Bläddra i källkod

Update user management interface to use microrm 0.4.

Kestrel 11 månader sedan
förälder
incheckning
907ad77fb4
2 ändrade filer med 17 tillägg och 38 borttagningar
  1. 2 2
      src/server.rs
  2. 15 36
      src/server/um.rs

+ 2 - 2
src/server.rs

@@ -2,7 +2,7 @@ use crate::{config, schema, UIDCError};
 
 mod oidc;
 mod session;
-// mod um;
+mod um;
 
 pub struct ServerState {
     config: config::Config,
@@ -73,7 +73,7 @@ pub async fn run_server(
 
     session::session_v1_server(app.at("/:realm/v1/session/"));
     oidc::oidc_server(app.at("/:realm/"));
-    // um::um_server(app.at("/:realm/um/"));
+    um::um_server(app.at("/:realm/um/"));
 
     app.listen(("127.0.0.1", port))
         .await

+ 15 - 36
src/server/um.rs

@@ -1,35 +1,16 @@
 use microrm::prelude::*;
 use tide::http::mime;
 
-use crate::{schema, UIDCError};
+use crate::{schema, UIDCError, user::UserExt};
 
 type Request = tide::Request<super::ServerStateWrapper>;
 
 fn generate_template_data(
-    qi: &microrm::QueryInterface,
-    realm: schema::RealmID,
-    user: schema::UserID,
+    realm: &microrm::Stored<schema::Realm>,
+    user: &microrm::Stored<schema::User>,
 ) -> Result<serde_json::Value, UIDCError> {
-    let realm = qi
-        .get()
-        .by_id(&realm)
-        .one()?
-        .ok_or(UIDCError::Abort("no such realm"))?;
-    let user = qi
-        .get()
-        .by_id(&user)
-        .one()?
-        .ok_or(UIDCError::Abort("couldn't find user"))?;
-
-    let has_totp = qi
-        .get()
-        .by(schema::AuthChallenge::User, &user.id())
-        .by(
-            schema::AuthChallenge::ChallengeType,
-            &schema::AuthChallengeType::TOTP,
-        )
-        .one()?
-        .is_some();
+    let totp : microrm::Serialized<_> = schema::AuthChallengeType::TOTP.into();
+    let has_totp = user.auth.with(schema::AuthChallenge::ChallengeType, totp).count()? > 0;
 
     let template_data = serde_json::json!({
         "username": user.username,
@@ -47,7 +28,7 @@ fn generate_template_data(
 async fn um_index(req: Request) -> tide::Result<tide::Response> {
     let shelper = super::session::SessionHelper::new(&req);
 
-    let (realm, user) = match shelper.verify_session(&req) {
+    let (realm, user_id) = match shelper.verify_session(&req) {
         Some(v) => v,
         None => {
             return Ok(tide::Redirect::temporary(format!(
@@ -57,10 +38,10 @@ async fn um_index(req: Request) -> tide::Result<tide::Response> {
             .into())
         }
     };
-    let qi = req.state().core.pool.query_interface();
 
-    // template_data.as_object_mut().and_then(|o| o.append
-    let template_data = generate_template_data(qi, realm, user)?;
+    let user = realm.users.with(schema::UserID::default(), user_id).first().get()?.unwrap();
+
+    let template_data = generate_template_data(&realm, &user)?;
 
     Ok(tide::Response::builder(200)
         .content_type(mime::HTML)
@@ -94,16 +75,14 @@ async fn um_update(mut req: Request) -> tide::Result<tide::Response> {
         }
     };
 
-    let qi = req.state().core.pool.query_interface();
+    let user = realm.users.with(schema::UserID::default(), user_id).first().get()?.unwrap();
 
     log::info!("processing update request...");
 
     let progress: Result<Vec<String>, UIDCError> = (|| {
         let mut info_msgs = vec![];
 
-        let user = crate::user::User::from_id(user_id);
-        let challenge = user.verify_challenge(
-            &qi,
+        let challenge = user.verify_challenge_by_type(
             schema::AuthChallengeType::Password,
             update_form.current_password.as_bytes(),
         )?;
@@ -120,7 +99,7 @@ async fn um_update(mut req: Request) -> tide::Result<tide::Response> {
                 Err(UIDCError::Abort("entered passwords do not match"))?
             }
             if new_pass.len() > 0 {
-                user.set_new_password(qi, new_pass.as_bytes())?;
+                user.set_new_password(new_pass.as_bytes())?;
                 info_msgs.push("Updated password!".into());
             }
         } else if update_form.new_password.is_some() || update_form.new_password_repeated.is_some()
@@ -130,10 +109,10 @@ async fn um_update(mut req: Request) -> tide::Result<tide::Response> {
 
         if let Some(totp) = update_form.totp_control.as_ref() {
             if totp == "remove" {
-                user.clear_totp(qi)?;
+                user.clear_totp()?;
                 info_msgs.push("Cleared TOTP setup".into());
             } else if totp == "reset" {
-                let (_secret, _uri) = user.generate_totp_with_uri(qi)?;
+                let (_secret, _uri) = user.generate_totp_with_uri()?;
                 Err(UIDCError::Abort("totp setup outside of cli not supported"))?
             }
         }
@@ -141,7 +120,7 @@ async fn um_update(mut req: Request) -> tide::Result<tide::Response> {
         Ok(info_msgs)
     })();
 
-    let mut template_data = generate_template_data(qi, realm, user_id)?;
+    let mut template_data = generate_template_data(&realm, &user)?;
 
     match progress {
         Ok(info_msgs) => {