feat: encrypted PIDN in db

This commit is contained in:
Sebastian Pravda 2022-10-29 22:52:46 +02:00
parent 9cffa8db9f
commit a36290987d
No known key found for this signature in database
GPG key ID: F3BC84F08EFA3F57
4 changed files with 24 additions and 9 deletions

View file

@ -5,7 +5,7 @@ use std::net::SocketAddr;
use portfolio_core::error::ServiceError; use portfolio_core::error::ServiceError;
use portfolio_core::services::candidate_service::CandidateService; use portfolio_core::services::candidate_service::CandidateService;
use requests::LoginRequest; use requests::{LoginRequest, RegisterRequest};
use rocket::http::Status; use rocket::http::Status;
use rocket::{Rocket, Build}; use rocket::{Rocket, Build};
use rocket::serde::json::Json; use rocket::serde::json::Json;
@ -35,13 +35,13 @@ fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
} }
#[post("/", data = "<post_form>")] #[post("/", data = "<post_form>")]
async fn create(conn: Connection<'_, Db>, post_form: Json<candidate::Model>) -> Result<String, Custom<String>> { async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> Result<String, Custom<String>> {
let db = conn.into_inner(); let db = conn.into_inner();
let form = post_form.into_inner(); let form = post_form.into_inner();
let plain_text_password = random_8_char_string(); let plain_text_password = random_8_char_string();
Mutation::create_candidate(db, form, &plain_text_password) Mutation::create_candidate(db, form.application_id, &plain_text_password, form.personal_id_number)
.await .await
.expect("Could not insert candidate"); .expect("Could not insert candidate");

View file

@ -7,3 +7,10 @@ pub struct LoginRequest {
pub application_id: i32, pub application_id: i32,
pub password: String, pub password: String,
} }
#[derive(Serialize, Deserialize)]
#[serde(crate = "rocket::serde")]
pub struct RegisterRequest {
pub application_id: i32,
pub personal_id_number: String,
}

View file

@ -1,3 +1,5 @@
use std::vec;
use chrono::{Utc, Duration}; use chrono::{Utc, Duration};
use ::entity::{candidate, session}; use ::entity::{candidate, session};
use sea_orm::{*, prelude::Uuid}; use sea_orm::{*, prelude::Uuid};
@ -8,17 +10,23 @@ pub struct Mutation;
impl Mutation { impl Mutation {
pub async fn create_candidate( pub async fn create_candidate(
db: &DbConn, db: &DbConn,
form_data: candidate::Model, application_id: i32,
plain_text_password: &String, plain_text_password: &String,
personal_id_number: String,
) -> Result<candidate::Model, DbErr> { ) -> Result<candidate::Model, DbErr> {
// TODO: unwrap pro testing.. // TODO: unwrap pro testing..
let hashed_password = hash_password(plain_text_password.to_string()).await.unwrap(); let hashed_password = hash_password(plain_text_password.to_string()).await.unwrap();
let (pubkey, priv_key_plain_text) = crypto::create_identity(); let (pubkey, priv_key_plain_text) = crypto::create_identity();
let encrypted_priv_key = crypto::encrypt_password(&priv_key_plain_text, &plain_text_password.to_string()).await.unwrap(); let encrypted_priv_key = crypto::encrypt_password(&priv_key_plain_text, &plain_text_password.to_string()).await.unwrap();
let encrypted_personal_id_number = crypto::encrypt_password_with_recipients(
&personal_id_number, vec![&pubkey]
).await.unwrap();
candidate::ActiveModel { candidate::ActiveModel {
application: Set(form_data.application), application: Set(application_id),
personal_identification_number: Set(Some(encrypted_personal_id_number)),
code: Set(hashed_password), code: Set(hashed_password),
public_key: Set(pubkey), public_key: Set(pubkey),
private_key: Set(encrypted_priv_key), private_key: Set(encrypted_priv_key),
@ -97,7 +105,7 @@ mod tests {
let secret_message = "trnka".to_string(); let secret_message = "trnka".to_string();
let candidate = Mutation::create_candidate(&db, form, &plain_text_password).await.unwrap(); let candidate = Mutation::create_candidate(&db, form, &plain_text_password, "".to_string()).await.unwrap();
let encrypted_message = crypto::encrypt_password_with_recipients(&secret_message, vec![&candidate.public_key]).await.unwrap(); let encrypted_message = crypto::encrypt_password_with_recipients(&secret_message, vec![&candidate.public_key]).await.unwrap();

View file

@ -121,7 +121,7 @@ mod tests {
"application": 5555555, "application": 5555555,
})).unwrap(); })).unwrap();
let candidate = Mutation::create_candidate(&db, form, &SECRET.to_string()).await.unwrap(); let candidate = Mutation::create_candidate(&db, form, &SECRET.to_string(), "".to_string()).await.unwrap();
assert_eq!(candidate.application, 5555555); assert_eq!(candidate.application, 5555555);
assert_ne!(candidate.code, SECRET.to_string()); assert_ne!(candidate.code, SECRET.to_string());
@ -136,7 +136,7 @@ mod tests {
"application": 5555555, "application": 5555555,
})).unwrap(); })).unwrap();
Mutation::create_candidate(&db, form, &"Tajny_kod".to_string()).await.unwrap(); Mutation::create_candidate(&db, form, &"Tajny_kod".to_string(), "".to_string()).await.unwrap();
// correct password // correct password
let session = CandidateService::new_session( let session = CandidateService::new_session(
@ -163,7 +163,7 @@ mod tests {
"application": 5555555, "application": 5555555,
})).unwrap(); })).unwrap();
let candidate_form = Mutation::create_candidate(&db, form, &"Tajny_kod".to_string()).await.unwrap(); let candidate_form = Mutation::create_candidate(&db, form, &"Tajny_kod".to_string(), "".to_string()).await.unwrap();
// incorrect password // incorrect password
assert!( assert!(