1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
use sqlx::{sqlite::Sqlite, SqliteConnection, Transaction};
use uuid::Uuid;
use crate::{
clock::DateTime,
db::NotFound,
event::{Instant, Sequence},
login::{self, History, Login},
name::{self, Name},
token::{Id, Secret},
};
pub trait Provider {
fn tokens(&mut self) -> Tokens;
}
impl<'c> Provider for Transaction<'c, Sqlite> {
fn tokens(&mut self) -> Tokens {
Tokens(self)
}
}
pub struct Tokens<'t>(&'t mut SqliteConnection);
impl<'c> Tokens<'c> {
// Issue a new token for an existing login. The issued_at timestamp will
// be used to control expiry, until the token is actually used.
pub async fn issue(
&mut self,
login: &History,
issued_at: &DateTime,
) -> Result<Secret, sqlx::Error> {
let id = Id::generate();
let secret = Uuid::new_v4().to_string();
let login = login.id();
let secret = sqlx::query_scalar!(
r#"
insert
into token (id, secret, login, issued_at, last_used_at)
values ($1, $2, $3, $4, $4)
returning secret as "secret!: Secret"
"#,
id,
secret,
login,
issued_at,
)
.fetch_one(&mut *self.0)
.await?;
Ok(secret)
}
pub async fn require(&mut self, token: &Id) -> Result<(), sqlx::Error> {
sqlx::query_scalar!(
r#"
select id as "id: Id"
from token
where id = $1
"#,
token,
)
.fetch_one(&mut *self.0)
.await?;
Ok(())
}
// Revoke a token by its secret.
pub async fn revoke(&mut self, token: &Id) -> Result<(), sqlx::Error> {
sqlx::query_scalar!(
r#"
delete
from token
where id = $1
returning id as "id: Id"
"#,
token,
)
.fetch_one(&mut *self.0)
.await?;
Ok(())
}
// Expire and delete all tokens that haven't been used more recently than
// `expire_at`.
pub async fn expire(&mut self, expire_at: &DateTime) -> Result<Vec<Id>, sqlx::Error> {
let tokens = sqlx::query_scalar!(
r#"
delete
from token
where last_used_at < $1
returning id as "id: Id"
"#,
expire_at,
)
.fetch_all(&mut *self.0)
.await?;
Ok(tokens)
}
// Validate a token by its secret, retrieving the associated Login record.
// Will return an error if the token is not valid. If successful, the
// retrieved token's last-used timestamp will be set to `used_at`.
pub async fn validate(
&mut self,
secret: &Secret,
used_at: &DateTime,
) -> Result<(Id, History), LoadError> {
// I would use `update … returning` to do this in one query, but
// sqlite3, as of this writing, does not allow an update's `returning`
// clause to reference columns from tables joined into the update. Two
// queries is fine, but it feels untidy.
let (token, login) = sqlx::query!(
r#"
update token
set last_used_at = $1
where secret = $2
returning
id as "token: Id",
login as "login: login::Id"
"#,
used_at,
secret,
)
.map(|row| (row.token, row.login))
.fetch_one(&mut *self.0)
.await?;
let login = sqlx::query!(
r#"
select
id as "id: login::Id",
display_name as "display_name: String",
canonical_name as "canonical_name: String",
created_sequence as "created_sequence: Sequence",
created_at as "created_at: DateTime"
from login
where id = $1
"#,
login,
)
.map(|row| {
Ok::<_, name::Error>(History {
login: Login {
id: row.id,
name: Name::new(row.display_name, row.canonical_name)?,
},
created: Instant::new(row.created_at, row.created_sequence),
})
})
.fetch_one(&mut *self.0)
.await??;
Ok((token, login))
}
}
#[derive(Debug, thiserror::Error)]
#[error(transparent)]
pub enum LoadError {
Database(#[from] sqlx::Error),
Name(#[from] name::Error),
}
impl<T> NotFound for Result<T, LoadError> {
type Ok = T;
type Error = LoadError;
fn optional(self) -> Result<Option<T>, LoadError> {
match self {
Ok(value) => Ok(Some(value)),
Err(LoadError::Database(sqlx::Error::RowNotFound)) => Ok(None),
Err(other) => Err(other),
}
}
}
|
