factoriauth/src/db.rs

use std::{fmt::Debug, str::FromStr};

use axum::async_trait;
use secrecy::ExposeSecret;
use sqlx::{query, query_as, sqlite::SqliteConnectOptions, Connection, SqliteConnection};
use tracing::instrument;

use crate::secrets::{ServerHash, ServerPadlock, UserToken};

// TODO: check again if it's possible to pass this as a parameter to query!
// const TABLE_USER_TOKENS: &str = "user_tokens";

pub enum UserTokenEntry {
    Valid(
        UserToken,
        time::OffsetDateTime,
        Option<time::OffsetDateTime>,
    ),
    Invalid(
        UserToken,
        time::OffsetDateTime,
        Option<time::OffsetDateTime>,
    ),
}

#[async_trait]
pub trait Database: Debug {
    async fn get_user_token(
        &mut self,
        username: &str,
    ) -> Result<Option<UserTokenEntry>, sqlx::Error>;

    async fn save_user_token(
        &mut self,
        username: &str,
        token: &UserToken,
    ) -> Result<(), sqlx::Error>;

    async fn update_user_token_last_used(
        &mut self,
        username: &str,
        token: &UserToken,
    ) -> Result<(), sqlx::Error>;

    async fn get_server_padlock(
        &mut self,
        server_hash: &ServerHash,
    ) -> Result<Option<ServerPadlock>, sqlx::Error>;

    async fn save_server_padlock(
        &mut self,
        server_hash: &ServerHash,
        server_padlock: &ServerPadlock,
    ) -> Result<(), sqlx::Error>;
}

#[derive(Debug)]
pub struct SqliteDatabase {
    conn: SqliteConnection,
}

impl SqliteDatabase {
    #[instrument]
    pub async fn open(connection_string: &str) -> Result<Self, sqlx::Error> {
        let options = SqliteConnectOptions::from_str(connection_string)?.create_if_missing(true);

        let mut db = Self {
            conn: SqliteConnection::connect_with(&options).await?,
        };

        db.init().await?;

        Ok(db)
    }

    #[instrument]
    async fn init(&mut self) -> Result<(), sqlx::Error> {
        query!(
            "CREATE TABLE IF NOT EXISTS user_tokens (
                id          INTEGER PRIMARY KEY AUTOINCREMENT,
                username    VARCHAR(255) NOT NULL,
                token       NCHAR(30) NOT NULL,
                valid       BOOLEAN NOT NULL,
                created     DATETIME NOT NULL,
                last_used   DATETIME
            )"
        )
        .execute(&mut self.conn)
        .await?;

        query!(
            "CREATE TABLE IF NOT EXISTS server_padlocks (
                hash        TEXT NOT NULL UNIQUE,
                padlock     TEXT NOT NULL
            ) STRICT"
        )
        .execute(&mut self.conn)
        .await?;

        Ok(())
    }
}

#[async_trait]
impl Database for SqliteDatabase {
    #[instrument]
    async fn get_user_token(
        &mut self,
        username: &str,
    ) -> Result<Option<UserTokenEntry>, sqlx::Error> {
        struct TokenRow {
            token: String,
            valid: bool,
            created: time::OffsetDateTime,
            last_used: Option<time::OffsetDateTime>,
        }
        let row = query_as!(
            TokenRow,
            "SELECT token, valid, created, last_used
            FROM user_tokens
            WHERE username = $1
            ORDER BY created DESC",
            username
        )
        .fetch_optional(&mut self.conn)
        .await?;

        #[allow(clippy::match_bool)]
        Ok(row.map(
            |TokenRow {
                 token,
                 valid,
                 created,
                 last_used,
             }| match valid {
                true => UserTokenEntry::Valid(UserToken::from(token), created, last_used),
                false => UserTokenEntry::Invalid(UserToken::from(token), created, last_used),
            },
        ))
    }

