Skip to content

Commit

Permalink
block on hashing
Browse files Browse the repository at this point in the history
  • Loading branch information
jb-alvarado committed Dec 11, 2023
1 parent 15f4114 commit 4c4199c
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 38 deletions.
75 changes: 42 additions & 33 deletions ffplayout-api/src/api/routes.rs
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ use regex::Regex;
use serde::{Deserialize, Serialize};
use simplelog::*;
use sqlx::{Pool, Sqlite};
use tokio::task;

use crate::db::{
handles,
Expand Down Expand Up @@ -160,40 +161,48 @@ pub async fn login(pool: web::Data<Pool<Sqlite>>, credentials: web::Json<User>)
let conn = pool.into_inner();
match handles::select_login(&conn, &credentials.username).await {
Ok(mut user) => {
let pass = user.password.clone();
let hash = PasswordHash::new(&pass).unwrap();
user.password = "".into();
let role = handles::select_role(&conn, &user.role_id.unwrap_or_default())
.await
.unwrap_or(Role::Guest);

let res = task::spawn_blocking(move || {
let pass = user.password.clone();
let hash = PasswordHash::new(&pass).unwrap();
user.password = "".into();

if Argon2::default()
.verify_password(credentials.password.as_bytes(), &hash)
.is_ok()
{
let claims = Claims::new(user.id, user.username.clone(), role.clone());

if let Ok(token) = create_jwt(claims) {
user.token = Some(token);
};

info!("user {} login, with role: {role}", credentials.username);

web::Json(UserObj {
message: "login correct!".into(),
user: Some(user),
})
.customize()
.with_status(StatusCode::OK)
} else {
error!("Wrong password for {}!", credentials.username);

web::Json(UserObj {
message: "Wrong password!".into(),
user: None,
})
.customize()
.with_status(StatusCode::FORBIDDEN)
}
})
.await
.unwrap();

if Argon2::default()
.verify_password(credentials.password.as_bytes(), &hash)
.is_ok()
{
let role = handles::select_role(&conn, &user.role_id.unwrap_or_default())
.await
.unwrap_or(Role::Guest);
let claims = Claims::new(user.id, user.username.clone(), role.clone());

if let Ok(token) = create_jwt(claims) {
user.token = Some(token);
};

info!("user {} login, with role: {role}", credentials.username);

web::Json(UserObj {
message: "login correct!".into(),
user: Some(user),
})
.customize()
.with_status(StatusCode::OK)
} else {
error!("Wrong password for {}!", credentials.username);
web::Json(UserObj {
message: "Wrong password!".into(),
user: None,
})
.customize()
.with_status(StatusCode::FORBIDDEN)
}
res
}
Err(e) => {
error!("Login {} failed! {e}", credentials.username);
Expand Down
17 changes: 12 additions & 5 deletions ffplayout-api/src/db/handles.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ use argon2::{
use rand::{distributions::Alphanumeric, Rng};
use simplelog::*;
use sqlx::{migrate::MigrateDatabase, sqlite::SqliteQueryResult, Pool, Sqlite};
use tokio::task;

use crate::db::{
db_pool,
Expand Down Expand Up @@ -243,17 +244,23 @@ pub async fn insert_user(
conn: &Pool<Sqlite>,
user: User,
) -> Result<SqliteQueryResult, sqlx::Error> {
let salt = SaltString::generate(&mut OsRng);
let password_hash = Argon2::default()
.hash_password(user.password.clone().as_bytes(), &salt)
.unwrap();
let password_hash = task::spawn_blocking(move || {
let salt = SaltString::generate(&mut OsRng);
let hash = Argon2::default()
.hash_password(user.password.clone().as_bytes(), &salt)
.unwrap();

hash.to_string()
})
.await
.unwrap();

let query = "INSERT INTO user (mail, username, password, role_id) VALUES($1, $2, $3, $4)";

sqlx::query(query)
.bind(user.mail)
.bind(user.username)
.bind(password_hash.to_string())
.bind(password_hash)
.bind(user.role_id)
.execute(conn)
.await
Expand Down

0 comments on commit 4c4199c

Please sign in to comment.