diff options
author | Ilion Beyst <ilion.beyst@gmail.com> | 2021-12-15 22:40:55 +0100 |
---|---|---|
committer | Ilion Beyst <ilion.beyst@gmail.com> | 2021-12-15 22:40:55 +0100 |
commit | 6aa72b3c8717f32e62c772aeed327d3cd9a6fa65 (patch) | |
tree | e6ac67e68c410aed1f0baa2857aeaf60d73448bd /backend/src/db/users.rs | |
parent | 13cdbc7ff760ae91ee3f62b2a2f62c7559ccaa3c (diff) | |
download | planetwars.dev-6aa72b3c8717f32e62c772aeed327d3cd9a6fa65.tar.xz planetwars.dev-6aa72b3c8717f32e62c772aeed327d3cd9a6fa65.zip |
gracefully handle invalid login credentials
Diffstat (limited to 'backend/src/db/users.rs')
-rw-r--r-- | backend/src/db/users.rs | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/backend/src/db/users.rs b/backend/src/db/users.rs index c06e5b3..29cee88 100644 --- a/backend/src/db/users.rs +++ b/backend/src/db/users.rs @@ -58,24 +58,26 @@ pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResul } pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option<User> { - let user = users::table + users::table .filter(users::username.eq(&credentials.username)) .first::<User>(db_conn) - .unwrap(); + .optional() + .unwrap() + .and_then(|user| { + let password_matches = argon2::verify_raw( + credentials.password.as_bytes(), + &user.password_salt, + &user.password_hash, + &argon2_config(), + ) + .unwrap(); - let password_matches = argon2::verify_raw( - credentials.password.as_bytes(), - &user.password_salt, - &user.password_hash, - &argon2_config(), - ) - .unwrap(); - - if password_matches { - return Some(user); - } else { - return None; - } + if password_matches { + return Some(user); + } else { + return None; + } + }) } #[test] |