diff --git a/server/src/auth.rs b/server/src/auth.rs index c2910ef..818c921 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -58,9 +58,7 @@ pub fn get_token_from_bearer(bearer: &str) -> Result { } } -pub async fn generate_password_hash( - password: String, -) -> Result { +pub async fn generate_password_hash(password: String) -> Result { let password_hash: Result = task::spawn_blocking(move || { let salt = SaltString::generate(&mut OsRng); @@ -76,22 +74,19 @@ pub async fn generate_password_hash( .await .unwrap(); - password_hash + password_hash.map_err(|e| e.into()) } -pub async fn verify_password_hash( - password: &str, - hash: &str, -) -> Result<(), argon2::password_hash::Error> { +pub async fn verify_password_hash(password: &str, hash: &str) -> Result<(), AuthError> { let parsed_hash = PasswordHash::new(hash)?; - Argon2::default().verify_password(password.as_bytes(), &parsed_hash)?; + Argon2::default() + .verify_password(password.as_bytes(), &parsed_hash) + .map_err(|_| AuthError::InvalidPassword)?; Ok(()) } pub fn generate_session_token() -> String { - - ChaCha20Rng::from_os_rng() .sample_iter(&Alphanumeric) .take(60) diff --git a/server/src/auth/error.rs b/server/src/auth/error.rs index 6816ed9..0cf5ca9 100644 --- a/server/src/auth/error.rs +++ b/server/src/auth/error.rs @@ -7,6 +7,7 @@ pub enum AuthError { Unexpected, InvalidPassword, Unauthorized, + HashingFailed(String), } impl Display for AuthError { @@ -17,8 +18,15 @@ impl Display for AuthError { Self::Unexpected => write!(f, "Unexpected error"), Self::InvalidPassword => write!(f, "Password is incorrect"), Self::Unauthorized => write!(f, "Authentication is required"), + Self::HashingFailed(msg) => write!(f, "Password hashing failed: {}", msg), } } } impl std::error::Error for AuthError {} + +impl From for AuthError { + fn from(value: argon2::password_hash::Error) -> Self { + AuthError::HashingFailed(value.to_string()) + } +} diff --git a/server/src/database/model/member.rs b/server/src/database/model/member.rs index 7308376..bd3f4d6 100644 --- a/server/src/database/model/member.rs +++ b/server/src/database/model/member.rs @@ -32,10 +32,6 @@ impl Member { Ok(members) } - pub async fn get_many(transaction: &PgPool, members: Vec) -> Result<(), sqlx::Error> { - Ok(()) - } - pub async fn get_all(pool: &PgPool) -> Result, sqlx::Error> { let members = sqlx::query_as!(Member, "SELECT * FROM members;",) .fetch_all(pool) diff --git a/server/src/database/model/session.rs b/server/src/database/model/session.rs index 2043f5c..2526b65 100644 --- a/server/src/database/model/session.rs +++ b/server/src/database/model/session.rs @@ -36,9 +36,9 @@ impl Session { Ok(()) } - pub async fn from_token(transaction: &PgPool, token: &str) -> Result { + pub async fn from_token(pool: &PgPool, token: &str) -> Result { let session = sqlx::query_as!(Self, "SELECT * FROM sessions WHERE token = $1;", token) - .fetch_one(transaction) + .fetch_one(pool) .await?; Ok(session) diff --git a/server/src/database/model/user.rs b/server/src/database/model/user.rs index 58f0947..1b27b89 100644 --- a/server/src/database/model/user.rs +++ b/server/src/database/model/user.rs @@ -109,8 +109,8 @@ pub struct UserMember { impl UserMember { pub async fn insert_many( transaction: &mut sqlx::Transaction<'_, Postgres>, - user_ids: &Vec, - member_ids: &Vec, + user_ids: &[uuid::Uuid], + member_ids: &[String], ) -> Result<(), sqlx::Error> { sqlx::query!