Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
bwinf
medal
Commits
c5f3f921
Commit
c5f3f921
authored
Aug 07, 2019
by
Robert Czechowski
Browse files
Rename functions -> core, put widely use functions in helpers.rs
parent
61f612f5
Pipeline
#200
failed with stage
in 5 minutes and 56 seconds
Changes
7
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
src/
functions
.rs
→
src/
core
.rs
View file @
c5f3f921
extern
crate
bcrypt
;
use
webfw_iron
::{
json_val
,
to_json
};
use
time
;
use
rand
::{
distributions
::
Alphanumeric
,
thread_rng
,
Rng
};
use
db_conn
::
MedalConnection
;
use
db_objects
::{
Grade
,
Group
,
SessionUser
,
Submission
,
Taskgroup
}
;
use
self
::
bcrypt
::
hash
;
use
db_objects
::{
Grade
,
Group
,
Submission
,
Taskgroup
};
use
helpers
;
use
oauth_provider
::
OauthProvider
;
use
webfw_iron
::{
json_val
,
to_json
}
;
#[derive(Serialize,
Deserialize)]
pub
struct
SubTaskInfo
{
...
...
@@ -53,8 +47,6 @@ type MedalValue = (String, json_val::Map<String, json_val::Value>);
type
MedalResult
<
T
>
=
Result
<
T
,
MedalError
>
;
type
MedalValueResult
=
MedalResult
<
MedalValue
>
;
use
oauth_provider
::
OauthProvider
;
pub
fn
index
<
T
:
MedalConnection
>
(
conn
:
&
T
,
session_token
:
Option
<
String
>
,
(
self_url
,
oauth_providers
):
(
Option
<
String
>
,
Option
<
Vec
<
OauthProvider
>>
))
->
(
String
,
json_val
::
Map
<
String
,
json_val
::
Value
>
)
...
...
@@ -551,14 +543,7 @@ pub fn add_group<T: MedalConnection>(conn: &T, session_token: &str, csrf_token:
return
Err
(
MedalError
::
CsrfCheckFailed
);
}
let
group_code
:
String
=
Some
(
'g'
)
.into_iter
()
.chain
(
thread_rng
()
.sample_iter
(
&
Alphanumeric
))
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
7
)
.collect
();
let
group_code
=
helpers
::
make_group_code
();
// TODO: check for collisions
let
mut
group
=
...
...
@@ -654,14 +639,6 @@ pub fn show_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
Ok
((
"profile"
.to_string
(),
data
))
}
fn
hash_password
(
password
:
&
str
,
salt
:
&
str
)
->
Result
<
String
,
MedalError
>
{
let
password_and_salt
=
[
password
,
salt
]
.concat
()
.to_string
();
match
hash
(
password_and_salt
,
5
)
{
Ok
(
result
)
=>
Ok
(
result
),
Err
(
_
)
=>
Err
(
MedalError
::
PasswordHashingError
),
}
}
#[derive(Debug)]
pub
enum
ProfileStatus
{
NothingChanged
,
...
...
@@ -705,8 +682,8 @@ pub fn edit_profile<T: MedalConnection>(conn: &T, session_token: &str, user_id:
if
let
(
Some
(
password
),
Some
(
password_repeat
))
=
(
password
,
password_repeat
)
{
if
password
!=
""
||
password_repeat
!=
""
{
if
password
==
password_repeat
{
let
salt
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collec
t
();
let
hash
=
hash_password
(
&
password
,
&
salt
)
?
;
let
salt
=
helpers
::
make_sal
t
();
let
hash
=
helpers
::
hash_password
(
&
password
,
&
salt
)
?
;
password_and_salt
=
Some
((
hash
,
salt
));
result
=
ProfileStatus
::
PasswordChanged
;
...
...
@@ -800,7 +777,7 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData)
->
Result
<
String
,
(
String
,
json_val
::
Map
<
String
,
json_val
::
Value
>
)
>
{
match
conn
.login_foreign
(
None
,
&
user_data
.foreign_id
,
user_data
.foreign_type
,
user_data
.foreign_type
!=
UserType
::
User
,
&
user_data
.firstname
,
&
user_data
.lastname
)
{
...
...
@@ -812,17 +789,3 @@ pub fn login_oauth<T: MedalConnection>(conn: &T, user_data: ForeignUserData)
}
}
}
pub
trait
SetPassword
{
fn
set_password
(
&
mut
self
,
&
str
)
->
Option
<
()
>
;
}
impl
SetPassword
for
SessionUser
{
fn
set_password
(
&
mut
self
,
password
:
&
str
)
->
Option
<
()
>
{
let
salt
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
hash
=
hash_password
(
password
,
&
salt
)
.ok
()
?
;
self
.password
=
Some
(
hash
);
self
.salt
=
Some
(
salt
);
Some
(())
}
}
src/db_conn.rs
View file @
c5f3f921
use
db_objects
::
*
;
use
functions
;
pub
trait
MedalConnection
{
fn
dbtype
(
&
self
)
->
&
'static
str
;
...
...
@@ -19,8 +18,8 @@ pub trait MedalConnection {
fn
login
(
&
self
,
session
:
Option
<&
str
>
,
username
:
&
str
,
password
:
&
str
)
->
Result
<
String
,
()
>
;
fn
login_with_code
(
&
self
,
session
:
Option
<&
str
>
,
logincode
:
&
str
)
->
Result
<
String
,
()
>
;
fn
login_foreign
(
&
self
,
session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
foreign_type
:
functions
::
UserType
,
firstname
:
&
str
,
lastname
:
&
str
)
fn
login_foreign
(
&
self
,
session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
)
->
Result
<
String
,
()
>
;
fn
create_user_with_groupcode
(
&
self
,
session
:
Option
<&
str
>
,
groupcode
:
&
str
)
->
Result
<
String
,
()
>
;
fn
logout
(
&
self
,
session
:
&
str
);
...
...
src/db_conn_postgres.rs
View file @
c5f3f921
#![cfg(feature
=
"postgres"
)]
extern
crate
bcrypt
;
extern
crate
postgres
;
use
self
::
postgres
::
Connection
;
use
postgres
::
Connection
;
use
time
;
use
time
::
Duration
;
use
db_conn
::{
MedalConnection
,
MedalObject
};
use
db_objects
::
*
;
use
rand
::{
distributions
::
Alphanumeric
,
thread_rng
,
Rng
};
use
self
::
time
::
Duration
;
use
time
;
use
self
::
bcrypt
::
verify
;
use
functions
;
// todo: remove (usertype in db)
fn
verify_password
(
password
:
&
str
,
salt
:
&
str
,
password_hash
:
&
str
)
->
bool
{
let
password_and_salt
=
[
password
,
salt
]
.concat
()
.to_string
();
match
verify
(
password_and_salt
,
password_hash
)
{
Ok
(
result
)
=>
result
,
_
=>
false
,
}
}
use
helpers
;
trait
Queryable
{
fn
query_map_one
<
T
,
F
>
(
&
self
,
sql
:
&
str
,
params
:
&
[
&
postgres
::
types
::
ToSql
],
f
:
F
)
->
postgres
::
Result
<
Option
<
T
>>
...
...
@@ -146,7 +131,7 @@ impl MedalConnection for Connection {
.unwrap
();
}
fn
new_session
(
&
self
,
session_token
:
&
str
)
->
SessionUser
{
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"INSERT INTO session (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher)
...
...
@@ -239,15 +224,15 @@ impl MedalConnection for Connection {
(
row
.get
(
0
),
row
.get
(
1
),
row
.get
(
2
));
//password_hash ist das, was in der Datenbank steht
if
verify_password
(
&
password
,
&
salt
.expect
(
"salt from database empty"
),
&
password_hash
.expect
(
"password from database empty"
))
if
helpers
::
verify_password
(
&
password
,
&
salt
.expect
(
"salt from database empty"
),
&
password_hash
.expect
(
"password from database empty"
))
{
// TODO: fail more pleasantly
// Login okay, update session now!
