Commit e70740c1 authored by Robert Czechowski's avatar Robert Czechowski
Browse files

Generalise OAuth login – Part II: Change database fields

parent 4648cdb3
Pipeline #112 failed with stage
in 4 minutes and 14 seconds
ALTER TABLE session_user ADD COLUMN oauth_foreign_id TEXT;
ALTER TABLE session_user ADD COLUMN oauth_provider TEXT;
UPDATE session_user SET (oauth_foreign_id, oauth_provider) = (pms_id, "pms") WHERE pms_id IS NOT NULL;
......@@ -53,7 +53,7 @@ impl MedalConnection for Connection {
// fn get_session<T: ToSql>(&self, key: T, keyname: &str) -> Option<SessionUser> {
fn get_session(&self, key: &str) -> Option<SessionUser> {
let res = self.query_row("SELECT id, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, managed_by, pms_id, pms_school_id, salt FROM session_user WHERE session_token = ?1", &[&key], |row| {
let res = self.query_row("SELECT id, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, managed_by, oauth_provider, oauth_foreign_id, salt FROM session_user WHERE session_token = ?1", &[&key], |row| {
SessionUser {
id: row.get(0),
session_token: Some(key.to_string()),
......@@ -80,8 +80,9 @@ impl MedalConnection for Connection {
is_teacher: row.get(18),
managed_by: row.get(19),
pms_id: row.get(20),
pms_school_id: row.get(21),
oauth_provider: row.get(20),
oauth_foreign_id: row.get(21),
}
});
match res {
......@@ -137,7 +138,7 @@ impl MedalConnection for Connection {
}
fn get_user_by_id(&self, user_id: u32) -> Option<SessionUser> {
let res = self.query_row("SELECT session_token, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, managed_by, pms_id, pms_school_id FROM session_user WHERE id = ?1", &[&user_id], |row| {
let res = self.query_row("SELECT session_token, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, managed_by, oauth_provider, oauth_foreign_id, salt FROM session_user WHERE id = ?1", &[&user_id], |row| {
SessionUser {
id: user_id,
session_token: row.get(0),
......@@ -148,7 +149,7 @@ impl MedalConnection for Connection {
username: row.get(5),
password: row.get(6),
salt: None,//"".to_string(),
salt: row.get(22),
logincode: row.get(7),
email: row.get(8),
email_unconfirmed: row.get(9),
......@@ -164,8 +165,9 @@ impl MedalConnection for Connection {
is_teacher: row.get(18),
managed_by: row.get(19),
pms_id: row.get(20),
pms_school_id: row.get(21),
oauth_provider: row.get(20),
oauth_foreign_id: row.get(21),
}
});
res.ok()
......@@ -252,7 +254,7 @@ impl MedalConnection for Connection {
let csrf_token: String = thread_rng().sample_iter(&Alphanumeric).take(10).collect();
let now = time::get_time();
match self.query_row("SELECT id FROM session_user WHERE pms_id = ?1", &[&foreign_id], |row| -> u32 {
match self.query_row("SELECT id FROM session_user WHERE oauth_foreign_id = ?1", &[&foreign_id], |row| -> u32 {
row.get(0)
}) {
Ok(id) => {
......@@ -262,7 +264,7 @@ impl MedalConnection for Connection {
}
// Add!
_ => {
self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, pms_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)", &[&session_token, &csrf_token, &now, &false, &0, &(foreign_type != functions::UserType::User), &foreign_id, &firstname, &lastname]).unwrap();
self.execute("INSERT INTO session_user (session_token, csrf_token, last_login, last_activity, permanent_login, grade, is_teacher, oauth_foreign_id, firstname, lastname) VALUES (?1, ?2, ?3, ?3, ?4, ?5, ?6, ?7, ?8, ?9)", &[&session_token, &csrf_token, &now, &false, &0, &(foreign_type != functions::UserType::User), &foreign_id, &firstname, &lastname]).unwrap();
Ok(session_token)
}
......@@ -653,36 +655,35 @@ impl MedalConnection for Connection {
members: Vec::new() })
.unwrap(); // TODO handle error
let mut stmt = self.prepare("SELECT id, session_token, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, pms_id, pms_school_id FROM session_user WHERE managed_by = ?1").unwrap();
let rows = stmt.query_map(&[&group_id], |row| {
SessionUser { id: row.get(0),
session_token: row.get(1),
csrf_token: row.get(2),
last_login: row.get(3),
last_activity: row.get(4),
permanent_login: row.get(5),
username: row.get(6),
password: row.get(7),
salt: None, //"".to_string(),
logincode: row.get(8),
email: row.get(9),
email_unconfirmed: row.get(10),
email_confirmationcode: row.get(11),
firstname: row.get(12),
lastname: row.get(13),
street: row.get(14),
zip: row.get(15),
city: row.get(16),
nation: row.get(17),
grade: row.get(18),
is_teacher: row.get(19),
managed_by: Some(group_id),
pms_id: row.get(20),
pms_school_id: row.get(21) }
})
let mut stmt = self.prepare("SELECT id, session_token, csrf_token, last_login, last_activity, permanent_login, username, password, logincode, email, email_unconfirmed, email_confirmationcode, firstname, lastname, street, zip, city, nation, grade, is_teacher, oauth_provider, oauth_foreign_id, salt FROM session_user WHERE managed_by = ?1").unwrap();
let rows = stmt.query_map(&[&group_id], |row| SessionUser { id: row.get(0),
session_token: row.get(1),
csrf_token: row.get(2),
last_login: row.get(3),
last_activity: row.get(4),
permanent_login: row.get(5),
username: row.get(6),
password: row.get(7),
salt: row.get(22),
logincode: row.get(8),
email: row.get(9),
email_unconfirmed: row.get(10),
email_confirmationcode: row.get(11),
firstname: row.get(12),
lastname: row.get(13),
street: row.get(14),
zip: row.get(15),
city: row.get(16),
nation: row.get(17),
grade: row.get(18),
is_teacher: row.get(19),
managed_by: Some(group_id),
oauth_provider: row.get(20),
oauth_foreign_id: row.get(21) })
.unwrap();
for user in rows {
......@@ -825,7 +826,7 @@ impl MedalObject<Connection> for Grade {
impl MedalObject<Connection> for Participation {
fn save(&mut self, conn: &Connection) {
conn.execute("INSERT INTO participation (contest, user, start_date) VALUES (?1, ?2, ?3)",
conn.execute("INSERT INTO0 participation (contest, user, start_date) VALUES (?1, ?2, ?3)",
&[&self.contest, &self.user, &self.start])
.unwrap();
}
......
