7 files changed, 445 insertions, 0 deletions

diff --git a/src/user/handlers/login/mod.rs b/src/user/handlers/login/mod.rs
new file mode 100644
index 0000000..e80377e
--- /dev/null
+++ b/src/user/handlers/login/mod.rs
@@ -0,0 +1,55 @@
+use axum::{
+    extract::{Json, State},
+    http::StatusCode,
+    response::{IntoResponse, Response},
+};
+
+use crate::{
+    app::App,
+    clock::RequestedAt,
+    error::Internal,
+    name::Name,
+    token::{app, extract::IdentityCookie},
+    user::{Password, User},
+};
+
+#[cfg(test)]
+mod test;
+
+pub async fn handler(
+    State(app): State<App>,
+    RequestedAt(now): RequestedAt,
+    identity: IdentityCookie,
+    Json(request): Json<Request>,
+) -> Result<(IdentityCookie, Json<User>), Error> {
+    let (user, secret) = app
+        .tokens()
+        .login(&request.name, &request.password, &now)
+        .await
+        .map_err(Error)?;
+    let identity = identity.set(secret);
+    Ok((identity, Json(user)))
+}
+
+#[derive(serde::Deserialize)]
+pub struct Request {
+    pub name: Name,
+    pub password: Password,
+}
+
+#[derive(Debug, thiserror::Error)]
+#[error(transparent)]
+pub struct Error(#[from] pub app::LoginError);
+
+impl IntoResponse for Error {
+    fn into_response(self) -> Response {
+        let Self(error) = self;
+        match error {
+            app::LoginError::Rejected => {
+                // not error::Unauthorized due to differing messaging
+                (StatusCode::UNAUTHORIZED, "invalid name or password").into_response()
+            }
+            other => Internal::from(other).into_response(),
+        }
+    }
+}
diff --git a/src/user/handlers/login/test.rs b/src/user/handlers/login/test.rs
new file mode 100644
index 0000000..b8f24f6
--- /dev/null
+++ b/src/user/handlers/login/test.rs
@@ -0,0 +1,127 @@
+use axum::extract::{Json, State};
+
+use crate::{test::fixtures, token::app};
+
+#[tokio::test]
+async fn correct_credentials() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::not_logged_in();
+    let logged_in_at = fixtures::now();
+    let request = super::Request {
+        name: name.clone(),
+        password,
+    };
+    let (identity, Json(response)) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect("logged in with valid credentials");
+
+    // Verify the return value's basic structure
+
+    assert_eq!(name, response.name);
+    let secret = identity
+        .secret()
+        .expect("logged in with valid credentials issues an identity cookie");
+
+    // Verify the semantics
+
+    let validated_at = fixtures::now();
+    let (_, validated_login) = app
+        .tokens()
+        .validate(&secret, &validated_at)
+        .await
+        .expect("identity secret is valid");
+
+    assert_eq!(response, validated_login);
+}
+
+#[tokio::test]
+async fn invalid_name() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::not_logged_in();
+    let logged_in_at = fixtures::now();
+    let (name, password) = fixtures::user::propose();
+    let request = super::Request {
+        name: name.clone(),
+        password,
+    };
+    let super::Error(error) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect_err("logged in with an incorrect password fails");
+
+    // Verify the return value's basic structure
+
+    assert!(matches!(error, app::LoginError::Rejected));
+}
+
+#[tokio::test]
+async fn incorrect_password() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let login = fixtures::user::create(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let logged_in_at = fixtures::now();
+    let identity = fixtures::cookie::not_logged_in();
+    let request = super::Request {
+        name: login.name,
+        password: fixtures::user::propose_password(),
+    };
+    let super::Error(error) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect_err("logged in with an incorrect password");
+
+    // Verify the return value's basic structure
+
+    assert!(matches!(error, app::LoginError::Rejected));
+}
+
+#[tokio::test]
+async fn token_expires() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let logged_in_at = fixtures::ancient();
+    let identity = fixtures::cookie::not_logged_in();
+    let request = super::Request { name, password };
+    let (identity, _) = super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+        .await
