diff options
author | Ilion Beyst <ilion.beyst@gmail.com> | 2021-12-30 11:45:59 +0100 |
---|---|---|
committer | Ilion Beyst <ilion.beyst@gmail.com> | 2021-12-30 11:45:59 +0100 |
commit | 3edf5d60f54bfd0cd2c818e5fb1ca133e324325d (patch) | |
tree | 9b8bd057e3e27c9e2488957f02ffc8de4ed4c438 /backend/src | |
parent | 71ee6c99e963d96286cae8d0bfc2f20a9c9c920b (diff) | |
download | planetwars.dev-3edf5d60f54bfd0cd2c818e5fb1ca133e324325d.tar.xz planetwars.dev-3edf5d60f54bfd0cd2c818e5fb1ca133e324325d.zip |
rename to planetwars-server
Diffstat (limited to 'backend/src')
-rw-r--r-- | backend/src/db/bots.rs | 53 | ||||
-rw-r--r-- | backend/src/db/mod.rs | 3 | ||||
-rw-r--r-- | backend/src/db/sessions.rs | 46 | ||||
-rw-r--r-- | backend/src/db/users.rs | 108 | ||||
-rw-r--r-- | backend/src/lib.rs | 85 | ||||
-rw-r--r-- | backend/src/main.rs | 16 | ||||
-rw-r--r-- | backend/src/routes/bots.rs | 75 | ||||
-rw-r--r-- | backend/src/routes/mod.rs | 2 | ||||
-rw-r--r-- | backend/src/routes/users.rs | 94 | ||||
-rw-r--r-- | backend/src/schema.rs | 39 |
10 files changed, 0 insertions, 521 deletions
diff --git a/backend/src/db/bots.rs b/backend/src/db/bots.rs deleted file mode 100644 index bc9cb11..0000000 --- a/backend/src/db/bots.rs +++ /dev/null @@ -1,53 +0,0 @@ -use diesel::prelude::*; -use serde::{Deserialize, Serialize}; - -use crate::schema::{bots, code_bundles}; -use chrono; - -#[derive(Insertable)] -#[table_name = "bots"] -pub struct NewBot<'a> { - pub owner_id: i32, - pub name: &'a str, -} - -#[derive(Queryable, Debug, PartialEq, Serialize, Deserialize)] -pub struct Bot { - pub id: i32, - pub owner_id: i32, - pub name: String, -} - -pub fn create_bot(new_bot: &NewBot, conn: &PgConnection) -> QueryResult<Bot> { - diesel::insert_into(bots::table) - .values(new_bot) - .get_result(conn) -} - -pub fn find_bot(id: i32, conn: &PgConnection) -> QueryResult<Bot> { - bots::table.find(id).first(conn) -} - -#[derive(Insertable)] -#[table_name = "code_bundles"] -pub struct NewCodeBundle<'a> { - pub bot_id: i32, - pub path: &'a str, -} - -#[derive(Queryable, Serialize, Deserialize, Debug)] -pub struct CodeBundle { - pub id: i32, - pub bot_id: i32, - pub path: String, - pub created_at: chrono::NaiveDateTime, -} - -pub fn create_code_bundle( - new_code_bundle: &NewCodeBundle, - conn: &PgConnection, -) -> QueryResult<CodeBundle> { - diesel::insert_into(code_bundles::table) - .values(new_code_bundle) - .get_result(conn) -} diff --git a/backend/src/db/mod.rs b/backend/src/db/mod.rs deleted file mode 100644 index 947b789..0000000 --- a/backend/src/db/mod.rs +++ /dev/null @@ -1,3 +0,0 @@ -pub mod bots; -pub mod sessions; -pub mod users; diff --git a/backend/src/db/sessions.rs b/backend/src/db/sessions.rs deleted file mode 100644 index 96f3926..0000000 --- a/backend/src/db/sessions.rs +++ /dev/null @@ -1,46 +0,0 @@ -use super::users::User; -use crate::schema::{sessions, users}; -use base64; -use diesel::PgConnection; -use diesel::{insert_into, prelude::*, Insertable, RunQueryDsl}; -use rand::{self, Rng}; - -#[derive(Insertable)] -#[table_name = "sessions"] -struct NewSession { - token: String, - user_id: i32, -} - -#[derive(Queryable, Debug, PartialEq)] -pub struct Session { - pub id: i32, - pub user_id: i32, - pub token: String, -} - -pub fn create_session(user: &User, conn: &PgConnection) -> Session { - let new_session = NewSession { - token: gen_session_token(), - user_id: user.id, - }; - let session = insert_into(sessions::table) - .values(&new_session) - .get_result::<Session>(conn) - .unwrap(); - - return session; -} - -pub fn find_user_by_session(token: &str, conn: &PgConnection) -> QueryResult<(Session, User)> { - sessions::table - .inner_join(users::table) - .filter(sessions::token.eq(&token)) - .first::<(Session, User)>(conn) -} - -pub