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
id
])
.unwrap
();
...
...
@@ -268,8 +253,8 @@ impl MedalConnection for Connection {
// Login okay, update session now!
let
id
:
i32
=
row
.get
(
0
);
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"UPDATE session SET session_token = $1, csrf_token = $2, last_login = $3, last_activity = $3 WHERE id = $4"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
id
])
.unwrap
();
...
...
@@ -281,12 +266,12 @@ impl MedalConnection for Connection {
}
//TODO: use session
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
foreign_type
:
functions
::
UserType
,
firstname
:
&
str
,
lastname
:
&
str
)
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
)
->
Result
<
String
,
()
>
{
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
match
self
.query
(
"SELECT id FROM session WHERE oauth_foreign_id = $1"
,
&
[
&
foreign_id
])
.unwrap
()
.iter
()
.next
()
{
...
...
@@ -299,7 +284,7 @@ impl MedalConnection for Connection {
}
// Add!
_
=>
{
self
.execute
(
"INSERT INTO session (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9)"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
false
,
&
0
,
&
(
foreign_type
!=
functions
::
UserType
::
User
)
,
&
foreign_id
,
&
firstname
,
&
lastname
])
.unwrap
();
self
.execute
(
"INSERT INTO session (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES ($1, $2, $3, $3, $4, $5, $6, $7, $8, $9)"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
false
,
&
0
,
&
is_teacher
,
&
foreign_id
,
&
firstname
,
&
lastname
])
.unwrap
();
Ok
(
session_token
)
}
...
...
@@ -313,17 +298,9 @@ impl MedalConnection for Connection {
// Login okay, create session!
let
group_id
:
i32
=
row
.get
(
0
);
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
login_code
:
String
=
Some
(
'u'
)
.into_iter
()
.chain
(
thread_rng
()
.sample_iter
(
&
Alphanumeric
))
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
9
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
login_code
=
helpers
::
make_login_code
();
// todo: check for collisions
let
now
=
time
::
get_time
();
...
...
src/db_conn_sqlite.rs
View file @
c5f3f921
#![cfg(feature
=
"rusqlite"
)]
extern
crate
bcrypt
;
extern
crate
rusqlite
;
use
self
::
rusqlite
::
Connection
;
use
rusqlite
::
Connection
;
use
time
;
use
time
::
Duration
;
use
db_conn
::{
MedalConnection
,
MedalObject
};
use
db_objects
::
*
;
use
rand
::{
distributions
::
Alphanumeric
,
thread_rng
,
Rng
};
use
self
::
time
::
Duration
;
use
time
;
use
self
::
bcrypt
::
verify
;
use
functions
;
// todo: remove (usertype in db)
fn
verify_password
(
password
:
&
str
,
salt
:
&
str
,
password_hash
:
&
str
)
->
bool
{
let
password_and_salt
=
[
password
,
salt
]
.concat
()
.to_string
();
match
verify
(
password_and_salt
,
password_hash
)
{
Ok
(
result
)
=>
result
,
_
=>
false
,
}
}
use
helpers
;
trait
Queryable
{
fn
query_map_one
<
T
,
F
>
(
&
self
,
sql
:
&
str
,
params
:
&
[
&
rusqlite
::
types
::
ToSql
],
f
:
F
)
->
rusqlite
::
Result
<
Option
<
T
>>
...
...
@@ -146,7 +131,7 @@ impl MedalConnection for Connection {
.unwrap
();
}
fn
new_session
(
&
self
,
session_token
:
&
str
)
->
SessionUser
{
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"INSERT INTO session_user (session_token, csrf_token, last_activity, permanent_login, grade, is_teacher)
...
...
@@ -227,15 +212,15 @@ impl MedalConnection for Connection {
{
Ok
((
id
,
password_hash
,
salt
))
=>
{
//password_hash ist das, was in der Datenbank steht
if
verify_password
(
&
password
,
&
salt
.expect
(
"salt from database empty"
),
&
password_hash
.expect
(
"password from database empty"
))
if
helpers
::
verify_password
(
&
password
,
&
salt
.expect
(
"salt from database empty"
),
&
password_hash
.expect
(
"password from database empty"
))
{
// TODO: fail more pleasantly
// Login okay, update session now!
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_session_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
id
])
.unwrap
();
...
...
@@ -257,8 +242,8 @@ impl MedalConnection for Connection {
Ok
(
id
)
=>
{
// Login okay, update session now!
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
self
.execute
(
"UPDATE session_user SET session_token = ?1, csrf_token = ?2, last_login = ?3, last_activity = ?3 WHERE id = ?4"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
id
])
.unwrap
();
...
...
@@ -270,12 +255,12 @@ impl MedalConnection for Connection {
}
//TODO: use session
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
foreign_type
:
functions
::
UserType
,
firstname
:
&
str
,
lastname
:
&
str
)
fn
login_foreign
(
&
self
,
_session
:
Option
<&
str
>
,
foreign_id
:
&
str
,
is_teacher
:
bool
,
firstname
:
&
str
,
lastname
:
&
str
)
->
Result
<
String
,
()
>
{
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
now
=
time
::
get_time
();
match
self
.query_row
(
"SELECT id FROM session_user WHERE oauth_foreign_id = ?1"
,
&
[
&
foreign_id
],
|
row
|
->
i32
{
...
...
@@ -288,7 +273,7 @@ impl MedalConnection for Connection {
}
// Add!
_
=>
{
self
.execute
(
"INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
false
,
&
0
,
&
(
foreign_type
!=
functions
::
UserType
::
User
)
,
&
foreign_id
,
&
firstname
,
&
lastname
])
.unwrap
();
self
.execute
(
"INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
false
,
&
0
,
&
is_teacher
,
&
foreign_id
,
&
firstname
,
&
lastname
])
.unwrap
();
Ok
(
session_token
)
}
...
...
@@ -303,18 +288,9 @@ impl MedalConnection for Connection {
Ok
(
group_id
)
=>
{
// Login okay, create session_user!
let
session_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
csrf_token
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
login_code
:
String
=
Some
(
'u'
)
.into_iter
()
.chain
(
thread_rng
()
.sample_iter
(
&
Alphanumeric
))
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
9
)
.collect
();
// todo: check for collisions
let
session_token
=
helpers
::
make_session_token
();
let
csrf_token
=
helpers
::
make_csrf_token
();
let
login_code
=
helpers
::
make_login_code
();
// TODO: check for collisions
let
now
=
time
::
get_time
();
self
.execute
(
"INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, logincode, grade, is_teacher, managed_by) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8)"
,
&
[
&
session_token
,
&
csrf_token
,
&
now
,
&
false
,
&
login_code
,
&
0
,
&
false
,
&
group_id
])
.unwrap
();
...
...
src/helpers.rs
View file @
c5f3f921
use
rand
::{
thread_rng
,
Rng
}
;
extern
crate
bcrypt
;
fn
make_session_key
()
->
String
{
thread_rng
()
.gen_ascii_chars
()
.take
(
10
)
.collect
()
use
rand
::{
distributions
::
Alphanumeric
,
thread_rng
,
Rng
};
use
core
::
MedalError
;
use
db_objects
::
SessionUser
;
pub
fn
make_session_token
()
->
String
{
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
()
}
pub
fn
make_csrf_token
()
->
String
{
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
()
}
pub
fn
make_salt
()
->
String
{
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
()
}
pub
fn
make_group_code
()
->
String
{
Some
(
'g'
)
.into_iter
()
.chain
(
thread_rng
()
.sample_iter
(
&
Alphanumeric
))
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
7
)
.collect
()
}
pub
fn
make_login_code
()
->
String
{
Some
(
'u'
)
.into_iter
()
.chain
(
thread_rng
()
.sample_iter
(
&
Alphanumeric
))
.filter
(|
x
|
{
let
x
=
*
x
;
!