......@@ -29,8 +29,13 @@ pub struct SessionUser {
pub is_teacher: bool,
pub managed_by: Option<u32>,
pub pms_id: Option<u32>,
pub pms_school_id: Option<u32>,
pub oauth_foreign_id: Option<String>,
pub oauth_provider: Option<String>,
// pub oauth_extra_data: Option<String>,
// pub pms_id: Option<u32>,
// pub pms_school_id: Option<u32>,
}
// Short version for display
......@@ -176,8 +181,14 @@ impl SessionUser {
is_teacher: false,
managed_by: None,
pms_id: None,
pms_school_id: None }
oauth_foreign_id: None,
oauth_provider: None,
// oauth_extra_data: Option<String>,
//pms_id: None,
//pms_school_id: None,
}
}
pub fn ensure_alive(self) -> Option<Self> {
......@@ -191,7 +202,7 @@ impl SessionUser {
}
pub fn ensure_logged_in(self) -> Option<Self> {
if self.password.is_some() || self.logincode.is_some() || self.pms_id.is_some() {
if self.password.is_some() || self.logincode.is_some() || self.oauth_foreign_id.is_some() {
self.ensure_alive()
} else {
None
......
......@@ -71,7 +71,7 @@ pub fn index<T: MedalConnection>(conn: &T, session_token: Option<String>,
}
}
let mut oauth_links : Vec<(String, String, String)> = Vec::new();
let mut oauth_links: Vec<(String, String, String)> = Vec::new();
if let Some(oauth_providers) = oauth_providers {
println!("tblub");
for oauth_provider in oauth_providers {
......
#[derive(Serialize, Deserialize, Clone, Default, Debug)]
pub struct OauthProvider {
pub provider_id: String,
......
......@@ -91,7 +91,6 @@ impl CookieDistributor {
impl AroundMiddleware for CookieDistributor {
fn around(self, handler: Box<Handler>) -> Box<Handler> {
use rand::{distributions::Alphanumeric, thread_rng, Rng};
Box::new(move |req: &mut Request| -> IronResult<Response> {
......@@ -176,7 +175,7 @@ impl<'a, 'b> RequestRouterParam for Request<'a, 'b> {
response: Response::with(status::Forbidden) }),
}
}
fn expect_str(self: &mut Self, key: &str) -> IronResult<String> {
match self.get_str(key) {
Some(s) => Ok(s),
......@@ -310,7 +309,8 @@ fn contest_post(req: &mut Request) -> IronResult<Response> {
}
fn login(req: &mut Request) -> IronResult<Response> {
let (self_url, oauth_providers) = {
// TODO: Use OAuth providers
let (self_url, _oauth_providers) = {
let mutex = req.get::<Write<SharedConfiguration>>().unwrap();
let config = mutex.lock().unwrap_or_else(|e| e.into_inner());
......@@ -320,7 +320,7 @@ fn login(req: &mut Request) -> IronResult<Response> {
let mut data = json_val::Map::new();
data.insert("self_url".to_string(), to_json(&self_url));
// TODO: Generate list of links as in greet_personal
// data.insert("oauth_url".to_string(), to_json(&oauth_url));
// data.insert("oauth_url".to_string(), to_json(&oauth_url));
let mut resp = Response::new();
resp.set_mut(Template::new("login", data)).set_mut(status::Ok);
......@@ -601,21 +601,20 @@ fn oauth(req: &mut Request) -> IronResult<Response> {
use reqwest::header;
let oauth_id = req.expect_str("oauthid")?;
let (client_id, client_secret, access_token_url, user_data_url) = {
let mutex = req.get::<Write<SharedConfiguration>>().unwrap();
let config = mutex.lock().unwrap_or_else(|e| e.into_inner());
let mut result: Option<(String, String, String, String)> = None;
if let Some(ref oauth_providers) = config.oauth_providers {
for oauth_provider in oauth_providers {
if oauth_provider.provider_id == oauth_id {
result = Some(
(oauth_provider.client_id.clone(),
oauth_provider.client_secret.clone(),
oauth_provider.access_token_url.clone(),
oauth_provider.user_data_url.clone()));
result = Some((oauth_provider.client_id.clone(),
oauth_provider.client_secret.clone(),
oauth_provider.access_token_url.clone(),
oauth_provider.user_data_url.clone()));
break;
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment