From 6aa72b3c8717f32e62c772aeed327d3cd9a6fa65 Mon Sep 17 00:00:00 2001
From: Ilion Beyst <ilion.beyst@gmail.com>
Date: Wed, 15 Dec 2021 22:40:55 +0100
Subject: gracefully handle invalid login credentials

---
 backend/src/db/users.rs | 32 +++++++++++++++++---------------
 1 file changed, 17 insertions(+), 15 deletions(-)

(limited to 'backend/src/db/users.rs')

diff --git a/backend/src/db/users.rs b/backend/src/db/users.rs
index c06e5b3..29cee88 100644
--- a/backend/src/db/users.rs
+++ b/backend/src/db/users.rs
@@ -58,24 +58,26 @@ pub fn create_user(credentials: &Credentials, conn: &PgConnection) -> QueryResul
 }
 
 pub fn authenticate_user(credentials: &Credentials, db_conn: &PgConnection) -> Option<User> {
-    let user = users::table
+    users::table
         .filter(users::username.eq(&credentials.username))
         .first::<User>(db_conn)
-        .unwrap();
+        .optional()
+        .unwrap()
+        .and_then(|user| {
+            let password_matches = argon2::verify_raw(
+                credentials.password.as_bytes(),
+                &user.password_salt,
+                &user.password_hash,
+                &argon2_config(),
+            )
+            .unwrap();
 
-    let password_matches = argon2::verify_raw(
-        credentials.password.as_bytes(),
-        &user.password_salt,
-        &user.password_hash,
-        &argon2_config(),
-    )
-    .unwrap();
-
-    if password_matches {
-        return Some(user);
-    } else {
-        return None;
-    }
+            if password_matches {
+                return Some(user);
+            } else {
+                return None;
+            }
+        })
 }
 
 #[test]
-- 
cgit v1.2.3