covert-userpass-auth 0.1.1

Covert userpass auth method
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142

use covert_storage::BackendStoragePool;

use crate::{error::Error, User};

const USERS_TABLE: &str = "USERS";

#[derive(Debug)]
pub struct UsersRepo {
    pool: BackendStoragePool,
}

impl UsersRepo {
    pub fn new(pool: BackendStoragePool) -> Self {
        Self { pool }
    }

    #[tracing::instrument(skip_all)]
    pub async fn create(&self, user: &User) -> Result<bool, Error> {
        self.pool
            .query(&format!(
                "INSERT INTO {USERS_TABLE} (username, password) 
                    VALUES ($1, $2)"
            ))?
            .bind(&user.username)
            .bind(&user.password)
            .execute()
            .await
            .map(|res| res.rows_affected() == 1)
            .map_err(Into::into)
    }

    #[tracing::instrument(skip_all)]
    pub async fn remove(&self, username: &str) -> Result<bool, Error> {
        self.pool
            .query(&format!("DELETE FROM {USERS_TABLE} WHERE username = ?"))?
            .bind(username)
            .execute()
            .await
            .map(|res| res.rows_affected() == 1)
            .map_err(Into::into)
    }

    #[tracing::instrument(skip_all)]
    pub async fn list(&self) -> Result<Vec<User>, Error> {
        self.pool
            .query(&format!("SELECT * FROM {USERS_TABLE}"))?
            .fetch_all()
            .await
            .map_err(Into::into)
    }

    #[tracing::instrument(skip_all)]
    pub async fn get(&self, username: &str) -> Result<Option<User>, Error> {
        self.pool
            .query(&format!("SELECT * FROM {USERS_TABLE} WHERE username = ?"))?
            .bind(username)
            .fetch_optional()
            .await
            .map_err(Into::into)
    }

    #[tracing::instrument(skip_all)]
    pub async fn update_password(&self, username: &str, password: &str) -> Result<(), Error> {
        self.pool
            .query(&format!(
                "UPDATE {USERS_TABLE} SET
                password = ?
                WHERE username = ?"
            ))?
            .bind(password)
            .bind(username)
            .execute()
            .await
            .map(|_| ())
            .map_err(Into::into)
    }
}

#[cfg(test)]
mod tests {
    use std::sync::Arc;

    use covert_storage::{migrator::migrate_backend, EncryptedPool};
    use tempfile::TempDir;

    use crate::Migrations;

    use super::*;

    pub async fn setup_context() -> (BackendStoragePool, TempDir) {
        let tmpdir = tempfile::tempdir().unwrap();
        let file_path = tmpdir
            .path()
            .join("db-storage")
            .to_str()
            .unwrap()
            .to_string();

        let pool = Arc::new(EncryptedPool::new(&file_path));
        let master_key = pool.initialize().unwrap().unwrap();
        pool.unseal(master_key.clone()).unwrap();

        let storage = BackendStoragePool::new(
            "foo".into(),
            "629d847db7c9492ba69aed520cd1997d".into(),
            pool,
        );

        migrate_backend::<Migrations>(&storage).await.unwrap();

        (storage, tmpdir)
    }

    #[sqlx::test]
    async fn crud() {
        let pool = setup_context().await.0;
        let store = UsersRepo::new(pool);

        let user = User {
            username: "foo".into(),
            password: "pass".into(),
        };
        assert!(store.create(&user).await.is_ok());

        assert_eq!(store.list().await.unwrap(), vec![user.clone()]);
        assert_eq!(store.get(&user.username).await.unwrap(), Some(user.clone()));
        assert_eq!(store.get("not existing username").await.unwrap(), None);

        let newpass = "newpass";
        assert!(store.update_password(&user.username, newpass).await.is_ok());
        assert_eq!(
            store.get(&user.username).await.unwrap(),
            Some(User {
                username: user.username.clone(),
                password: newpass.to_string()
            })
        );

        assert!(store.remove(&user.username).await.is_ok());
        assert!(store.get(&user.username).await.unwrap().is_none());
    }
}