nikdoof/rustical
1
1
Fork 0
mirror of https://github.com/lennart-k/rustical.git synced 2025-12-14 10:32:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

auth: Remove unused UserStore trait and put app_tokens into User struct

Browse Source
This commit is contained in:
Lennart
2025-01-29 10:28:07 +01:00
parent 8fda600e7f
commit 21af6b0535
5 changed files with 23 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crates/store/src/auth/mod.rs
View File

@@ -1,7 +1,6 @@
pub mod middleware; pub mod middleware;
pub mod static_user_store; pub mod static_user_store;
pub mod user; pub mod user;
pub mod user_store;
use crate::error::Error; use crate::error::Error;
use async_trait::async_trait; use async_trait::async_trait;

29
crates/store/src/auth/static_user_store.rs
View File

@@ -7,31 +7,18 @@ use super::AuthenticationProvider;
#[derive(Debug, Clone, Deserialize, Serialize, Default)] #[derive(Debug, Clone, Deserialize, Serialize, Default)]
pub struct StaticUserStoreConfig { pub struct StaticUserStoreConfig {
pub users: Vec<UserEntry>, pub users: Vec<User>,
}
#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct UserEntry {
#[serde(flatten)]
pub user: User,
#[serde(default)]
pub app_tokens: Vec<String>,
} }
#[derive(Debug, Clone, Deserialize, Serialize)] #[derive(Debug, Clone, Deserialize, Serialize)]
pub struct StaticUserStore { pub struct StaticUserStore {
pub users: HashMap<String, UserEntry>, pub users: HashMap<String, User>,
} }
impl StaticUserStore { impl StaticUserStore {
pub fn new(config: StaticUserStoreConfig) -> Self { pub fn new(config: StaticUserStoreConfig) -> Self {
Self { Self {
users: HashMap::from_iter( users: HashMap::from_iter(config.users.into_iter().map(|user| (user.id.clone(), user))),
config
.users
.into_iter()
.map(|user_entry| (user_entry.user.id.clone(), user_entry)),
),
} }
} }
} }
@@ -39,26 +26,26 @@ impl StaticUserStore {
#[async_trait] #[async_trait]
impl AuthenticationProvider for StaticUserStore { impl AuthenticationProvider for StaticUserStore {
async fn validate_user_token(&self, user_id: &str, token: &str) -> Result<Option<User>, Error> { async fn validate_user_token(&self, user_id: &str, token: &str) -> Result<Option<User>, Error> {
let user_entry: UserEntry = match self.users.get(user_id) { let user: User = match self.users.get(user_id) {
Some(user) => user.clone(), Some(user) => user.clone(),
None => return Ok(None), None => return Ok(None),
}; };
// Try app tokens first since they are cheaper to calculate // Try app tokens first since they are cheaper to calculate
// They can afford less iterations since they can be generated with high entropy // They can afford less iterations since they can be generated with high entropy
for app_token in &user_entry.app_tokens { for app_token in &user.app_tokens {
if password_auth::verify_password(token, app_token).is_ok() { if password_auth::verify_password(token, app_token).is_ok() {
return Ok(Some(user_entry.user)); return Ok(Some(user));
} }
} }
let password = match &user_entry.user.password { let password = match &user.password {
Some(password) => password, Some(password) => password,
None => return Ok(None), None => return Ok(None),
}; };
if password_auth::verify_password(token, password).is_ok() { if password_auth::verify_password(token, password).is_ok() {
return Ok(Some(user_entry.user)); return Ok(Some(user));
} }
Ok(None) Ok(None)

6
crates/store/src/auth/user.rs
View File

@@ -12,6 +12,12 @@ pub struct User {
pub id: String, pub id: String,
pub displayname: Option<String>, pub displayname: Option<String>,
pub password: Option<String>, pub password: Option<String>,
#[serde(default)]
pub app_tokens: Vec<String>,
#[serde(default)]
pub groups: Vec<String>,
#[serde(skip)]
pub inherited_groups: Vec<String>,
} }
#[derive(Clone, Debug, Display)] #[derive(Clone, Debug, Display)]

8
crates/store/src/auth/user_store.rs
View File

@@ -1,8 +0,0 @@
use crate::{auth::User, error::Error};
use async_trait::async_trait;
#[async_trait]
pub trait UserStore: Send + Sync + 'static {
async fn get_user(&self, id: &str) -> Result<Option<User>, Error>;
async fn put_user(&self, user: User) -> Result<(), Error>;
}

19
src/commands/mod.rs
View File

@@ -4,7 +4,7 @@ use password_hash::PasswordHasher;
use pbkdf2::Params; use pbkdf2::Params;
use rand::{rngs::OsRng, RngCore}; use rand::{rngs::OsRng, RngCore};
use rustical_frontend::FrontendConfig; use rustical_frontend::FrontendConfig;
use rustical_store::auth::{static_user_store::UserEntry, StaticUserStoreConfig, User}; use rustical_store::auth::{StaticUserStoreConfig, User};
use crate::config::{ use crate::config::{
AuthConfig, Config, DataStoreConfig, DavPushConfig, HttpConfig, SqliteDataStoreConfig, AuthConfig, Config, DataStoreConfig, DavPushConfig, HttpConfig, SqliteDataStoreConfig,
@@ -26,15 +26,14 @@ pub fn cmd_gen_config(_args: GenConfigArgs) -> anyhow::Result<()> {
let config = Config { let config = Config {
http: HttpConfig::default(), http: HttpConfig::default(),
auth: AuthConfig::Static(StaticUserStoreConfig { auth: AuthConfig::Static(StaticUserStoreConfig {
users: vec![UserEntry { users: vec![User {
user: User { id: "default".to_owned(),
id: "default".to_owned(), displayname: Some("Default user".to_owned()),
displayname: Some("Default user".to_owned()), password: Some(
password: Some( "generate a password hash with rustical pwhash --algorithm argon2".to_owned(),
"generate a password hash with rustical pwhash --algorithm argon2" ),
.to_owned(), groups: vec![],
), inherited_groups: vec![],
},
app_tokens: vec![ app_tokens: vec![
"generate an app token hash with rustical pwhash --algorithm pbkdf2".to_owned(), "generate an app token hash with rustical pwhash --algorithm pbkdf2".to_owned(),
], ],