( " diff --git a/server/src/routes/auth.rs b/server/src/routes/auth.rs index 6961af8..be4ccb0 100644 --- a/server/src/routes/auth.rs +++ b/server/src/routes/auth.rs @@ -33,10 +33,7 @@ pub async fn login<'a>( let db_user = DbUser::get_from_email(&state.pool, login_request.email).await?; if let Some(pass) = db_user.password { - match verify_password_hash(&login_request.password, &pass).await { - Ok(_) => (), - Err(_err) => return Err(crate::Error::Auth(crate::auth::AuthError::InvalidPassword)), - }; + verify_password_hash(&login_request.password, &pass).await?; } else { return Err(AuthError::Unexpected.into()); } @@ -71,10 +68,7 @@ pub async fn register( let member_ids: Vec = members.into_iter().map(|m| m.member_id).collect(); // Hash password - let password_hash = match generate_password_hash(auth_request.password).await { - Ok(hash) => hash, - Err(_err) => return Err(crate::Error::Auth(crate::auth::AuthError::InvalidToken)), - }; + let password_hash = generate_password_hash(auth_request.password).await?; let mut transaction = state.pool.begin().await?; @@ -107,19 +101,13 @@ pub async fn change_password( ) -> Result<(), crate::Error> { let (_, user) = get_user_from_header(&state.pool, &headers).await?; - let password_hash = match generate_password_hash(request.new_password).await { - Ok(hash) => hash, - Err(_err) => return Err(crate::Error::Auth(crate::auth::AuthError::InvalidPassword)), - }; - + // Verify that password is correct let db_user: DbUser = user.into(); - let old_password_hash = db_user.get_password(&state.pool).await?; + verify_password_hash(&request.old_password, &old_password_hash).await?; - match verify_password_hash(&request.old_password, &old_password_hash).await { - Ok(_) => (), - Err(_err) => return Err(crate::Error::Auth(crate::auth::AuthError::InvalidPassword)), - }; + // Generate password hash for new password + let new_password_hash = generate_password_hash(request.new_password).await?; let mut transaction = state.pool.begin().await?; @@ -128,7 +116,7 @@ pub async fn change_password( &mut transaction, UpdateUser { email: None, - password: Some(password_hash), + password: Some(new_password_hash), admin: None, }, ) @@ -152,14 +140,10 @@ pub async fn change_email( ) -> Result<(), crate::Error> { let (_, user) = get_user_from_header(&state.pool, &headers).await?; + // Verify that password is correct let db_user: DbUser = user.into(); - let password_hash = db_user.get_password(&state.pool).await?; - - match verify_password_hash(&request.password, &password_hash).await { - Ok(_) => (), - Err(_err) => return Err(crate::Error::Auth(crate::auth::AuthError::InvalidPassword)), - }; + verify_password_hash(&request.password, &password_hash).await?; let mut transaction = state.pool.begin().await?; diff --git a/server/src/routes/member.rs b/server/src/routes/member.rs index 9b31a16..86a1225 100644 --- a/server/src/routes/member.rs +++ b/server/src/routes/member.rs @@ -26,7 +26,3 @@ pub async fn get_current_members( Ok(Json(members)) } - -pub async fn get_members(State(state): State, body: String) -> Result<(), crate::Error> { - Ok(()) -} diff --git a/server/src/routes/member/migrate.rs b/server/src/routes/member/migrate.rs index 85aecf2..9c95d9e 100644 --- a/server/src/routes/member/migrate.rs +++ b/server/src/routes/member/migrate.rs @@ -1,11 +1,6 @@ use std::collections::HashMap; -use axum::{ - extract::State, - http::HeaderMap, - Json, -}; -use itertools::Itertools; +use axum::{extract::State, http::HeaderMap, Json}; use sqlx::PgPool; use crate::{ @@ -143,7 +138,6 @@ pub struct MigrationStore { pub count: u32, } - impl Row { fn from_csv_many(input: &str) -> Result, csv::Error> { let mut rdr = csv::ReaderBuilder::new()