+        .expect("logged in with valid credentials");
+    let secret = identity.secret().expect("logged in with valid credentials");
+
+    // Verify the semantics
+
+    let expired_at = fixtures::now();
+    app.tokens()
+        .expire(&expired_at)
+        .await
+        .expect("expiring tokens never fails");
+
+    let verified_at = fixtures::now();
+    let error = app
+        .tokens()
+        .validate(&secret, &verified_at)
+        .await
+        .expect_err("validating an expired token");
+
+    assert!(matches!(error, app::ValidateError::InvalidToken));
+}
diff --git a/src/user/handlers/logout/mod.rs b/src/user/handlers/logout/mod.rs
new file mode 100644
index 0000000..45a376a
--- /dev/null
+++ b/src/user/handlers/logout/mod.rs
@@ -0,0 +1,53 @@
+use axum::{
+    extract::{Json, State},
+    http::StatusCode,
+    response::{IntoResponse, Response},
+};
+
+use crate::{
+    app::App,
+    clock::RequestedAt,
+    error::{Internal, Unauthorized},
+    token::{app, extract::IdentityCookie},
+};
+
+#[cfg(test)]
+mod test;
+
+pub async fn handler(
+    State(app): State<App>,
+    RequestedAt(now): RequestedAt,
+    identity: IdentityCookie,
+    Json(_): Json<Request>,
+) -> Result<(IdentityCookie, StatusCode), Error> {
+    if let Some(secret) = identity.secret() {
+        let (token, _) = app.tokens().validate(&secret, &now).await?;
+        app.tokens().logout(&token).await?;
+    }
+
+    let identity = identity.clear();
+    Ok((identity, StatusCode::NO_CONTENT))
+}
+
+// This forces the only valid request to be `{}`, and not the infinite
+// variation allowed when there's no body extractor.
+#[derive(Default, serde::Deserialize)]
+pub struct Request {}
+
+#[derive(Debug, thiserror::Error)]
+#[error(transparent)]
+pub struct Error(#[from] pub app::ValidateError);
+
+impl IntoResponse for Error {
+    fn into_response(self) -> Response {
+        let Self(error) = self;
+        match error {
+            app::ValidateError::InvalidToken | app::ValidateError::LoginDeleted => {
+                Unauthorized.into_response()
+            }
+            app::ValidateError::Name(_) | app::ValidateError::Database(_) => {
+                Internal::from(error).into_response()
+            }
+        }
+    }
+}
diff --git a/src/user/handlers/logout/test.rs b/src/user/handlers/logout/test.rs
new file mode 100644
index 0000000..8dc4636
--- /dev/null
+++ b/src/user/handlers/logout/test.rs
@@ -0,0 +1,79 @@
+use axum::{
+    extract::{Json, State},
+    http::StatusCode,
+};
+
+use crate::{test::fixtures, token::app};
+
+#[tokio::test]
+async fn successful() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let now = fixtures::now();
+    let creds = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+    let identity = fixtures::cookie::logged_in(&app, &creds, &now).await;
+    let secret = fixtures::cookie::secret(&identity);
+
+    // Call the endpoint
+
+    let (response_identity, response_status) = super::handler(
+        State(app.clone()),
+        fixtures::now(),
+        identity.clone(),
+        Json::default(),
+    )
+    .await
+    .expect("logged out with a valid token");
+
+    // Verify the return value's basic structure
+
+    assert!(response_identity.secret().is_none());
+    assert_eq!(StatusCode::NO_CONTENT, response_status);
+
+    // Verify the semantics
+    let error = app
+        .tokens()
+        .validate(&secret, &now)
+        .await
+        .expect_err("secret is invalid");
+    assert!(matches!(error, app::ValidateError::InvalidToken));
+}
+
+#[tokio::test]
+async fn no_identity() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::not_logged_in();
+    let (identity, status) = super::handler(State(app), fixtures::now(), identity, Json::default())
+        .await
+        .expect("logged out with no token succeeds");
+
+    // Verify the return value's basic structure
+
+    assert!(identity.secret().is_none());
+    assert_eq!(StatusCode::NO_CONTENT, status);
+}
+
+#[tokio::test]
+async fn invalid_token() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::fictitious();
+    let super::Error(error) =
+        super::handler(State(app), fixtures::now(), identity, Json::default())
+            .await
+            .expect_err("logged out with an invalid token fails");
+
+    // Verify the return value's basic structure
+
