From 3edf5d60f54bfd0cd2c818e5fb1ca133e324325d Mon Sep 17 00:00:00 2001 From: Ilion Beyst Date: Thu, 30 Dec 2021 11:45:59 +0100 Subject: rename to planetwars-server --- backend/Cargo.toml | 26 ----- backend/Rocket.toml | 2 - backend/diesel.toml | 5 - backend/migrations/.gitkeep | 0 .../00000000000000_diesel_initial_setup/down.sql | 6 -- .../00000000000000_diesel_initial_setup/up.sql | 36 ------- .../migrations/2021-12-13-145111_users/down.sql | 2 - backend/migrations/2021-12-13-145111_users/up.sql | 8 -- .../migrations/2021-12-13-151129_sessions/down.sql | 1 - .../migrations/2021-12-13-151129_sessions/up.sql | 5 - backend/migrations/2021-12-18-130837_bots/down.sql | 3 - backend/migrations/2021-12-18-130837_bots/up.sql | 14 --- backend/src/db/bots.rs | 53 ---------- backend/src/db/mod.rs | 3 - backend/src/db/sessions.rs | 46 --------- backend/src/db/users.rs | 108 --------------------- backend/src/lib.rs | 85 ---------------- backend/src/main.rs | 16 --- backend/src/routes/bots.rs | 75 -------------- backend/src/routes/mod.rs | 2 - backend/src/routes/users.rs | 94 ------------------ backend/src/schema.rs | 39 -------- backend/tests/bots.rs | 98 ------------------- backend/tests/login.rs | 61 ------------ backend/tests/util/mod.rs | 59 ----------- planetwars-server/Cargo.toml | 26 +++++ planetwars-server/Rocket.toml | 2 + planetwars-server/diesel.toml | 5 + planetwars-server/migrations/.gitkeep | 0 .../00000000000000_diesel_initial_setup/down.sql | 6 ++ .../00000000000000_diesel_initial_setup/up.sql | 36 +++++++ .../migrations/2021-12-13-145111_users/down.sql | 2 + .../migrations/2021-12-13-145111_users/up.sql | 8 ++ .../migrations/2021-12-13-151129_sessions/down.sql | 1 + .../migrations/2021-12-13-151129_sessions/up.sql | 5 + .../migrations/2021-12-18-130837_bots/down.sql | 3 + .../migrations/2021-12-18-130837_bots/up.sql | 14 +++ planetwars-server/src/db/bots.rs | 53 ++++++++++ planetwars-server/src/db/mod.rs | 3 + planetwars-server/src/db/sessions.rs | 46 +++++++++ planetwars-server/src/db/users.rs | 108 +++++++++++++++++++++ planetwars-server/src/lib.rs | 85 ++++++++++++++++ planetwars-server/src/main.rs | 16 +++ planetwars-server/src/routes/bots.rs | 75 ++++++++++++++ planetwars-server/src/routes/mod.rs | 2 + planetwars-server/src/routes/users.rs | 94 ++++++++++++++++++ planetwars-server/src/schema.rs | 39 ++++++++ 47 files changed, 629 insertions(+), 847 deletions(-) delete mode 100644 backend/Cargo.toml delete mode 100644 backend/Rocket.toml delete mode 100644 backend/diesel.toml delete mode 100644 backend/migrations/.gitkeep delete mode 100644 backend/migrations/00000000000000_diesel_initial_setup/down.sql delete mode 100644 backend/migrations/00000000000000_diesel_initial_setup/up.sql delete mode 100644 backend/migrations/2021-12-13-145111_users/down.sql delete mode 100644 backend/migrations/2021-12-13-145111_users/up.sql delete mode 100644 backend/migrations/2021-12-13-151129_sessions/down.sql delete mode 100644 backend/migrations/2021-12-13-151129_sessions/up.sql delete mode 100644 backend/migrations/2021-12-18-130837_bots/down.sql delete mode 100644 backend/migrations/2021-12-18-130837_bots/up.sql delete mode 100644 backend/src/db/bots.rs delete mode 100644 backend/src/db/mod.rs delete mode 100644 backend/src/db/sessions.rs delete mode 100644 backend/src/db/users.rs delete mode 100644 backend/src/lib.rs delete mode 100644 backend/src/main.rs delete mode 100644 backend/src/routes/bots.rs delete mode 100644 backend/src/routes/mod.rs delete mode 100644 backend/src/routes/users.rs delete mode 100644 backend/src/schema.rs delete mode 100644 backend/tests/bots.rs delete mode 100644 backend/tests/login.rs delete mode 100644 backend/tests/util/mod.rs create mode 100644 planetwars-server/Cargo.toml create mode 100644 planetwars-server/Rocket.toml create mode 100644 planetwars-server/diesel.toml create mode 100644 planetwars-server/migrations/.gitkeep create mode 100644 planetwars-server/migrations/00000000000000_diesel_initial_setup/down.sql create mode 100644 planetwars-server/migrations/00000000000000_diesel_initial_setup/up.sql create mode 100644 planetwars-server/migrations/2021-12-13-145111_users/down.sql create mode 100644 planetwars-server/migrations/2021-12-13-145111_users/up.sql create mode 100644 planetwars-server/migrations/2021-12-13-151129_sessions/down.sql create mode 100644 planetwars-server/migrations/2021-12-13-151129_sessions/up.sql create mode 100644 planetwars-server/migrations/2021-12-18-130837_bots/down.sql create mode 100644 planetwars-server/migrations/2021-12-18-130837_bots/up.sql create mode 100644 planetwars-server/src/db/bots.rs create mode 100644 planetwars-server/src/db/mod.rs create mode 100644 planetwars-server/src/db/sessions.rs create mode 100644 planetwars-server/src/db/users.rs create mode 100644 planetwars-server/src/lib.rs create mode 100644 planetwars-server/src/main.rs create mode 100644 planetwars-server/src/routes/bots.rs create mode 100644 planetwars-server/src/routes/mod.rs create mode 100644 planetwars-server/src/routes/users.rs create mode 100644 planetwars-server/src/schema.rs diff --git a/backend/Cargo.toml b/backend/Cargo.toml deleted file mode 100644 index de98df7..0000000 --- a/backend/Cargo.toml +++ /dev/null @@ -1,26 +0,0 @@ -[package] -name = "mozaic4-backend" -version = "0.0.0" -edition = "2021" - -# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html - -[dependencies] -tokio = { version = "1.15", features = ["full"] } -hyper = "0.14" -axum = { version = "0.4", features = ["json", "headers"] } -diesel = { version = "1.4.4", features = ["postgres", "chrono"] } -bb8 = "0.7" -bb8-diesel = "0.2" -dotenv = "0.15.0" -rust-argon2 = "0.8" -rand = "0.8.4" -serde = { version = "1.0", features = ["derive"] } -serde_bytes = "0.11" -chrono = { version = "0.4", features = ["serde"] } -serde_json = "1.0" -base64 = "0.13.0" -zip = "0.5" - -[dev-dependencies] -parking_lot = "0.11" \ No newline at end of file diff --git a/backend/Rocket.toml b/backend/Rocket.toml deleted file mode 100644 index 40635de..0000000 --- a/backend/Rocket.toml +++ /dev/null @@ -1,2 +0,0 @@ -[debug.databases.postgresql_database] -url = "postgresql://planetwars:planetwars@localhost/planetwars" \ No newline at end of file diff --git a/backend/diesel.toml b/backend/diesel.toml deleted file mode 100644 index 92267c8..0000000 --- a/backend/diesel.toml +++ /dev/null @@ -1,5 +0,0 @@ -# For documentation on how to configure this file, -# see diesel.rs/guides/configuring-diesel-cli - -[print_schema] -file = "src/schema.rs" diff --git a/backend/migrations/.gitkeep b/backend/migrations/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/backend/migrations/00000000000000_diesel_initial_setup/down.sql b/backend/migrations/00000000000000_diesel_initial_setup/down.sql deleted file mode 100644 index a9f5260..0000000 --- a/backend/migrations/00000000000000_diesel_initial_setup/down.sql +++ /dev/null @@ -1,6 +0,0 @@ --- This file was automatically created by Diesel to setup helper functions --- and other internal bookkeeping. This file is safe to edit, any future --- changes will be added to existing projects as new migrations. - -DROP FUNCTION IF EXISTS diesel_manage_updated_at(_tbl regclass); -DROP FUNCTION IF EXISTS diesel_set_updated_at(); diff --git a/backend/migrations/00000000000000_diesel_initial_setup/up.sql b/backend/migrations/00000000000000_diesel_initial_setup/up.sql deleted file mode 100644 index d68895b..0000000 --- a/backend/migrations/00000000000000_diesel_initial_setup/up.sql +++ /dev/null @@ -1,36 +0,0 @@ --- This file was automatically created by Diesel to setup helper functions --- and other internal bookkeeping. This file is safe to edit, any future --- changes will be added to existing projects as new migrations. - - - - --- Sets up a trigger for the given table to automatically set a column called --- `updated_at` whenever the row is modified (unless `updated_at` was included --- in the modified columns) --- --- # Example --- --- ```sql --- CREATE TABLE users (id SERIAL PRIMARY KEY, updated_at TIMESTAMP NOT NULL DEFAULT NOW()); --- --- SELECT diesel_manage_updated_at('users'); --- ``` -CREATE OR REPLACE FUNCTION diesel_manage_updated_at(_tbl regclass) RETURNS VOID AS $$ -BEGIN - EXECUTE format('CREATE TRIGGER set_updated_at BEFORE UPDATE ON %s - FOR EACH ROW EXECUTE PROCEDURE diesel_set_updated_at()', _tbl); -END; -$$ LANGUAGE plpgsql; - -CREATE OR REPLACE FUNCTION diesel_set_updated_at() RETURNS trigger AS $$ -BEGIN - IF ( - NEW IS DISTINCT FROM OLD AND - NEW.updated_at IS NOT DISTINCT FROM OLD.updated_at - ) THEN - NEW.updated_at := current_timestamp; - END IF; - RETURN NEW; -END; -$$ LANGUAGE plpgsql; diff --git a/backend/migrations/2021-12-13-145111_users/down.sql b/backend/migrations/2021-12-13-145111_users/down.sql deleted file mode 100644 index 49285a1..0000000 --- a/backend/migrations/2021-12-13-145111_users/down.sql +++ /dev/null @@ -1,2 +0,0 @@ -DROP INDEX users_username_index -DROP TABLE users; \ No newline at end of file diff --git a/backend/migrations/2021-12-13-145111_users/up.sql b/backend/migrations/2021-12-13-145111_users/up.sql deleted file mode 100644 index f35e718..0000000 --- a/backend/migrations/2021-12-13-145111_users/up.sql +++ /dev/null @@ -1,8 +0,0 @@ -CREATE TABLE users( - id SERIAL PRIMARY KEY, - username VARCHAR(52) NOT NULL, - password_salt BYTEA NOT NULL, - password_hash BYTEA NOT NULL -); - -CREATE UNIQUE INDEX users_username_index ON users(username); \ No newline at end of file diff --git a/backend/migrations/2021-12-13-151129_sessions/down.sql b/backend/migrations/2021-12-13-151129_sessions/down.sql deleted file mode 100644 index 54d1e93..0000000 --- a/backend/migrations/2021-12-13-151129_sessions/down.sql +++ /dev/null @@ -1 +0,0 @@ -DROP TABLE sessions; \ No newline at end of file diff --git a/backend/migrations/2021-12-13-151129_sessions/up.sql b/backend/migrations/2021-12-13-151129_sessions/up.sql deleted file mode 100644 index f8ec21b..0000000 --- a/backend/migrations/2021-12-13-151129_sessions/up.sql +++ /dev/null @@ -1,5 +0,0 @@ -CREATE TABLE sessions ( - id serial PRIMARY KEY, - user_id integer REFERENCES users(id) NOT NULL, - token VARCHAR(255) NOT NULL UNIQUE -) \ No newline at end of file diff --git a/backend/migrations/2021-12-18-130837_bots/down.sql b/backend/migrations/2021-12-18-130837_bots/down.sql deleted file mode 100644 index 3d14604..0000000 --- a/backend/migrations/2021-12-18-130837_bots/down.sql +++ /dev/null @@ -1,3 +0,0 @@ -DROP TABLE code_bundles; -DROP INDEX bots_index; -DROP TABLE bots; \ No newline at end of file diff --git a/backend/migrations/2021-12-18-130837_bots/up.sql b/backend/migrations/2021-12-18-130837_bots/up.sql deleted file mode 100644 index 27f3582..0000000 --- a/backend/migrations/2021-12-18-130837_bots/up.sql +++ /dev/null @@ -1,14 +0,0 @@ -CREATE TABLE bots ( - id serial PRIMARY KEY, - owner_id integer REFERENCES users(id) NOT NULL, - name text NOT NULL -); - -CREATE UNIQUE INDEX bots_index ON bots(owner_id, name); - -CREATE TABLE code_bundles ( - id serial PRIMARY KEY, - bot_id integer REFERENCES bots(id) NOT NULL, - path text NOT NULL, - created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP -); \ No newline at end of file diff --git a/backend/src/db/bots.rs b/backend/src/db/bots.rs deleted file mode 100644 index bc9cb11..0000000 --- a/backend/src/db/bots.rs +++ /dev/null @@ -1,53 +0,0 @@ -use diesel::prelude::*; -use serde::{Deserialize, Serialize}; - -use crate::schema::{bots, code_bundles}; -use chrono; - -#[derive(Insertable)] -#[table_name = "bots"] -pub struct NewBot<'a> { - pub owner_id: i32, - pub name: &'a str, -} - -#[derive(Queryable, Debug, PartialEq, Serialize, Deserialize)] -pub struct Bot { - pub id: i32, - pub owner_id: i32, - pub name: String, -} - -pub fn create_bot(new_bot: &NewBot, conn: &PgConnection) -> QueryResult { - diesel::insert_into(bots::table) - .values(new_bot) - .get_result(conn) -} - -pub fn find_bot(id: i32, conn: &PgConnection) -> QueryResult { - bots::table.find(id).first(conn) -} - -#[derive(Insertable)] -#[table_name = "code_bundles"] -pub struct NewCodeBundle<'a> { - pub bot_id: i32, - pub path: &'a str, -} - -#[derive(Queryable, Serialize, Deserialize, Debug)] -pub struct CodeBundle { - pub id: i32, - pub bot_id: i32, - pub path: String, - pub created_at: chrono::NaiveDateTime, -} - -pub fn create_code_bundle( - new_code_bundle: &NewCodeBundle, - conn: &PgConnection, -) -> QueryResult { - diesel::insert_into(code_bundles::table) - .values(new_code_bundle) - .get_result(conn) -} diff --git a/backend/src/db/mod.rs b/backend/src/db/mod.rs deleted file mode 100644 index 947b789..0000000 --- a/backend/src/db/mod.rs +++ /dev/null @@ -1,3 +0,0 @@ -pub mod bots; -pub mod sessions; -pub mod users; diff --git a/backend/src/db/sessions.rs b/backend/src/db/sessions.rs deleted file mode 100644 index 96f3926..0000000 --- a/backend/src/db/sessions.rs +++ /dev/null @@ -1,46 +0,0 @@ -use super::users::User; -use crate::schema::{sessions, users}; -use base64; -use diesel::PgConnection; -use diesel::{insert_into, prelude::*, Insertable, RunQueryDsl}; -use rand::{self, Rng}; - -#[derive(Insertable)] -#[table_name = "sessions"] -struct NewSession { - token: String, - user_id: i32, -} - -#[derive(Queryable, Debug, PartialEq)] -pub struct Session { - pub id: i32, - pub user_id: i32, - pub token: String, -} - -pub fn create_session(user: &User, conn: &PgConnection) -> Session { - let new_session = NewSession { - token: gen_session_token(), - user_id: user.id, - }; - let session = insert_into(sessions::table) - .values(&new_session) - .get_result::(conn) - .unwrap(); - - return session; -} - -pub fn find_user_by_session(token: &str, conn: &PgConnection) -> QueryResult<(Session, User)> { - sessions::table - .inner_join(users::table) - .filter(sessions::token.eq(&token)) - .first::<(Session, User)>(conn) -} - -pub fn gen_session_token() -> String { - let mut rng = rand::thread_rng(); - let token: [u8; 32] = rng.gen(); - return base64::encode(&token); -} diff --git a/backend/src/db/users.rs b/backend/src/db/users.rs deleted file mode 100644 index 663f173..0000000 --- a/backend/src/db/users.rs +++ /dev/null @@ -1,108 +0,0 @@ -use crate::schema::users; -use argon2; -use diesel::{prelude::*, PgConnection}; -use rand::Rng; -use serde::{Deserialize, Serialize}; - -#[derive(Debug, Deserialize)] -pub struct Credentials<'a> { - pub username: &'a str, - pub password: &'a str, -} - -#[derive(Insertable)] -#[table_name = "users"] -pub struct NewUser<'a> { - pub username: &'a str, - pub password_hash: &'a [u8], - pub password_salt: &'a [u8], -} - -#[derive(Queryable, Debug)] -pub struct User { - pub id: i32, - pub username: String, - pub password_salt: Vec, - pub password_hash: Vec, -} - -// TODO: make this configurable somewhere -fn argon2_config() -> argon2::Config<'static> { - argon2::Config { - variant: argon2::Variant::Argon2i, - version: argon2::Version::Version13, - mem_cost: 4096, - time_cost: 3, - lanes: 1, - thread_mode: argon2::ThreadMode::Sequential, - // TODO: set a secret - secret: &[], - ad: &[], - hash_length: 32, - } -} - -pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResult { - let argon_config = argon2_config(); - - let salt: [u8; 32] = rand::thread_rng().gen(); - let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); - let new_user = NewUser { - username: &credentials.username, - password_salt: &salt, - password_hash: &hash, - }; - diesel::insert_into(users::table) - .values(&new_user) - .get_result::(conn) -} - -pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option { - users::table - .filter(users::username.eq(&credentials.username)) - .first::(db_conn) - .optional() - .unwrap() - .and_then(|user| { - let password_matches = argon2::verify_raw( - credentials.password.as_bytes(), - &user.password_salt, - &user.password_hash, - &argon2_config(), - ) - .unwrap(); - - if password_matches { - return Some(user); - } else { - return None; - } - }) -} - -#[test] -fn test_argon() { - let credentials = Credentials { - username: "piepkonijn", - password: "geheim123", - }; - let argon_config = argon2_config(); - - let salt: [u8; 32] = rand::thread_rng().gen(); - let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); - let new_user = NewUser { - username: &credentials.username, - password_hash: &hash, - password_salt: &salt, - }; - - let password_matches = argon2::verify_raw( - credentials.password.as_bytes(), - &new_user.password_salt, - &new_user.password_hash, - &argon2_config(), - ) - .unwrap(); - - assert!(password_matches); -} diff --git a/backend/src/lib.rs b/backend/src/lib.rs deleted file mode 100644 index 665523f..0000000 --- a/backend/src/lib.rs +++ /dev/null @@ -1,85 +0,0 @@ -#![feature(proc_macro_hygiene, decl_macro)] - -#[macro_use] -extern crate diesel; - -pub mod db; -pub mod routes; -pub mod schema; - -use std::ops::Deref; - -use axum; -use bb8::PooledConnection; -use bb8_diesel::{self, DieselConnectionManager}; -use diesel::PgConnection; - -use axum::{ - async_trait, - extract::{Extension, FromRequest, RequestParts}, - http::StatusCode, - routing::{get, post}, - AddExtensionLayer, Router, -}; - -async fn index_handler() -> &'static str { - "Hello, world!" -} - -type ConnectionPool = bb8::Pool>; - -pub async fn app() -> Router { - let database_url = "postgresql://planetwars:planetwars@localhost/planetwars"; - let manager = DieselConnectionManager::::new(database_url); - let pool = bb8::Pool::builder().build(manager).await.unwrap(); - - let app = Router::new() - .route("/", get(index_handler)) - .route("/users/register", post(routes::users::register)) - .route("/users/login", post(routes::users::login)) - .route("/users/me", get(routes::users::current_user)) - .route("/bots", post(routes::bots::create_bot)) - .route("/bots/:bot_id", get(routes::bots::get_bot)) - .route("/bots/:bot_id/upload", post(routes::bots::upload_bot_code)) - .layer(AddExtensionLayer::new(pool)); - app -} - -// we can also write a custom extractor that grabs a connection from the pool -// which setup is appropriate depends on your application -pub struct DatabaseConnection(PooledConnection<'static, DieselConnectionManager>); - -impl Deref for DatabaseConnection { - type Target = PooledConnection<'static, DieselConnectionManager>; - - fn deref(&self) -> &Self::Target { - &self.0 - } -} - -#[async_trait] -impl FromRequest for DatabaseConnection -where - B: Send, -{ - type Rejection = (StatusCode, String); - - async fn from_request(req: &mut RequestParts) -> Result { - let Extension(pool) = Extension::::from_request(req) - .await - .map_err(internal_error)?; - - let conn = pool.get_owned().await.map_err(internal_error)?; - - Ok(Self(conn)) - } -} - -/// Utility function for mapping any error into a `500 Internal Server Error` -/// response. -fn internal_error(err: E) -> (StatusCode, String) -where - E: std::error::Error, -{ - (StatusCode::INTERNAL_SERVER_ERROR, err.to_string()) -} diff --git a/backend/src/main.rs b/backend/src/main.rs deleted file mode 100644 index c75aaf6..0000000 --- a/backend/src/main.rs +++ /dev/null @@ -1,16 +0,0 @@ -use std::net::SocketAddr; - -extern crate mozaic4_backend; -extern crate tokio; - -#[tokio::main] -async fn main() { - let app = mozaic4_backend::app().await; - - let addr = SocketAddr::from(([127, 0, 0, 1], 9000)); - - axum::Server::bind(&addr) - .serve(app.into_make_service()) - .await - .unwrap(); -} diff --git a/backend/src/routes/bots.rs b/backend/src/routes/bots.rs deleted file mode 100644 index da09669..0000000 --- a/backend/src/routes/bots.rs +++ /dev/null @@ -1,75 +0,0 @@ -use axum::extract::{Path, RawBody}; -use axum::http::StatusCode; -use axum::Json; -use rand::Rng; -use serde::{Deserialize, Serialize}; -use std::io::Cursor; -use std::path; - -use crate::db::bots::{self, CodeBundle}; -use crate::db::users::User; -use crate::DatabaseConnection; -use bots::Bot; - -#[derive(Serialize, Deserialize, Debug)] -pub struct BotParams { - name: String, -} - -pub async fn create_bot( - conn: DatabaseConnection, - user: User, - params: Json, -) -> (StatusCode, Json) { - let bot_params = bots::NewBot { - owner_id: user.id, - name: ¶ms.name, - }; - let bot = bots::create_bot(&bot_params, &conn).unwrap(); - (StatusCode::CREATED, Json(bot)) -} - -// TODO: handle errors -pub async fn get_bot(conn: DatabaseConnection, Path(bot_id): Path) -> Json { - let bot = bots::find_bot(bot_id, &conn).unwrap(); - Json(bot) -} - -// TODO: proper error handling -pub async fn upload_bot_code( - conn: DatabaseConnection, - user: User, - Path(bot_id): Path, - RawBody(body): RawBody, -) -> (StatusCode, Json) { - // TODO: put in config somewhere - let data_path = "./data/bots"; - - let bot = bots::find_bot(bot_id, &conn).expect("Bot not found"); - - assert_eq!(user.id, bot.owner_id); - - // generate a random filename - let token: [u8; 16] = rand::thread_rng().gen(); - let name = base64::encode(&token); - - let path = path::Path::new(data_path).join(name); - // let capped_buf = data.open(10usize.megabytes()).into_bytes().await.unwrap(); - // assert!(capped_buf.is_complete()); - // let buf = capped_buf.into_inner(); - let buf = hyper::body::to_bytes(body).await.unwrap(); - - zip::ZipArchive::new(Cursor::new(buf)) - .unwrap() - .extract(&path) - .unwrap(); - - let bundle = bots::NewCodeBundle { - bot_id: bot.id, - path: path.to_str().unwrap(), - }; - let code_bundle = - bots::create_code_bundle(&bundle, &conn).expect("Failed to create code bundle"); - - (StatusCode::CREATED, Json(code_bundle)) -} diff --git a/backend/src/routes/mod.rs b/backend/src/routes/mod.rs deleted file mode 100644 index 718d7ef..0000000 --- a/backend/src/routes/mod.rs +++ /dev/null @@ -1,2 +0,0 @@ -pub mod bots; -pub mod users; diff --git a/backend/src/routes/users.rs b/backend/src/routes/users.rs deleted file mode 100644 index fc77d7b..0000000 --- a/backend/src/routes/users.rs +++ /dev/null @@ -1,94 +0,0 @@ -use crate::db::users::{Credentials, User}; -use crate::db::{sessions, users}; -use crate::DatabaseConnection; -use axum::extract::{FromRequest, RequestParts, TypedHeader}; -use axum::headers::authorization::Bearer; -use axum::headers::Authorization; -use axum::http::StatusCode; -use axum::{async_trait, Json}; -use serde::{Deserialize, Serialize}; - -type AuthorizationHeader = TypedHeader>; - -#[async_trait] -impl FromRequest for User -where - B: Send, -{ - type Rejection = (StatusCode, String); - - async fn from_request(req: &mut RequestParts) -> Result { - let conn = DatabaseConnection::from_request(req).await?; - let TypedHeader(Authorization(bearer)) = AuthorizationHeader::from_request(req) - .await - .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - - let (_session, user) = sessions::find_user_by_session(bearer.token(), &conn) - .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - - Ok(user) - } -} - -#[derive(Serialize, Deserialize)] -pub struct UserData { - pub user_id: i32, - pub username: String, -} - -impl From for UserData { - fn from(user: User) -> Self { - UserData { - user_id: user.id, - username: user.username, - } - } -} - -#[derive(Deserialize)] -pub struct RegistrationParams { - pub username: String, - pub password: String, -} - -pub async fn register( - conn: DatabaseConnection, - params: Json, -) -> Json { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - let user = users::create_user(&credentials, &conn).unwrap(); - Json(user.into()) -} - -#[derive(Deserialize)] -pub struct LoginParams { - pub username: String, - pub password: String, -} - -pub async fn login( - conn: DatabaseConnection, - params: Json, -) -> Result { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - // TODO: handle failures - let authenticated = users::authenticate_user(&credentials, &conn); - - match authenticated { - None => Err(StatusCode::FORBIDDEN), - Some(user) => { - let session = sessions::create_session(&user, &conn); - Ok(session.token) - } - } -} - -pub async fn current_user(user: User) -> Json { - Json(user.into()) -} diff --git a/backend/src/schema.rs b/backend/src/schema.rs deleted file mode 100644 index bf58434..0000000 --- a/backend/src/schema.rs +++ /dev/null @@ -1,39 +0,0 @@ -table! { - bots (id) { - id -> Int4, - owner_id -> Int4, - name -> Text, - } -} - -table! { - code_bundles (id) { - id -> Int4, - bot_id -> Int4, - path -> Text, - created_at -> Timestamp, - } -} - -table! { - sessions (id) { - id -> Int4, - user_id -> Int4, - token -> Varchar, - } -} - -table! { - users (id) { - id -> Int4, - username -> Varchar, - password_salt -> Bytea, - password_hash -> Bytea, - } -} - -joinable!(bots -> users (owner_id)); -joinable!(code_bundles -> bots (bot_id)); -joinable!(sessions -> users (user_id)); - -allow_tables_to_appear_in_same_query!(bots, code_bundles, sessions, users,); diff --git a/backend/tests/bots.rs b/backend/tests/bots.rs deleted file mode 100644 index fe81712..0000000 --- a/backend/tests/bots.rs +++ /dev/null @@ -1,98 +0,0 @@ -#![feature(async_closure)] -extern crate mozaic4_backend; -extern crate zip; - -use rocket::http::{ContentType, Status}; - -mod util; -use mozaic4_backend::db::{bots, sessions, users}; -use mozaic4_backend::DbConn; -use sessions::Session; -use users::{Credentials, User}; -use util::{run_test, BearerAuth}; - -async fn user_with_session(conn: &DbConn) -> (User, Session) { - conn.run(|conn| { - let credentials = Credentials { - username: "piepkonijn", - password: "geheim123", - }; - let user = users::create_user(&credentials, conn).unwrap(); - let session = sessions::create_session(&user, conn); - (user, session) - }) - .await -} - -#[rocket::async_test] -async fn test_bot_create() { - run_test(async move |client, conn| { - let (user, session) = user_with_session(&conn).await; - - let response = client - .post("/bots") - .header(BearerAuth::new(session.token.clone())) - .header(ContentType::JSON) - .body( - r#"{ - "name": "testbot" - }"#, - ) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Created); - assert_eq!