to_string());
@@ -136,7 +136,7 @@ mod tests {
             "application": 5555555,
         })).unwrap();
 
-        Mutation::create_candidate(&db, form, &"Tajny_kod".to_string()).await.unwrap();
+        Mutation::create_candidate(&db, form, &"Tajny_kod".to_string(), "".to_string()).await.unwrap();
 
         // correct password
         let session = CandidateService::new_session(
@@ -163,7 +163,7 @@ mod tests {
             "application": 5555555,
         })).unwrap();
 
-        let candidate_form = Mutation::create_candidate(&db, form, &"Tajny_kod".to_string()).await.unwrap();
+        let candidate_form = Mutation::create_candidate(&db, form, &"Tajny_kod".to_string(), "".to_string()).await.unwrap();
 
          // incorrect password
          assert!(