    #[instrument]
    async fn save_user_token(
        &mut self,
        username: &str,
        token: &UserToken,
    ) -> Result<(), sqlx::Error> {
        let token_inner = token.0.expose_secret();
        query!(
            "INSERT INTO user_tokens
                (username, token, created, valid)
            VALUES
                ($1, $2, DATETIME('NOW'), TRUE)
            ",
            username,
            token_inner
        )
        .execute(&mut self.conn)
        .await?;

        Ok(())
    }

    #[instrument]
    async fn update_user_token_last_used(
        &mut self,
        username: &str,
        token: &UserToken,
    ) -> Result<(), sqlx::Error> {
        let token_inner = token.0.expose_secret();
        query!(
            "UPDATE user_tokens
            SET last_used = DATETIME('NOW')
            WHERE username = $1 AND token = $2",
            username,
            token_inner
        )
        .execute(&mut self.conn)
        .await?;

        Ok(())
    }

    #[instrument]
    async fn get_server_padlock(
        &mut self,
        server_hash: &ServerHash,
    ) -> Result<Option<ServerPadlock>, sqlx::Error> {
        let server_hash = &server_hash.0;

        let padlock = query!(
            "SELECT padlock FROM server_padlocks WHERE hash = $1",
            server_hash
        )
        .fetch_optional(&mut self.conn)
        .await?;

        Ok(padlock.map(|d| ServerPadlock::from(d.padlock)))
    }

    #[instrument]
    async fn save_server_padlock(
        &mut self,
        server_hash: &ServerHash,
        server_padlock: &ServerPadlock,
    ) -> Result<(), sqlx::Error> {
        let server_hash = &server_hash.0;
        let server_padlock = server_padlock.0.expose_secret();

        query!(
            "INSERT INTO server_padlocks (hash, padlock) VALUES ($1, $2)",
            server_hash,
            server_padlock
        )
        .execute(&mut self.conn)
        .await?;

        Ok(())
    }
}
use trait object for database 2024-02-11 16:48:03 +01:00			`use std::{fmt::Debug, str::FromStr};`
fix db connection 2024-02-10 13:31:23 +01:00
use trait object for database 2024-02-11 16:48:03 +01:00			`use axum::async_trait;`
generate token and save in database 2024-02-10 13:07:36 +01:00			`use secrecy::ExposeSecret;`
fix db connection 2024-02-10 13:31:23 +01:00			`use sqlx::{query, query_as, sqlite::SqliteConnectOptions, Connection, SqliteConnection};`
Add more instrument macros 2024-02-10 13:51:53 +01:00			`use tracing::instrument;`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00
Implement padlock proxy 2024-02-20 22:57:03 +01:00			`use crate::secrets::{ServerHash, ServerPadlock, UserToken};`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00
use query! and query_as! 2024-02-10 14:31:07 +01:00			`// TODO: check again if it's possible to pass this as a parameter to query!`
			`// const TABLE_USER_TOKENS: &str = "user_tokens";`
generate token and save in database 2024-02-10 13:07:36 +01:00
make db only return tokens, not validate 2024-02-10 14:02:41 +01:00			`pub enum UserTokenEntry {`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`Valid(`
			`UserToken,`
			`time::OffsetDateTime,`
			`Option<time::OffsetDateTime>,`
			`),`
			`Invalid(`
			`UserToken,`
			`time::OffsetDateTime,`
			`Option<time::OffsetDateTime>,`
			`),`
make db only return tokens, not validate 2024-02-10 14:02:41 +01:00			`}`

use trait object for database 2024-02-11 16:48:03 +01:00			`#[async_trait]`
			`pub trait Database: Debug {`
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn get_user_token(`
			`&mut self,`
			`username: &str,`
			`) -> Result<Option<UserTokenEntry>, sqlx::Error>;`
generate token and save in database 2024-02-10 13:07:36 +01:00
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn save_user_token(`
			`&mut self,`
			`username: &str,`
			`token: &UserToken,`
			`) -> Result<(), sqlx::Error>;`
update last_used on verify_user_token 2024-02-11 20:00:05 +01:00
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn update_user_token_last_used(`
update last_used on verify_user_token 2024-02-11 20:00:05 +01:00			`&mut self,`
			`username: &str,`
			`token: &UserToken,`
			`) -> Result<(), sqlx::Error>;`
Implement padlock proxy 2024-02-20 22:57:03 +01:00
			`async fn get_server_padlock(`
			`&mut self,`
			`server_hash: &ServerHash,`
			`) -> Result<Option<ServerPadlock>, sqlx::Error>;`