+    assert!(matches!(error, app::ValidateError::InvalidToken));
+}
diff --git a/src/user/handlers/mod.rs b/src/user/handlers/mod.rs
new file mode 100644
index 0000000..5cadbb5
--- /dev/null
+++ b/src/user/handlers/mod.rs
@@ -0,0 +1,7 @@
+mod login;
+mod logout;
+mod password;
+
+pub use login::handler as login;
+pub use logout::handler as logout;
+pub use password::handler as change_password;
diff --git a/src/user/handlers/password/mod.rs b/src/user/handlers/password/mod.rs
new file mode 100644
index 0000000..9158325
--- /dev/null
+++ b/src/user/handlers/password/mod.rs
@@ -0,0 +1,57 @@
+use axum::{
+    extract::{Json, State},
+    http::StatusCode,
+    response::{IntoResponse, Response},
+};
+
+use crate::{
+    app::App,
+    clock::RequestedAt,
+    error::Internal,
+    token::{
+        app,
+        extract::{Identity, IdentityCookie},
+    },
+    user::{Password, User},
+};
+
+#[cfg(test)]
+mod test;
+
+pub async fn handler(
+    State(app): State<App>,
+    RequestedAt(now): RequestedAt,
+    identity: Identity,
+    cookie: IdentityCookie,
+    Json(request): Json<Request>,
+) -> Result<(IdentityCookie, Json<User>), Error> {
+    let (login, secret) = app
+        .tokens()
+        .change_password(&identity.user, &request.password, &request.to, &now)
+        .await
+        .map_err(Error)?;
+    let cookie = cookie.set(secret);
+    Ok((cookie, Json(login)))
+}
+
+#[derive(serde::Deserialize)]
+pub struct Request {
+    pub password: Password,
+    pub to: Password,
+}
+
+#[derive(Debug, thiserror::Error)]
+#[error(transparent)]
+pub struct Error(#[from] pub app::LoginError);
+
+impl IntoResponse for Error {
+    fn into_response(self) -> Response {
+        let Self(error) = self;
+        match error {
+            app::LoginError::Rejected => {
+                (StatusCode::BAD_REQUEST, "invalid name or password").into_response()
+            }
+            other => Internal::from(other).into_response(),
+        }
+    }
+}
diff --git a/src/user/handlers/password/test.rs b/src/user/handlers/password/test.rs
new file mode 100644
index 0000000..42e41d8
--- /dev/null
+++ b/src/user/handlers/password/test.rs
@@ -0,0 +1,67 @@
+use axum::extract::{Json, State};
+
+use crate::{
+    test::fixtures,
+    token::app::{LoginError, ValidateError},
+};
+
+#[tokio::test]
+async fn password_change() {
+    // Set up the environment
+    let app = fixtures::scratch_app().await;
+    let creds = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+    let cookie = fixtures::cookie::logged_in(&app, &creds, &fixtures::now()).await;
+    let identity = fixtures::identity::from_cookie(&app, &cookie, &fixtures::now()).await;
+
+    // Call the endpoint
+    let (name, password) = creds;
+    let to = fixtures::user::propose_password();
+    let request = super::Request {
+        password: password.clone(),
+        to: to.clone(),
+    };
+    let (new_cookie, Json(response)) = super::handler(
+        State(app.clone()),
+        fixtures::now(),
+        identity.clone(),
+        cookie.clone(),
+        Json(request),
+    )
+    .await
+    .expect("changing passwords succeeds");
+
+    // Verify that we have a new session
+    assert_ne!(cookie.secret(), new_cookie.secret());
+
+    // Verify that we're still ourselves
+    assert_eq!(identity.user, response);
+
+    // Verify that our original token is no longer valid
+    let validate_err = app
+        .tokens()
+        .validate(
+            &cookie
+                .secret()
+                .expect("original identity cookie has a secret"),
+            &fixtures::now(),
+        )
+        .await
+        .expect_err("validating the original identity secret should fail");
+    assert!(matches!(validate_err, ValidateError::InvalidToken));
+
+    // Verify that our original password is no longer valid
+    let login_err = app
+        .tokens()
+        .login(&name, &password, &fixtures::now())
+        .await
+        .expect_err("logging in with the original password should fail");
+    assert!(matches!(login_err, LoginError::Rejected));
+
+    // Verify that our new password is valid
+    let (login, _) = app
+        .tokens()
+        .login(&name, &to, &fixtures::now())
+        .await
+        .expect("logging in with the new password should succeed");
+    assert_eq!(identity.user, login);
+}