(response.content_type(), Some(ContentType::JSON)); - - let resp_text = response.into_string().await.unwrap(); - let json: serde_json::Value = serde_json::from_str(&resp_text).unwrap(); - assert_eq!(json["name"], "testbot"); - assert_eq!(json["owner_id"], user.id); - }) - .await -} - -// create an example zipfile for bot upload -fn create_zip() -> std::io::Result> { - use std::io::Write; - use zip::write::FileOptions; - - let cursor = std::io::Cursor::new(Vec::new()); - let mut zip = zip::ZipWriter::new(cursor); - - zip.start_file("test.txt", FileOptions::default())?; - zip.write_all(b"sup brudi")?; - let buf = zip.finish()?; - Ok(buf.into_inner()) -} - -#[rocket::async_test] -async fn test_bot_upload() { - run_test(async move |client, conn| { - let (user, session) = user_with_session(&conn).await; - - let owner_id = user.id; - let bot = conn - .run(move |conn| { - let new_bot = bots::NewBot { - name: "testbot", - owner_id: owner_id, - }; - bots::create_bot(&new_bot, conn).unwrap() - }) - .await; - - let zip_file = create_zip().unwrap(); - - let response = client - .post(format!("/bots/{}/upload", bot.id)) - .header(BearerAuth::new(session.token.clone())) - .header(ContentType::JSON) - .body(zip_file) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Created); - }) - .await -} diff --git a/backend/tests/login.rs b/backend/tests/login.rs deleted file mode 100644 index 60c5d6f..0000000 --- a/backend/tests/login.rs +++ /dev/null @@ -1,61 +0,0 @@ -#![feature(async_closure)] -extern crate mozaic4_backend; - -use rocket::http::{ContentType, Status}; - -mod util; -use util::run_test; - -#[rocket::async_test] -async fn test_registration() { - run_test(async move |client, _conn| { - let response = client - .post("/register") - .header(ContentType::JSON) - .body(r#"{"username": "piepkonijn", "password": "geheim123"}"#) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Ok); - assert_eq!(response.content_type(), Some(ContentType::JSON)); - - let response = client - .post("/login") - .header(ContentType::JSON) - .body(r#"{"username": "piepkonijn", "password": "geheim123"}"#) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Ok); - let token = response.into_string().await.unwrap(); - - let response = client - .get("/users/me") - .header(util::BearerAuth::new(token)) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Ok); - assert_eq!(response.content_type(), Some(ContentType::JSON)); - let resp = response.into_string().await.unwrap(); - let json: serde_json::Value = serde_json::from_str(&resp).unwrap(); - assert_eq!(json["username"], "piepkonijn"); - }) - .await -} - -#[rocket::async_test] -async fn test_reject_invalid_credentials() { - run_test(async move |client, _conn| { - let response = client - .post("/login") - .header(ContentType::JSON) - .body(r#"{"username": "piepkonijn", "password": "letmeinplease"}"#) - .dispatch() - .await; - - assert_eq!(response.status(), Status::Forbidden); - // assert_eq!(response.content_type(), Some(ContentType::JSON)); - }) - .await -} diff --git a/backend/tests/util/mod.rs b/backend/tests/util/mod.rs deleted file mode 100644 index f34e9f3..0000000 --- a/backend/tests/util/mod.rs +++ /dev/null @@ -1,59 +0,0 @@ -use std::future::Future; - -use diesel::RunQueryDsl; -use mozaic4_backend::DbConn; -use rocket::{http::Header, local::asynchronous::Client}; - -// We use a lock to synchronize between tests so DB operations don't collide. -// For now. In the future, we'll have a nice way to run each test in a DB -// transaction so we can regain concurrency. -static DB_LOCK: parking_lot::Mutex<()> = parking_lot::const_mutex(()); - -async fn reset_db(db: &DbConn) { - db.run(|conn| { - diesel::sql_query( - r#" - TRUNCATE TABLE users, sessions, - bots, code_bundles"#, - ) - .execute(conn) - .expect("drop all tables"); - }) - .await -} - -pub async fn run_test(test_closure: F) -where - F: FnOnce(Client, DbConn) -> R, - R: Future, -{ - let _lock = DB_LOCK.lock(); - - let client = Client::untracked(mozaic4_backend::rocket()) - .await - .expect("failed to create test client"); - let db = mozaic4_backend::DbConn::get_one(client.rocket()) - .await - .expect("failed to get db connection"); - - // make sure we start with a clean DB - reset_db(&db).await; - - test_closure(client, db).await; -} - -pub struct BearerAuth { - token: String, -} - -impl BearerAuth { - pub fn new(token: String) -> Self { - Self { token } - } -} - -impl<'a> Into> for BearerAuth { - fn into(self) -> Header<'a> { - Header::new("Authorization", format!("Bearer {}", self.token)) - } -} diff --git a/planetwars-server/Cargo.toml b/planetwars-server/Cargo.toml new file mode 100644 index 0000000..8fb7693 --- /dev/null +++ b/planetwars-server/Cargo.toml @@ -0,0 +1,26 @@ +[package] +name = "planetwars-server" +version = "0.0.0" +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +tokio = { version = "1.15", features = ["full"] } +hyper = "0.14" +axum = { version = "0.4", features = ["json", "headers"] } +diesel = { version = "1.4.4", features = ["postgres", "chrono"] } +bb8 = "0.7" +bb8-diesel = "0.2" +dotenv = "0.15.0" +rust-argon2 = "0.8" +rand = "0.8.4" +serde = { version = "1.0", features = ["derive"] } +serde_bytes = "0.11" +chrono = { version = "0.4", features = ["serde"] } +serde_json = "1.0" +base64 = "0.13.0" +zip = "0.5" + +[dev-dependencies] +parking_lot = "0.11" \ No newline at end of file diff --git a/planetwars-server/Rocket.toml b/planetwars-server/Rocket.toml new file mode 100644 index 0000000..40635de --- /dev/null +++ b/planetwars-server/Rocket.toml @@ -0,0 +1,2 @@ +[debug.databases.postgresql_database] +url = "postgresql://planetwars:planetwars@localhost/planetwars" \ No newline at end of file diff --git a/planetwars-server/diesel.toml b/planetwars-server/diesel.toml new file mode 100644 index 