spacetimedb-sdk 2.0.5

A Rust SDK for clients to interface with SpacetimeDB
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151

//! Utilities for saving and re-using credentials.
//!
//! Users are encouraged to import this module by name and refer to its contents by qualified path, like:
//! ```ignore
//! use spacetimedb_sdk::credentials;
//! fn credential_store() -> credentials::File {
//!     credentials::File::new("my_app")
//! }
//! ```

use home::home_dir;
use spacetimedb_lib::{bsatn, de::Deserialize, ser::Serialize};
use std::path::PathBuf;
use thiserror::Error;

const CREDENTIALS_DIR: &str = ".spacetimedb_client_credentials";

#[derive(Error, Debug)]
pub enum CredentialFileError {
    #[error("Failed to determine user home directory as root for credentials storage")]
    DetermineHomeDir,
    #[error("Error creating credential storage directory {path}")]
    CreateDir {
        path: PathBuf,
        #[source]
        source: std::io::Error,
    },
    #[error("Error serializing credentials for storage in file")]
    Serialize {
        #[source]
        source: bsatn::EncodeError,
    },
    #[error("Error writing BSATN-serialized credentials to file {path}")]
    Write {
        path: PathBuf,
        #[source]
        source: std::io::Error,
    },
    #[error("Error reading BSATN-serialized credentials from file {path}")]
    Read {
        path: PathBuf,
        #[source]
        source: std::io::Error,
    },
    #[error("Error deserializing credentials from bytes stored in file {path}")]
    Deserialize {
        path: PathBuf,
        #[source]
        source: bsatn::DecodeError,
    },
}

/// A file on disk which stores, or can store, a JWT for authenticating with SpacetimeDB.
///
/// The file does not necessarily exist or store credentials.
/// If the credentials have been stored previously, they can be accessed with [`File::load`].
/// New credentials can be saved to disk with [`File::save`].
pub struct File {
    filename: String,
}

#[derive(Serialize, Deserialize)]
struct Credentials {
    token: String,
}

impl File {
    /// Get a handle on a file which stores a SpacetimeDB [`Identity`] and its private access token.
    ///
    /// This method does not create the file or check that it exists.
    ///
    /// Distinct applications running as the same user on the same machine
    /// may share [`Identity`]/token pairs by supplying the same `key`.
    /// Users who desire distinct credentials for their application
    /// should supply a unique `key` per application.
    ///
    /// No additional namespacing is provided to tie the stored token
    /// to a particular SpacetimeDB instance or cluster.
    /// Users who intend to connect to multiple instances or clusters
    /// should use a distinct `key` per cluster.
    pub fn new(key: impl Into<String>) -> Self {
        Self { filename: key.into() }
    }

    fn determine_home_dir() -> Result<PathBuf, CredentialFileError> {
        home_dir().ok_or(CredentialFileError::DetermineHomeDir)
    }

    fn ensure_credentials_dir() -> Result<(), CredentialFileError> {
        let mut path = Self::determine_home_dir()?;
        path.push(CREDENTIALS_DIR);

        std::fs::create_dir_all(&path).map_err(|source| CredentialFileError::CreateDir { path, source })
    }

    fn path(&self) -> Result<PathBuf, CredentialFileError> {
        let mut path = Self::determine_home_dir()?;
        path.push(CREDENTIALS_DIR);
        path.push(&self.filename);
        Ok(path)
    }

    /// Store the provided `token` to disk in the file referred to by `self`.
    ///
    /// Future calls to [`Self::load`] on a `File` with the same key can retrieve the token.
    ///
    /// Expected usage is to call this from a [`super::DbConnectionBuilder::on_connect`] callback.
    ///
    /// ```ignore
    /// DbConnection::builder()
    ///   .on_connect(|_ctx, _identity, token| {
    ///       credentials::File::new("my_app").save(token).unwrap();
    /// })
    /// ```
    pub fn save(self, token: impl Into<String>) -> Result<(), CredentialFileError> {
        Self::ensure_credentials_dir()?;

        let creds = bsatn::to_vec(&Credentials { token: token.into() })
            .map_err(|source| CredentialFileError::Serialize { source })?;
        let path = self.path()?;
        std::fs::write(&path, creds).map_err(|source| CredentialFileError::Write { path, source })?;
        Ok(())
    }

    /// Load a saved token from disk in the file referred to by `self`,
    /// if they have previously been stored by [`Self::save`].
    ///
    /// Returns `Err` if I/O fails,
    /// `None` if credentials have not previously been stored,
    /// or `Some` if credentials are successfully loaded from disk.
    /// After unwrapping the `Result`, the returned `Option` can be passed to
    /// [`super::DbConnectionBuilder::with_token`].
    ///
    /// ```ignore
    /// DbConnection::builder()
    ///   .with_token(credentials::File::new("my_app").load().unwrap())
    /// ```
    pub fn load(self) -> Result<Option<String>, CredentialFileError> {
        let path = self.path()?;

        let bytes = match std::fs::read(&path) {
            Ok(bytes) => bytes,
            Err(e) if matches!(e.kind(), std::io::ErrorKind::NotFound) => return Ok(None),
            Err(source) => return Err(CredentialFileError::Read { path, source }),
        };

        let creds = bsatn::from_slice::<Credentials>(&bytes)
            .map_err(|source| CredentialFileError::Deserialize { path, source })?;
        Ok(Some(creds.token))
    }
}