(
x
==
'l'
||
x
==
'I'
||
x
==
'1'
||
x
==
'O'
||
x
==
'o'
||
x
==
'0'
)
})
.take
(
9
)
.collect
()
}
pub
fn
hash_password
(
password
:
&
str
,
salt
:
&
str
)
->
Result
<
String
,
MedalError
>
{
let
password_and_salt
=
[
password
,
salt
]
.concat
()
.to_string
();
match
bcrypt
::
hash
(
password_and_salt
,
5
)
{
Ok
(
result
)
=>
Ok
(
result
),
Err
(
_
)
=>
Err
(
MedalError
::
PasswordHashingError
),
}
}
pub
fn
verify_password
(
password
:
&
str
,
salt
:
&
str
,
password_hash
:
&
str
)
->
bool
{
let
password_and_salt
=
[
password
,
salt
]
.concat
()
.to_string
();
match
bcrypt
::
verify
(
password_and_salt
,
password_hash
)
{
Ok
(
result
)
=>
result
,
_
=>
false
,
}
}
pub
trait
SetPassword
{
fn
set_password
(
&
mut
self
,
&
str
)
->
Option
<
()
>
;
}
impl
SetPassword
for
SessionUser
{
fn
set_password
(
&
mut
self
,
password
:
&
str
)
->
Option
<
()
>
{
let
salt
:
String
=
thread_rng
()
.sample_iter
(
&
Alphanumeric
)
.take
(
10
)
.collect
();
let
hash
=
hash_password
(
password
,
&
salt
)
.ok
()
?
;
self
.password
=
Some
(
hash
);
self
.salt
=
Some
(
salt
);
Some
(())
}
}
src/main.rs
View file @
c5f3f921
...
...
@@ -29,8 +29,9 @@ extern crate webbrowser;
pub
mod
config
;
pub
mod
contestreader_yaml
;
pub
mod
core
;
pub
mod
db_conn
;
pub
mod
function
s
;
pub
mod
helper
s
;
pub
mod
oauth_provider
;
mod
db_apply_migrations
;
...
...
@@ -41,7 +42,7 @@ mod webfw_iron;
use
db_conn
::{
MedalConnection
,
MedalObject
};
use
db_objects
::
*
;
use
function
s
::
SetPassword
;
// TODO: Refactor, so we don't need to take this from there!
use
helper
s
::
SetPassword
;
// TODO: Refactor, so we don't need to take this from there!
use
webfw_iron
::
start_server
;
use
config
::
Config
;
...
...
@@ -597,17 +598,17 @@ mod tests {
let
mut
resp
=
client
.get
(
"http://localhost:8085/load/1"
)
.send
()
.unwrap
();
assert_eq!
(
resp
.status
(),
StatusCode
::
OK
);
let
content
=
resp
.text
()
.unwrap
();
assert_eq!
(
content
,
"{}"
);
let
params
=
[(
"data"
,
"WrongData"
),(
"grade"
,
"1"
),(
"csrf_token"
,
"FNQU4QsEMY"
)];
let
params
=
[(
"data"
,
"WrongData"
),
(
"grade"
,
"1"
),
(
"csrf_token"
,
"FNQU4QsEMY"
)];
let
resp
=
client
.post
(
"http://localhost:8085/save/1"
)
.form
(
&
params
)
.send
()
.unwrap
();
assert_eq!
(
resp
.status
(),
StatusCode
::
FORBIDDEN
);
let
mut
resp
=
client
.get
(
"http://localhost:8085/load/1"
)
.send
()
.unwrap
();
assert_eq!
(
resp
.status
(),
StatusCode
::
OK
);
let
content
=
resp
.text
()
.unwrap
();
assert_eq!
(
content
,
"{}"
);
...
...
@@ -617,8 +618,8 @@ mod tests {
let
content
=
resp
.text
()
.unwrap
();
assert
!
