aboutsummaryrefslogtreecommitdiff
path: root/backend/src/db/users.rs
diff options
context:
space:
mode:
Diffstat (limited to 'backend/src/db/users.rs')
-rw-r--r--backend/src/db/users.rs108
1 files changed, 0 insertions, 108 deletions
diff --git a/backend/src/db/users.rs b/backend/src/db/users.rs
deleted file mode 100644
index 663f173..0000000
--- a/backend/src/db/users.rs
+++ /dev/null
@@ -1,108 +0,0 @@
-use crate::schema::users;
-use argon2;
-use diesel::{prelude::*, PgConnection};
-use rand::Rng;
-use serde::{Deserialize, Serialize};
-
-#[derive(Debug, Deserialize)]
-pub struct Credentials<'a> {
- pub username: &'a str,
- pub password: &'a str,
-}
-
-#[derive(Insertable)]
-#[table_name = "users"]
-pub struct NewUser<'a> {
- pub username: &'a str,
- pub password_hash: &'a [u8],
- pub password_salt: &'a [u8],
-}
-
-#[derive(Queryable, Debug)]
-pub struct User {
- pub id: i32,
- pub username: String,
- pub password_salt: Vec<u8>,
- pub password_hash: Vec<u8>,
-}
-
-// TODO: make this configurable somewhere
-fn argon2_config() -> argon2::Config<'static> {
- argon2::Config {
- variant: argon2::Variant::Argon2i,
- version: argon2::Version::Version13,
- mem_cost: 4096,
- time_cost: 3,
- lanes: 1,
- thread_mode: argon2::ThreadMode::Sequential,
- // TODO: set a secret
- secret: &[],
- ad: &[],
- hash_length: 32,
- }
-}
-
-pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResult<User> {
- let argon_config = argon2_config();
-
- let salt: [u8; 32] = rand::thread_rng().gen();
- let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap();
- let new_user = NewUser {
- username: &credentials.username,
- password_salt: &salt,
- password_hash: &hash,
- };
- diesel::insert_into(users::table)
- .values(&new_user)
- .get_result::<User>(conn)
-}
-
-pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option<User> {
- users::table
- .filter(users::username.eq(&credentials.username))
- .first::<User>(db_conn)
- .optional()
- .unwrap()
- .and_then(|user| {
- let password_matches = argon2::verify_raw(
- credentials.password.as_bytes(),
- &user.password_salt,
- &user.password_hash,
- &argon2_config(),
- )
- .unwrap();
-
- if password_matches {
- return Some(user);
- } else {
- return None;
- }
- })
-}
-
-#[test]
-fn test_argon() {
- let credentials = Credentials {
- username: "piepkonijn",
- password: "geheim123",
- };
- let argon_config = argon2_config();
-
- let salt: [u8; 32] = rand::thread_rng().gen();
- let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap();
- let new_user = NewUser {
- username: &credentials.username,
- password_hash: &hash,
- password_salt: &salt,
- };
-
- let password_matches = argon2::verify_raw(
- credentials.password.as_bytes(),
- &new_user.password_salt,
- &new_user.password_hash,
- &argon2_config(),
- )
- .unwrap();
-
- assert!(password_matches);
-}