0000000..92267c8 --- /dev/null +++ b/planetwars-server/diesel.toml @@ -0,0 +1,5 @@ +# For documentation on how to configure this file, +# see diesel.rs/guides/configuring-diesel-cli + +[print_schema] +file = "src/schema.rs" diff --git a/planetwars-server/migrations/.gitkeep b/planetwars-server/migrations/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/planetwars-server/migrations/00000000000000_diesel_initial_setup/down.sql b/planetwars-server/migrations/00000000000000_diesel_initial_setup/down.sql new file mode 100644 index 0000000..a9f5260 --- /dev/null +++ b/planetwars-server/migrations/00000000000000_diesel_initial_setup/down.sql @@ -0,0 +1,6 @@ +-- This file was automatically created by Diesel to setup helper functions +-- and other internal bookkeeping. This file is safe to edit, any future +-- changes will be added to existing projects as new migrations. + +DROP FUNCTION IF EXISTS diesel_manage_updated_at(_tbl regclass); +DROP FUNCTION IF EXISTS diesel_set_updated_at(); diff --git a/planetwars-server/migrations/00000000000000_diesel_initial_setup/up.sql b/planetwars-server/migrations/00000000000000_diesel_initial_setup/up.sql new file mode 100644 index 0000000..d68895b --- /dev/null +++ b/planetwars-server/migrations/00000000000000_diesel_initial_setup/up.sql @@ -0,0 +1,36 @@ +-- This file was automatically created by Diesel to setup helper functions +-- and other internal bookkeeping. This file is safe to edit, any future +-- changes will be added to existing projects as new migrations. + + + + +-- Sets up a trigger for the given table to automatically set a column called +-- `updated_at` whenever the row is modified (unless `updated_at` was included +-- in the modified columns) +-- +-- # Example +-- +-- ```sql +-- CREATE TABLE users (id SERIAL PRIMARY KEY, updated_at TIMESTAMP NOT NULL DEFAULT NOW()); +-- +-- SELECT diesel_manage_updated_at('users'); +-- ``` +CREATE OR REPLACE FUNCTION diesel_manage_updated_at(_tbl regclass) RETURNS VOID AS $$ +BEGIN + EXECUTE format('CREATE TRIGGER set_updated_at BEFORE UPDATE ON %s + FOR EACH ROW EXECUTE PROCEDURE diesel_set_updated_at()', _tbl); +END; +$$ LANGUAGE plpgsql; + +CREATE OR REPLACE FUNCTION diesel_set_updated_at() RETURNS trigger AS $$ +BEGIN + IF ( + NEW IS DISTINCT FROM OLD AND + NEW.updated_at IS NOT DISTINCT FROM OLD.updated_at + ) THEN + NEW.updated_at := current_timestamp; + END IF; + RETURN NEW; +END; +$$ LANGUAGE plpgsql; diff --git a/planetwars-server/migrations/2021-12-13-145111_users/down.sql b/planetwars-server/migrations/2021-12-13-145111_users/down.sql new file mode 100644 index 0000000..49285a1 --- /dev/null +++ b/planetwars-server/migrations/2021-12-13-145111_users/down.sql @@ -0,0 +1,2 @@ +DROP INDEX users_username_index +DROP TABLE users; \ No newline at end of file diff --git a/planetwars-server/migrations/2021-12-13-145111_users/up.sql b/planetwars-server/migrations/2021-12-13-145111_users/up.sql new file mode 100644 index 0000000..f35e718 --- /dev/null +++ b/planetwars-server/migrations/2021-12-13-145111_users/up.sql @@ -0,0 +1,8 @@ +CREATE TABLE users( + id SERIAL PRIMARY KEY, + username VARCHAR(52) NOT NULL, + password_salt BYTEA NOT NULL, + password_hash BYTEA NOT NULL +); + +CREATE UNIQUE INDEX users_username_index ON users(username); \ No newline at end of file diff --git a/planetwars-server/migrations/2021-12-13-151129_sessions/down.sql b/planetwars-server/migrations/2021-12-13-151129_sessions/down.sql new file mode 100644 index 0000000..54d1e93 --- /dev/null +++ b/planetwars-server/migrations/2021-12-13-151129_sessions/down.sql @@ -0,0 +1 @@ +DROP TABLE sessions; \ No newline at end of file diff --git a/planetwars-server/migrations/2021-12-13-151129_sessions/up.sql b/planetwars-server/migrations/2021-12-13-151129_sessions/up.sql new file mode 100644 index 0000000..f8ec21b --- /dev/null +++ b/planetwars-server/migrations/2021-12-13-151129_sessions/up.sql @@ -0,0 +1,5 @@ +CREATE TABLE sessions ( + id serial PRIMARY KEY, + user_id integer REFERENCES users(id) NOT NULL, + token VARCHAR(255) NOT NULL UNIQUE +) \ No newline at end of file diff --git a/planetwars-server/migrations/2021-12-18-130837_bots/down.sql b/planetwars-server/migrations/2021-12-18-130837_bots/down.sql new file mode 100644 index 0000000..3d14604 --- /dev/null +++ b/planetwars-server/migrations/2021-12-18-130837_bots/down.sql @@ -0,0 +1,3 @@ +DROP TABLE code_bundles; +DROP INDEX bots_index; +DROP TABLE bots; \ No newline at end of file diff --git a/planetwars-server/migrations/2021-12-18-130837_bots/up.sql b/planetwars-server/migrations/2021-12-18-130837_bots/up.sql new file mode 100644 index 0000000..27f3582 --- /dev/null +++ b/planetwars-server/migrations/2021-12-18-130837_bots/up.sql @@ -0,0 +1,14 @@ +CREATE TABLE bots ( + id serial PRIMARY KEY, + owner_id integer REFERENCES users(id) NOT NULL, + name text NOT NULL +); + +CREATE UNIQUE INDEX bots_index ON bots(owner_id, name); + +CREATE TABLE code_bundles ( + id serial PRIMARY KEY, + bot_id integer REFERENCES bots(id) NOT NULL, + path text NOT NULL, + created_at timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP +); \ No newline at end of file diff --git a/planetwars-server/src/db/bots.rs b/planetwars-server/src/db/bots.rs new file mode 100644 index 0000000..bc9cb11 --- /dev/null +++ b/planetwars-server/src/db/bots.rs @@ -0,0 +1,53 @@ +use diesel::prelude::*; +use serde::{Deserialize, Serialize}; + +use crate::schema::{bots, code_bundles}; +use chrono; + +#[derive(Insertable)] +#[table_name = "bots"] +pub struct NewBot<'a> { + pub owner_id: i32, + pub name: &'a str, +} + +#[derive(Queryable, Debug, PartialEq, Serialize, Deserialize)] +pub struct Bot { + pub id: i32, + pub owner_id: i32, + pub name: String, +} + +pub fn create_bot(new_bot: &NewBot, conn: &PgConnection) -> QueryResult { + diesel::insert_into(bots::table) + .values(new_bot) + .get_result(conn) +} + +pub fn find_bot(id: i32, conn: &PgConnection) -> QueryResult { + bots::table.find(id).first(conn) +} + +#[derive(Insertable)] +#[table_name = "code_bundles"] +pub struct NewCodeBundle<'a> { + pub bot_id: i32, + pub path: &'a str, +} + +#[derive(Queryable, Serialize, Deserialize, Debug)] +pub struct CodeBundle { + pub id: i32, + pub bot_id: i32, + pub path: String, + pub created_at: chrono::NaiveDateTime, +} + +pub fn create_code_bundle( + new_code_bundle: &NewCodeBundle, + conn: &PgConnection, +) -> QueryResult { + diesel::insert_into(code_bundles::table) + .values(new_code_bundle) + .get_result(conn) +} diff --git a/planetwars-server/src/db/mod.rs b/planetwars-server/src/db/mod.rs new file mode 100644 index 0000000..947b789 --- /dev/null +++ b/planetwars-server/src/db/mod.rs @@ -0,0 +1,3 @@ +pub mod bots; +pub mod sessions; +pub mod users; diff --git a/planetwars-server/src/db/sessions.rs b/planetwars-server/src/db/sessions.rs new file mode 100644 index 0000000..96f3926 --- /dev/null +++ b/planetwars-server/src/db/sessions.rs @@ -0,0 +1,46 @@ +use super::users::User; +use crate::schema::{sessions, users}; +use base64; +use diesel::PgConnection; +use diesel::{insert_into, prelude::*, Insertable, RunQueryDsl}; +use rand::{self, Rng}; + +#[derive(Insertable)] +#[table_name = "sessions"] +struct NewSession { + token: String, + user_id: i32, +} + +#[derive(Queryable, Debug, PartialEq)] +pub struct Session { + pub id: i32, + pub user_id: i32, + pub token: String, +} + +pub fn create_session(user: &User, conn: &PgConnection) -> Session { + let new_session = NewSession { + token: gen_session_token(), + user_id: user.id, + }; + let session = insert_into(sessions::table) + .values(&new_session) + .get_result::(conn) + .unwrap(); + + return session; +} + +pub fn find_user_by_session(token: &str, conn: &PgConnection) -> QueryResult<(Session, User)> { + sessions::table + .inner_join(users::table) + .filter(sessions::token.eq(&token)) + .first::<(Session, User)>(conn) +} + +pub fn gen_session_token() -> String { + let mut rng = rand::thread_rng(); + let token: [u8; 32] = rng.gen(); + return base64::encode(&token); +} diff --git a/planetwars-server/src/db/users.rs b/planetwars-server/src/db/users.rs new file mode 100644 index 0000000..663f173 --- /dev/null +++ b/planetwars-server/src/db/users.rs @@ -0,0 +1,108 @@ +use crate::schema::users; +use argon2; +use diesel::{prelude::*, PgConnection}; +use rand::Rng; +use serde::{Deserialize, Serialize}; + +#[derive(Debug, Deserialize)] +pub struct Credentials<'a> { + pub username: &'a str, + pub password: &'a str, +} + +#[derive(Insertable)] +#[table_name = "users"] +pub struct NewUser<'a> { + pub username: &'a str, + pub password_hash: &'a [u8], + pub password_salt: &'a [u8], +} + +#[derive(Queryable, Debug)] +pub struct User { + pub id: i32, + pub username: String, + pub password_salt: Vec, + pub password_hash: Vec, +} + +// TODO: make this configurable somewhere +fn argon2_config() -> argon2::Config<'static> { + argon2::Config { + variant: argon2::Variant::Argon2i, + version: argon2::Version::Version13, + mem_cost: 4096, + time_cost: 3, + lanes: 1, + thread_mode: argon2::ThreadMode::Sequential, + // TODO: set a secret + secret: &[], + ad: &[], + hash_length: 32, + } +} + +pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResult { + let argon_config = argon2_config(); + + let salt: [u8; 32] = rand::thread_rng().gen(); + let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); + let new_user = NewUser { + username: &credentials.username, + password_salt: &salt, + password_hash: &hash, + }; + diesel::insert_into(users::table) + .values(&new_user) + .get_result::(conn) +} + +pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option { + users::table + .filter(users::username.eq(&credentials.username)) + .first::(db_conn) + .optional() + .unwrap() + .and_then(|user| { + let password_matches = argon2::verify_raw( + credentials.password.as_bytes(), + &user.password_salt, + &user.password_hash, + &argon2_config(), + ) + .unwrap(); + + if password_matches { + return Some(user); + } else { + return None; + } + }) +} + +#[test] +fn test_argon() { + let credentials = Credentials { + username: "piepkonijn", + password: "geheim123", + }; + let argon_config = argon2_config(); + + let salt: [u8; 32] = rand::thread_rng().gen(); + let hash = argon2::hash_raw(credentials.password.as_bytes(), &salt, &argon_config).unwrap(); + let new_user = NewUser { + username: &credentials.username, + password_hash: &hash, + password_salt: &salt, + }; + + let password_matches = argon2::verify_raw( + credentials.password.as_bytes(), + &new_user.password_salt, + &new_user.password_hash, + &argon2_config(), + ) + .unwrap(); + + assert!(password_matches); +} diff --git a/planetwars-server/src/lib.rs b/planetwars-server/src/lib.rs new file mode 100644 index 0000000..665523f --- /dev/null +++ b/planetwars-server/src/lib.rs @@ -0,0 +1,85 @@ +#![feature(proc_macro_hygiene, decl_macro)] + +#[macro_use] +extern crate diesel; + +pub mod db; +pub mod routes; +pub mod schema; + +use std::ops::Deref; + +use axum; +use bb8::PooledConnection; +use bb8_diesel::{self, DieselConnectionManager}; +use diesel::PgConnection; + +use axum::{ + async_trait, + extract::{Extension, FromRequest, RequestParts}, + http::StatusCode, + routing::{get, post}, + AddExtensionLayer, Router, +}; + +async fn index_handler() -> &'static str { + "Hello, world!" +} + +type ConnectionPool = bb8::Pool>; + +pub async fn app() -> Router { + let database_url = "postgresql://planetwars:planetwars@localhost/planetwars"; + let manager = DieselConnectionManager::::new(database_url); + let pool = bb8::Pool::builder().build(manager).await.unwrap(); + + let app = Router::new() + .route("/", get(index_handler)) + .route("/users/register", post(routes::users::register)) + .route("/users/login", post(routes::users::login)) + .route("/users/me", get(routes::users::current_user)) + .route("/bots", post(routes::bots::create_bot)) + .route("/bots/:bot_id", get(routes::bots::get_bot)) + .route("/bots/:bot_id/upload", post(routes::bots::upload_bot_code)) + .layer(AddExtensionLayer::new(pool)); + app +} + +// we can also write a custom extractor that grabs a connection from the pool +// which setup is appropriate depends on your application +pub struct DatabaseConnection(PooledConnection<'static, DieselConnectionManager>); + +impl Deref for DatabaseConnection { + type Target = PooledConnection<'static, DieselConnectionManager>; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +#[async_trait] +impl FromRequest for DatabaseConnection +where + B: Send, +{ + type Rejection = (StatusCode, String); + + async fn from_request(req: &mut RequestParts) -> Result { + let Extension(pool) = Extension::::from_request(req) + .await + .map_err(internal_error)?; + + let conn = pool.get_owned().await.map_err(internal_error)?; + + Ok(Self(conn)) + } +} + +/// Utility function for mapping any error into a `500 Internal Server Error` +/// response. +fn internal_error(err: E) -> (StatusCode, String) +where + E: std::error::Error, +{ + (StatusCode::INTERNAL_SERVER_ERROR, err.to_string()) +} diff --git a/planetwars-server/src/main.rs b/planetwars-server/src/main.rs new file mode 100644 index 0000000..9bd283e --- /dev/null +++ b/planetwars-server/src/main.rs @@ -0,0 +1,16 @@ +use std::net::SocketAddr; + +extern crate planetwars_server; +extern crate tokio; + +#[tokio::main] +async fn main() { + let app = planetwars_server::app().await; + + let addr = SocketAddr::from(([127, 0, 0, 1], 9000)); + + axum::Server::bind(&addr) + .serve(app.into_make_service()) + .await + .unwrap(); +} diff --git a/planetwars-server/src/routes/bots.rs b/planetwars-server/src/routes/bots.rs new file mode 100644 index 0000000..da09669 --- /dev/null +++ b/planetwars-server/src/routes/bots.rs @@ -0,0 +1,75 @@ +use axum::extract::{Path, RawBody}; +use axum::http::StatusCode; +use axum::Json; +use rand::Rng; +use serde::{Deserialize, Serialize}; +use std::io::Cursor; +use std::path; + +use crate::db::bots::{self, CodeBundle}; +use crate::db::users::User; +use crate::DatabaseConnection; +use bots::Bot; + +#[derive(Serialize, Deserialize, Debug)] +pub struct BotParams { + name: String, +} + +pub async fn create_bot( + conn: DatabaseConnection, + user: User, + params: Json, +) -> (StatusCode, Json) { + let bot_params = bots::NewBot { + owner_id: user.id, + name: ¶ms.name, + }; + let bot = bots::create_bot(&bot_params, &conn).unwrap(); + (StatusCode::CREATED, Json(bot)) +} + +// TODO: handle errors +pub async fn get_bot(conn: DatabaseConnection, Path(bot_id): Path) -> Json { + let bot = bots::find_bot(bot_id, &conn).unwrap(); + Json(bot) +} + +// TODO: proper error handling +pub async fn upload_bot_code( + conn: DatabaseConnection, + user: User, + Path(bot_id): Path, + RawBody(body): RawBody, +) -> (StatusCode, Json) { + // TODO: put in config somewhere + let data_path = "./data/bots"; + + let bot = bots::find_bot(bot_id, &conn).expect("Bot not found"); + + assert_eq!(user.id, bot.owner_id); + + // generate a random filename + let token: [u8; 16] = rand::thread_rng().gen(); + let name = base64::encode(&token); + + let path = path::Path::new(data_path).join(name); + // let capped_buf = data.open(10usize.megabytes()).into_bytes().await.unwrap(); + // assert!(capped_buf.is_complete()); + // let buf = capped_buf.into_inner(); + let buf = hyper::body::to_bytes(body).await.unwrap(); + + zip::ZipArchive::new(Cursor::new(buf)) + .unwrap() + .extract(&path) + .unwrap(); + + let bundle = bots::NewCodeBundle { + bot_id: bot.id, + path: path.to_str().unwrap(), + }; + let code_bundle = + bots::create_code_bundle(&bundle, &conn).expect("Failed to create code bundle"); + + (StatusCode::CREATED, Json(code_bundle)) +} diff --git a/planetwars-server/src/routes/mod.rs b/planetwars-server/src/routes/mod.rs new file mode 100644 index 0000000..718d7ef --- /dev/null +++ b/planetwars-server/src/routes/mod.rs @@ -0,0 +1,2 @@ +pub mod bots; +pub mod users; diff --git a/planetwars-server/src/routes/users.rs b/planetwars-server/src/routes/users.rs new file mode 100644 index 0000000..fc77d7b --- /dev/null +++ b/planetwars-server/src/routes/users.rs @@ -0,0 +1,94 @@ +use crate::db::users::{Credentials, User}; +use crate::db::{sessions, users}; +use crate::DatabaseConnection; +use axum::extract::{FromRequest, RequestParts, TypedHeader}; +use axum::headers::authorization::Bearer; +use axum::headers::Authorization; +use axum::http::StatusCode; +use axum::{async_trait, Json}; +use serde::{Deserialize, Serialize}; + +type AuthorizationHeader = TypedHeader>; + +#[async_trait] +impl FromRequest for User +where + B: Send, +{ + type Rejection = (StatusCode, String); + + async fn from_request(req: &mut RequestParts) -> Result { + let conn = DatabaseConnection::from_request(req).await?; + let TypedHeader(Authorization(bearer)) = AuthorizationHeader::from_request(req) + .await + .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; + + let (_session, user) = sessions::find_user_by_session(bearer.token(), &conn) + .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; + + Ok(user) + } +} + +#[derive(Serialize, Deserialize)] +pub struct UserData { + pub user_id: i32, + pub username: String, +} + +impl From for UserData { + fn from(user: User) -> Self { + UserData { + user_id: user.id, + username: user.username, + } + } +} + +#[derive(Deserialize)] +pub struct RegistrationParams { + pub username: String, + pub password: String, +} + +pub async fn register( + conn: DatabaseConnection, + params: Json, +) -> Json { + let credentials = Credentials { + username: ¶ms.username, + password: ¶ms.password, + }; + let user = users::create_user(&credentials, &conn).unwrap(); + Json(user.into()) +} + +#[derive(Deserialize)] +pub struct LoginParams { + pub username: String, + pub password: String, +} + +pub async fn login( + conn: DatabaseConnection, + params: Json, +) -> Result { + let credentials = Credentials { + username: ¶ms.username, + password: ¶ms.password, + }; + // TODO: handle failures + let authenticated = users::authenticate_user(&credentials, &conn); + + match authenticated { + None => Err(StatusCode::FORBIDDEN), + Some(user) => { + let session = sessions::create_session(&user, &conn); + Ok(session.token) + } + } +} + +pub async fn current_user(user: User) -> Json { + Json(user.into()) +} diff --git a/planetwars-server/src/schema.rs b/planetwars-server/src/schema.rs new file mode 100644 index 0000000..bf58434 --- /dev/null +++ b/planetwars-server/src/schema.rs @@ -0,0 +1,39 @@ +table! { + bots (id) { + id -> Int4, + owner_id -> Int4, + name -> Text, + } +} + +table! { + code_bundles (id) { + id -> Int4, + bot_id -> Int4, + path -> Text, + created_at -> Timestamp, + } +} + +table! { + sessions (id) { + id -> Int4, + user_id -> Int4, + token -> Varchar, + } +} + +table! { + users (id) { + id -> Int4, + username -> Varchar, + password_salt -> Bytea, + password_hash -> Bytea, + } +} + +joinable!(bots -> users (owner_id)); +joinable!(code_bundles -> bots (bot_id)); +joinable!(sessions -> users (user_id)); + +allow_tables_to_appear_in_same_query!(bots, code_bundles, sessions, users,); -- cgit v1.2.3