			`async fn save_server_padlock(`
			`&mut self,`
			`server_hash: &ServerHash,`
			`server_padlock: &ServerPadlock,`
			`) -> Result<(), sqlx::Error>;`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`}`

			`#[derive(Debug)]`
			`pub struct SqliteDatabase {`
			`conn: SqliteConnection,`
			`}`

			`impl SqliteDatabase {`
Add more instrument macros 2024-02-10 13:51:53 +01:00			`#[instrument]`
Improve error handling 2024-02-15 21:14:07 +01:00			`pub async fn open(connection_string: &str) -> Result<Self, sqlx::Error> {`
			`let options = SqliteConnectOptions::from_str(connection_string)?.create_if_missing(true);`
fix db connection 2024-02-10 13:31:23 +01:00
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`let mut db = Self {`
Improve error handling 2024-02-15 21:14:07 +01:00			`conn: SqliteConnection::connect_with(&options).await?,`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`};`

Improve error handling 2024-02-15 21:14:07 +01:00			`db.init().await?;`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00
Improve error handling 2024-02-15 21:14:07 +01:00			`Ok(db)`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`}`

Add more instrument macros 2024-02-10 13:51:53 +01:00			`#[instrument]`
Improve error handling 2024-02-15 21:14:07 +01:00			`async fn init(&mut self) -> Result<(), sqlx::Error> {`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`query!(`
			`"CREATE TABLE IF NOT EXISTS user_tokens (`
generate token and save in database 2024-02-10 13:07:36 +01:00			`id INTEGER PRIMARY KEY AUTOINCREMENT,`
add last_used to user_tokens table 2024-02-10 13:18:08 +01:00			`username VARCHAR(255) NOT NULL,`
			`token NCHAR(30) NOT NULL,`
			`valid BOOLEAN NOT NULL,`
			`created DATETIME NOT NULL,`
			`last_used DATETIME`
fix db connection 2024-02-10 13:31:23 +01:00			`)"`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`)`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`.execute(&mut self.conn)`
Improve error handling 2024-02-15 21:14:07 +01:00			`.await?;`

Implement padlock proxy 2024-02-20 22:57:03 +01:00			`query!(`
			`"CREATE TABLE IF NOT EXISTS server_padlocks (`
			`hash TEXT NOT NULL UNIQUE,`
			`padlock TEXT NOT NULL`
			`) STRICT"`
			`)`
			`.execute(&mut self.conn)`
			`.await?;`

Improve error handling 2024-02-15 21:14:07 +01:00			`Ok(())`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`}`
			`}`

use trait object for database 2024-02-11 16:48:03 +01:00			`#[async_trait]`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`impl Database for SqliteDatabase {`
Add more instrument macros 2024-02-10 13:51:53 +01:00			`#[instrument]`
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn get_user_token(`
			`&mut self,`
			`username: &str,`
			`) -> Result<Option<UserTokenEntry>, sqlx::Error> {`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`struct TokenRow {`
			`token: String,`
			`valid: bool,`
			`created: time::OffsetDateTime,`
			`last_used: Option<time::OffsetDateTime>,`
			`}`
			`let row = query_as!(`
			`TokenRow,`
make db only return tokens, not validate 2024-02-10 14:02:41 +01:00			`"SELECT token, valid, created, last_used`
Database::get_token 2024-02-10 12:25:46 +01:00			`FROM user_tokens`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`WHERE username = $1`
make db only return tokens, not validate 2024-02-10 14:02:41 +01:00			`ORDER BY created DESC",`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`username`
Database::get_token 2024-02-10 12:25:46 +01:00			`)`
distinguish invalid token from database error 2024-02-10 13:39:10 +01:00			`.fetch_optional(&mut self.conn)`
Database::get_token 2024-02-10 12:25:46 +01:00			`.await?;`

Silence clippy 2024-02-15 19:34:43 +01:00			`#[allow(clippy::match_bool)]`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`Ok(row.map(`
			`\|TokenRow {`
			`token,`
			`valid,`
			`created,`
			`last_used,`
slightly shorten db.get_token (no good reason other than i think it looks better) 2024-02-11 19:04:53 +01:00			`}\| match valid {`
			`true => UserTokenEntry::Valid(UserToken::from(token), created, last_used),`
			`false => UserTokenEntry::Invalid(UserToken::from(token), created, last_used),`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`},`
			`))`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`}`
generate token and save in database 2024-02-10 13:07:36 +01:00
Add more instrument macros 2024-02-10 13:51:53 +01:00			`#[instrument]`
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn save_user_token(`
			`&mut self,`
			`username: &str,`
			`token: &UserToken,`
			`) -> Result<(), sqlx::Error> {`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`let token_inner = token.0.expose_secret();`
			`query!(`
			`"INSERT INTO user_tokens`
generate token and save in database 2024-02-10 13:07:36 +01:00			`(username, token, created, valid)`
			`VALUES`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`($1, $2, DATETIME('NOW'), TRUE)`
generate token and save in database 2024-02-10 13:07:36 +01:00			`",`
use query! and query_as! 2024-02-10 14:31:07 +01:00			`username,`
			`token_inner`
			`)`
generate token and save in database 2024-02-10 13:07:36 +01:00			`.execute(&mut self.conn)`
			`.await?;`

			`Ok(())`
			`}`
update last_used on verify_user_token 2024-02-11 20:00:05 +01:00
			`#[instrument]`
db: rename methods to clarify token kind 2024-02-20 22:00:08 +01:00			`async fn update_user_token_last_used(`
update last_used on verify_user_token 2024-02-11 20:00:05 +01:00			`&mut self,`
			`username: &str,`
			`token: &UserToken,`
			`) -> Result<(), sqlx::Error> {`
			`let token_inner = token.0.expose_secret();`
			`query!(`
			`"UPDATE user_tokens`
			`SET last_used = DATETIME('NOW')`
			`WHERE username = $1 AND token = $2",`
			`username,`
			`token_inner`
			`)`
			`.execute(&mut self.conn)`
			`.await?;`

			`Ok(())`
			`}`
Implement padlock proxy 2024-02-20 22:57:03 +01:00
			`#[instrument]`
			`async fn get_server_padlock(`
			`&mut self,`
			`server_hash: &ServerHash,`
			`) -> Result<Option<ServerPadlock>, sqlx::Error> {`
			`let server_hash = &server_hash.0;`

			`let padlock = query!(`
			`"SELECT padlock FROM server_padlocks WHERE hash = $1",`
			`server_hash`
			`)`
			`.fetch_optional(&mut self.conn)`
			`.await?;`

			`Ok(padlock.map(\|d\| ServerPadlock::from(d.padlock)))`
			`}`

			`#[instrument]`
			`async fn save_server_padlock(`
			`&mut self,`
			`server_hash: &ServerHash,`
			`server_padlock: &ServerPadlock,`
			`) -> Result<(), sqlx::Error> {`
			`let server_hash = &server_hash.0;`
			`let server_padlock = server_padlock.0.expose_secret();`

			`query!(`
			`"INSERT INTO server_padlocks (hash, padlock) VALUES ($1, $2)",`
			`server_hash,`
			`server_padlock`
			`)`
			`.execute(&mut self.conn)`
			`.await?;`

			`Ok(())`
			`}`
beginnings of SqliteDatabase 2024-02-10 12:06:53 +01:00			`}`