(
content
.contains
(
"<a href=
\"
/task/1
\"
>☆☆☆</a></li>"
));
assert
!
(
content
.contains
(
"<a href=
\"
/task/2
\"
>☆☆☆☆</a></li>"
));
let
params
=
[(
"data"
,
"SomeData"
),(
"grade"
,
"2"
),(
"csrf_token"
,
csrf
)];
let
params
=
[(
"data"
,
"SomeData"
),
(
"grade"
,
"2"
),
(
"csrf_token"
,
csrf
)];
let
mut
resp
=
client
.post
(
"http://localhost:8085/save/1"
)
.form
(
&
params
)
.send
()
.unwrap
();
assert_eq!
(
resp
.status
(),
StatusCode
::
OK
);
...
...
@@ -627,7 +628,7 @@ mod tests {
let
mut
resp
=
client
.get
(
"http://localhost:8085/load/1"
)
.send
()
.unwrap
();
assert_eq!
(
resp
.status
(),
StatusCode
::
OK
);
let
content
=
resp
.text
()
.unwrap
();
assert_eq!
(
content
,
"SomeData"
);
...
...
src/webfw_iron.rs
View file @
c5f3f921
...
...
@@ -32,6 +32,8 @@ pub use serde_json::value as json_val;
use
config
::
Config
;
use
iron
::
typemap
::
Key
;
use
core
;
static
TASK_DIR
:
&
'static
str
=
"tasks"
;
macro_rules!
mime
{
...
...
@@ -187,40 +189,36 @@ impl<'a, 'b> RequestRouterParam for Request<'a, 'b> {
}
}
use
functions
;
struct
AugMedalError
<
'c
,
'a
:
'c
,
'b
:
'c
+
'a
>
(
functions
::
MedalError
,
&
'c
mut
Request
<
'a
,
'b
>
);
struct
AugMedalError
<
'c
,
'a
:
'c
,
'b
:
'c
+
'a
>
(
core
::
MedalError
,
&
'c
mut
Request
<
'a
,
'b
>
);
impl
<
'c
,
'a
,
'b
>
From
<
AugMedalError
<
'c
,
'a
,
'b
>>
for
IronError
{
fn
from
(
AugMedalError
(
me
,
req
):
AugMedalError
<
'c
,
'a
,
'b
>
)
->
Self
{
match
me
{
functions
::
MedalError
::
NotLoggedIn
=>
{
core
::
MedalError
::
NotLoggedIn
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Not Logged in, redirecting to login page"
.to_string
()
}),
response
:
Response
::
with
((
status
::
Found
,
RedirectRaw
(
format!
(
"/login?{}"
,
req
.url
.path
()
.join
(
"/"
)))))
}
}
functions
::
MedalError
::
AccessDenied
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Access denied"
.to_string
()
}),
response
:
Response
::
with
(
status
::
Unauthorized
)
}
}
functions
::
MedalError
::
CsrfCheckFailed
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"CSRF Error"
.to_string
()
}),
response
:
Response
::
with
(
status
::
Forbidden
)
}
}
functions
::
MedalError
::
SessionTimeout
=>
{
core
::
MedalError
::
AccessDenied
=>
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Access denied"
.to_string
()
}),
response
:
Response
::
with
(
status
::
Unauthorized
)
},
core
::
MedalError
::
CsrfCheckFailed
=>
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"CSRF Error"
.to_string
()
}),
response
:
Response
::
with
(
status
::
Forbidden
)
},
core
::
MedalError
::
SessionTimeout
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Session timed out"
.to_string
()
}),
response
:
Response
::
with
(
status
::
Forbidden
)
}
}
functions
::
MedalError
::
DatabaseError
=>
{
core
::
MedalError
::
DatabaseError
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Database Error"
.to_string
()
}),
response
:
Response
::
with
(
status
::
InternalServerError
)
}
}
functions
::
MedalError
::
PasswordHashingError
=>
{
core
::
MedalError
::
PasswordHashingError
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"Error hashing the passwords"
.to_string
()
}),
response
:
Response
::
with
(
status
::
InternalServerError
)
}
}
functions
::
MedalError
::
UnmatchedPasswords
=>
{
core
::
MedalError
::
UnmatchedPasswords
=>
{
IronError
{
error
:
Box
::
new
(
SessionError
{
message
:
"The two passwords did not match."
.to_string
()
}),
response
:
Response
::
with
(
status
::
Forbidden
)
}
...
...
@@ -232,7 +230,7 @@ impl<'c, 'a, 'b> From<AugMedalError<'c, 'a, 'b>> for IronError {
trait
RequestAugmentMedalError
<
'c
,
'a
:
'c
,
'b
:
'c
+
'a
,
R
>
{
fn
aug
(
self
,
req
:
&
'c
mut
Request
<
'a
,
'b
>
)
->
Result
<
R
,
AugMedalError
<
'c
,
'a
,
'b
>>
;
}
impl
<
'c
,
'a
:
'c
,
'b
:
'c
+
'a
,
T
>
RequestAugmentMedalError
<
'c
,
'a
,
'b
,
T
>
for
Result
<
T
,
functions
::
MedalError
>
{
impl
<
'c
,
'a
:
'c
,
'b
:
'c
+
'a
,
T
>
RequestAugmentMedalError
<
'c
,
'a
,
'b
,
T
>
for
Result
<
T
,
core
::
MedalError
>
{
fn
aug
(
self
,
req
:
&
'c
mut
Request
<
'a
,
'b
>
)
->
Result
<
T
,
AugMedalError
<
'c
,
'a
,
'b
>>
{
self
.map_err
(
move
|
me
|
AugMedalError
(
me
,
req
))
}
...
...
@@ -255,7 +253,7 @@ fn greet_personal<C>(req: &mut Request) -> IronResult<Response>
let
conn
=
mutex
.lock
()
.unwrap_or_else
(|
e
|
e
.into_inner
());
// Antwort erstellen und zurücksenden
functions
::
index
(
&*
conn
,
session_token
,
(
self_url
,
oauth_providers
))
core
::
index
(
&*
conn
,
session_token
,
(
self_url
,
oauth_providers
))
};
// Daten verarbeiten
...
...
@@ -273,7 +271,7 @@ fn debug<C>(req: &mut Request) -> IronResult<Response>
let
mutex
=
req
.get
::
<
Write
<
SharedDatabaseConnection
<
C
>>>
()
.unwrap
();
let
conn
=
mutex
.lock
()
.unwrap_or_else
(|
e
|
e
.into_inner
());
functions
::
debug
(
&*
conn
,
session_token
)
core
::
debug
(
&*
conn
,
session_token
)
};
let
mut
resp
=
Response
::
new
();
...
...
@@ -287,7 +285,7 @@ fn debug_new_token<C>(req: &mut Request) -> IronResult<Response>
println!
(
"Loggin out session {:?}"
,
session_token
);
with_conn!
[
functions
::
logout
,
C
,
req
,
session_token
];
with_conn!
[
core
::
logout
,
C
,
req
,
session_token
];
Ok
(
Response
::
with
((
status
::
Found
,
Redirect
(
url_for!
(
req
,
"debug"
)))))
}
...
...
@@ -298,7 +296,7 @@ fn debug_logout<C>(req: &mut Request) -> IronResult<Response>
println!
(
"Loggin out session {:?}"
,
session_token
);
with_conn!
[
functions
::
logout
,
C
,
req
,
session_token
];
with_conn!
[
core
::
logout
,
C
,
req
,
session_token
];
Ok
(
Response
::
with
((
status
::
Found
,
Redirect
(
url_for!
(
req
,
"debug"
)))))
}
...
...
@@ -307,14 +305,14 @@ fn debug_create_session<C>(req: &mut Request) -> IronResult<Response>
where
C
:
MedalConnection
+
std
::
marker
::
Send
+