fn gen_session_token() -> String { - let mut rng = rand::thread_rng(); - let token: [u8; 32] = rng.gen(); - return base64::encode(&token); -} diff --git a/backend/src/db/users.rs b/backend/src/db/users.rs deleted file mode 100644 index 663f173..0000000 --- a/backend/src/db/users.rs +++ /dev/null @@ -1,108 +0,0 @@ -use crate::schema::users; -use argon2; -use diesel::{prelude::*, PgConnection}; -use rand::Rng; -use serde::{Deserialize, Serialize}; - -#[derive(Debug, Deserialize)] -pub struct Credentials<'a> { - pub username: &'a str, - pub password: &'a str, -} - -#[derive(Insertable)] -#[table_name = "users"] -pub struct NewUser<'a> { - pub username: &'a str, - pub password_hash: &'a [u8], - pub password_salt: &'a [u8], -} - -#[derive(Queryable, Debug)] -pub struct User { - pub id: i32, - pub username: String, - pub password_salt: Vec<u8>, - pub password_hash: Vec<u8>, -} - -// TODO: make this configurable somewhere -fn argon2_config() -> argon2::Config<'static> { - argon2::Config { - variant: argon2::Variant::Argon2i, - version: argon2::Version::Version13, - mem_cost: 4096, - time_cost: 3, - lanes: 1, - thread_mode: argon2::ThreadMode::Sequential, - // TODO: set a secret - secret: &[], - ad: &[], - hash_length: 32, - } -} - -pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResult<User> { - let argon_config = argon2_config(); - - let salt: [u8; 32] = rand::thread_rng().gen(); - let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); - let new_user = NewUser { - username: &credentials.username, - password_salt: &salt, - password_hash: &hash, - }; - diesel::insert_into(users::table) - .values(&new_user) - .get_result::<User>(conn) -} - -pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option<User> { - users::table - .filter(users::username.eq(&credentials.username)) - .first::<User>(db_conn) - .optional() - .unwrap() - .and_then(|user| { - let password_matches = argon2::verify_raw( - credentials.password.as_bytes(), - &user.password_salt, - &user.password_hash, - &argon2_config(), - ) - .unwrap(); - - if password_matches { - return Some(user); - } else { - return None; - } - }) -} - -#[test] -fn test_argon() { - let credentials = Credentials { - username: "piepkonijn", - password: "geheim123", - }; - let argon_config = argon2_config(); - - let salt: [u8; 32] = rand::thread_rng().gen(); - let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); - let new_user = NewUser { - username: &credentials.username, - password_hash: &hash, - password_salt: &salt, - }; - - let password_matches = argon2::verify_raw( - credentials.password.as_bytes(), - &new_user.password_salt, - &new_user.password_hash, - &argon2_config(), - ) - .unwrap(); - - assert!(password_matches); -} diff --git a/backend/src/lib.rs b/backend/src/lib.rs deleted file mode 100644 index 665523f..0000000 --- a/backend/src/lib.rs +++ /dev/null @@ -1,85 +0,0 @@ -#![feature(proc_macro_hygiene, decl_macro)] - -#[macro_use] -extern crate diesel; - -pub mod db; -pub mod routes; -pub mod schema; - -use std::ops::Deref; - -use axum; -use bb8::PooledConnection; -use bb8_diesel::{self, DieselConnectionManager}; -use diesel::PgConnection; - -use axum::{ - async_trait, - extract::{Extension, FromRequest, RequestParts}, - http::StatusCode, - routing::{get, post}, - AddExtensionLayer, Router, -}; - -async fn index_handler() -> &'static str { - "Hello, world!" -} - -type ConnectionPool = bb8::Pool<DieselConnectionManager<PgConnection>>; - -pub async fn app() -> Router { - let database_url = "postgresql://planetwars:planetwars@localhost/planetwars"; - let manager = DieselConnectionManager::<PgConnection>::new(database_url); - let pool = bb8::Pool::builder().build(manager).await.unwrap(); - - let app = Router::new() - .route("/", get(index_handler)) - .route("/users/register", post(routes::users::register)) - .route("/users/login", post(routes::users::login)) - .route("/users/me", get(routes::users::current_user)) - .route("/bots", post(routes::bots::create_bot)) - .route("/bots/:bot_id", get(routes::bots::get_bot)) - .route("/bots/:bot_id/upload", post(routes::bots::upload_bot_code)) - .layer(AddExtensionLayer::new(pool)); - app -} - -// we can also write a custom extractor that grabs a connection from the pool -// which setup is appropriate depends on your application -pub struct DatabaseConnection(PooledConnection<'static, DieselConnectionManager<PgConnection>>); - -impl Deref for DatabaseConnection { - type Target = PooledConnection<'static, DieselConnectionManager<PgConnection>>; - - fn deref(&self) -> &Self::Target { - &self.0 - } -} - -#[async_trait] -impl<B> FromRequest<B> for DatabaseConnection -where - B: Send, -{ - type Rejection = (StatusCode, String); - - async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> { - let Extension(pool) = Extension::<ConnectionPool>::from_request(req) - .await - .map_err(internal_error)?; - - let conn = pool.get_owned().await.map_err(internal_error)?; - - Ok(Self(conn)) - } -} - -/// Utility function for mapping any error into a `500 Internal Server Error` -/// response. -fn internal_error<E>(err: E) -> (StatusCode, String) -where - E: std::error::Error, -{ - (StatusCode::INTERNAL_SERVER_ERROR, err.to_string()) -} diff --git a/backend/src/main.rs b/backend/src/main.rs deleted file mode 100644 index c75aaf6..0000000 --- a/backend/src/main.rs +++ /dev/null @@ -1,16 +0,0 @@ -use std::net::SocketAddr; - -extern crate mozaic4_backend; -extern crate tokio; - -#[tokio::main] -async fn main() { - let app = mozaic4_backend::app().await; - - let addr = SocketAddr::from(([127, 0, 0, 1], 9000)); - - axum::Server::bind(&addr) - .serve(app.into_make_service()) - .await - .unwrap(); -} diff --git a/backend/src/routes/bots.rs b/backend/src/routes/bots.rs deleted file mode 100644 index da09669..0000000 --- a/backend/src/routes/bots.rs +++ /dev/null @@ -1,75 +0,0 @@ -use axum::extract::{Path, RawBody}; -use axum::http::StatusCode; -use axum::Json; -use rand::Rng; -use serde::{Deserialize, Serialize}; -use std::io::Cursor; -use std::path; - -use crate::db::bots::{self, CodeBundle}; -use crate::db::users::User; -use crate::DatabaseConnection; -use bots::Bot; - -#[derive(Serialize, Deserialize, Debug)] -pub struct BotParams { - name: String, -} - -pub async fn create_bot( - conn: DatabaseConnection, - user: User, - params: Json<BotParams>, -) -> (StatusCode, Json<Bot>) { - let bot_params = bots::NewBot { - owner_id: user.id, - name: ¶ms.name, - }; - let bot = bots::create_bot(&bot_params, &conn).unwrap(); - (StatusCode::CREATED, Json(bot)) -} - -// TODO: handle errors -pub async fn get_bot(conn: DatabaseConnection, Path(bot_id): Path<i32>) -> Json<Bot> { - let bot = bots::find_bot(bot_id, &conn).unwrap(); - Json(bot) -} - -// TODO: proper error handling -pub async fn upload_bot_code( - conn: DatabaseConnection, - user: User, - Path(bot_id): Path<i32>, - RawBody(body): RawBody, -) -> (StatusCode, Json<CodeBundle>) { - // TODO: put in config somewhere - let data_path = "./data/bots"; - - let bot = bots::find_bot(bot_id, &conn).expect("Bot not found"); - - assert_eq!(user.id, bot.owner_id); - - // generate a random filename - let token: [u8; 16] = rand::thread_rng().gen(); - let name = base64::encode(&token); - - let path = path::Path::new(data_path).join(name); - // let capped_buf = data.open(10usize.megabytes()).into_bytes().await.unwrap(); - // assert!(capped_buf.is_complete()); - // let buf = capped_buf.into_inner(); - let buf = hyper::body::to_bytes(body).await.unwrap(); - - zip::ZipArchive::new(Cursor::new(buf)) - .unwrap() - .extract(&path) - .unwrap(); - - let bundle = bots::NewCodeBundle { - bot_id: bot.id, - path: path.to_str().unwrap(), - }; - let code_bundle = - bots::create_code_bundle(&bundle, &conn).expect("Failed to create code bundle"); - - (StatusCode::CREATED, Json(code_bundle)) -} diff --git a/backend/src/routes/mod.rs b/backend/src/routes/mod.rs deleted file mode 100644 index 718d7ef..0000000 --- a/backend/src/routes/mod.rs +++ /dev/null @@ -1,2 +0,0 @@ -pub mod bots; -pub mod users; diff --git a/backend/src/routes/users.rs b/backend/src/routes/users.rs deleted file mode 100644 index fc77d7b..0000000 --- a/backend/src/routes/users.rs +++ /dev/null @@ -1,94 +0,0 @@ -use crate::db::users::{Credentials, User}; -use crate::db::{sessions, users}; -use crate::DatabaseConnection; -use axum::extract::{FromRequest, RequestParts, TypedHeader}; -use axum::headers::authorization::Bearer; -use axum::headers::Authorization; -use axum::http::StatusCode; -use axum::{async_trait, Json}; -use serde::{Deserialize, Serialize}; - -type AuthorizationHeader = TypedHeader<Authorization<Bearer>>; - -#[async_trait] -impl<B> FromRequest<B> for User -where - B: Send, -{ - type Rejection = (StatusCode, String); - - async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> { - let conn = DatabaseConnection::from_request(req).await?; - let TypedHeader(Authorization(bearer)) = AuthorizationHeader::from_request(req) - .await - .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - - let (_session, user) = sessions::find_user_by_session(bearer.token(), &conn) - .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - - Ok(user) - } -} - -#[derive(Serialize, Deserialize)] -pub struct UserData { - pub user_id: i32, - pub username: String, -} - -impl From<User> for UserData { - fn from(user: User) -> Self { - UserData { - user_id: user.id, - username: user.username, - } - } -} - -#[derive(Deserialize)] -pub struct RegistrationParams { - pub username: String, - pub password: String, -} - -pub async fn register( - conn: DatabaseConnection, - params: Json<RegistrationParams>, -) -> Json<UserData> { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - let user = users::create_user(&credentials, &conn).unwrap(); - Json(user.into()) -} - -#[derive(Deserialize)] -pub struct LoginParams { - pub username: String, - pub password: String, -} - -pub async fn login( - conn: DatabaseConnection, - params: Json<LoginParams>, -) -> Result<String, StatusCode> { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - // TODO: handle failures - let authenticated = users::authenticate_user(&credentials, &conn); - - match authenticated { - None => Err(StatusCode::FORBIDDEN), - Some(user) => { - let session = sessions::create_session(&user, &conn); - Ok(session.token) - } - } -} - -pub async fn current_user(user: User) -> Json<UserData> { - Json(user.into()) -} diff --git a/backend/src/schema.rs b/backend/src/schema.rs deleted file mode 100644 index bf58434..0000000 --- a/backend/src/schema.rs +++ /dev/null @@ -1,39 +0,0 @@ -table! { - bots (id) { - id -> Int4, - owner_id -> Int4, - name -> Text, - } -} - -table! { - code_bundles (id) { - id -> Int4, - bot_id -> Int4, - path -> Text, - created_at -> Timestamp, - } -} - -table! { - sessions (id) { - id -> Int4, - user_id -> Int4, - token -> Varchar, - } -} - -table! { - users (id) { - id -> Int4, - username -> Varchar, - password_salt -> Bytea, - password_hash -> Bytea, - } -} - -joinable!(bots -> users (owner_id)); -joinable!(code_bundles -> bots (bot_id)); -joinable!(sessions -> users (user_id)); - -allow_tables_to_appear_in_same_query!(bots, code_bundles, sessions, users,); |