phil/ezidam
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: phil:master
Branches Tags
phil:master
phil:nix-ci
phil:rocket-05
phil:nix
phil:rocket05-rc4
phil:i18n
...
pull from: phil:rocket-05
Branches Tags
phil:nix-ci
phil:rocket-05
phil:nix
phil:rocket05-rc4
phil:master
phil:i18n
Sign in to create a new pull request.

12 commits
master ... rocket-05

Author SHA1 Message Date
Philippe Loctaux
311fbb2170 crate updates 2023-11-20 23:19:01 +01:00
Philippe Loctaux
3aa1e9546d rocket 0.5.0, rocket_cors 0.6.0 2023-11-20 23:00:59 +01:00
Philippe Loctaux
580c212e7d nix: wrapper to launch ezidam with env variables 2023-11-20 22:31:38 +01:00
Philippe Loctaux
3b9f4792dc nix: copy assets in docker, need to finish env 2023-11-17 22:33:50 +01:00
Philippe Loctaux
89e0432b7a ezidam: config via env variables 2023-11-17 22:32:46 +01:00
Philippe Loctaux
c1b8fd3c89 update to final release of rocket_cors 0.6.0-alpha3 2023-11-17 11:24:00 +01:00
Philippe Loctaux
cfd71d2dec nix: build on macos 2023-11-17 11:23:50 +01:00
Philippe Loctaux
8917287633 nix: build, clippy, docker image WIP 2023-11-17 01:16:26 +01:00
Philippe Loctaux
f85aa12eef clippy 2023-11-15 21:11:49 +01:00
Philippe Loctaux
b4271853a9 rocket v0.5-rc4 with some adjustements: 
- all db access are done with transactions
- Forwards in Outcomes return a status
 2023-11-15 21:01:22 +01:00
Philippe Loctaux
2ae345800c temporary patch to rocket_cors until new release 2023-11-15 20:11:27 +01:00
Philippe Loctaux
e6d3329f6f sqlx v0.7.x 2023-11-15 20:10:40 +01:00
108 changed files with 3901 additions and 3327 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -9,3 +9,6 @@
# os
.DS_Store
# nix docker
/result

1933
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

2
Cargo.toml
View file

@ -8,7 +8,7 @@ members = [
[workspace.dependencies]
thiserror = "1"
chrono = "0.4"
sqlx = "0.6"
sqlx = "0.7"
url = "2.3"
serde = "1"
serde_json = "1"

12
crates/database/.sqlx/query-06cfa74715f3725e99e63aa206f1be5d26cb26924d53dc5a68ee4ea48d6bbbfd.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset business_logo = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "06cfa74715f3725e99e63aa206f1be5d26cb26924d53dc5a68ee4ea48d6bbbfd"
}

12
crates/database/.sqlx/query-0b60c7829e95dde4145b7f207b64df7006c1fde2faaca0f7952a009d6cda90a3.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset business_name = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "0b60c7829e95dde4145b7f207b64df7006c1fde2faaca0f7952a009d6cda90a3"
}

62
crates/database/.sqlx/query-13c26aaf556d259535afb95f5c53b4c594f373084c73000bc7865a280df74fdd.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere is_archived is 0\norder by created_at desc",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "13c26aaf556d259535afb95f5c53b4c594f373084c73000bc7865a280df74fdd"
}

12
crates/database/.sqlx/query-184d704e75f00513082dd2c6cc3ae5c3f58b57b222ba4333216b5c50c3c58c71.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset label = ?,\n redirect_uri = ?,\n is_confidential = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "184d704e75f00513082dd2c6cc3ae5c3f58b57b222ba4333216b5c50c3c58c71"
}

12
crates/database/.sqlx/query-1e2edc8cf28832344dbfa0878ac01361b6f97c552d6af8477da12cddb03d4865.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset secret = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "1e2edc8cf28832344dbfa0878ac01361b6f97c552d6af8477da12cddb03d4865"
}

12
crates/database/.sqlx/query-2d562e7b19d7d8303a0e79d143d25fd68743ae30d1ec0b0ca5c7dfc367fdf357.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset is_archived = 1\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "2d562e7b19d7d8303a0e79d143d25fd68743ae30d1ec0b0ca5c7dfc367fdf357"
}

12
crates/database/.sqlx/query-2ee77458d93ae79d957e03e6ca50c1bf690f40b6cc6ec5f008eb0e928f376659.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update roles\n\nset is_archived = ?\n\nwhere name is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "2ee77458d93ae79d957e03e6ca50c1bf690f40b6cc6ec5f008eb0e928f376659"
}

12
crates/database/.sqlx/query-32d35bdd1f4cf64ce0ff7beb7a11591e0f35eab7211692bcde8230c68e4cedf3.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset password_recover = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "32d35bdd1f4cf64ce0ff7beb7a11591e0f35eab7211692bcde8230c68e4cedf3"
}

98
crates/database/.sqlx/query-37000307a757b4912ca300c346b5bd8ee5d50331d94abeee076ae4db46215a56.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere email is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "37000307a757b4912ca300c346b5bd8ee5d50331d94abeee076ae4db46215a56"
}

62
crates/database/.sqlx/query-37681902a5f5d87492812a525a6488e75d20c1c436a3ba2c5aa3f54da62fe861.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select\n -- info\n token,\n ip_address,\n user,\n app,\n\n -- timings\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\"\nfrom refresh_tokens\n\nwhere token is (?)",
"describe": {
"columns": [
{
"name": "token",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "ip_address",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 7,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
true,
true
]
},
"hash": "37681902a5f5d87492812a525a6488e75d20c1c436a3ba2c5aa3f54da62fe861"
}

12
crates/database/.sqlx/query-3c8e31ffa5cbfd4dded8a272777cb320fb51fd2e53ed25054d24e9801df0c358.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "3c8e31ffa5cbfd4dded8a272777cb320fb51fd2e53ed25054d24e9801df0c358"
}

12
crates/database/.sqlx/query-44cc12d7659e618fcb44a82697d60da940bdab3c87690ee42569ae3da1a8e791.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into roles (name, label)\nvalues (?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "44cc12d7659e618fcb44a82697d60da940bdab3c87690ee42569ae3da1a8e791"
}

32
crates/database/.sqlx/query-46caa546db24d2c1e8192f9e699202be5129c74a5569b2dc7bf95761fe09a6a3.json generated Normal file
View file

@ -0,0 +1,32 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere role is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false
]
},
"hash": "46caa546db24d2c1e8192f9e699202be5129c74a5569b2dc7bf95761fe09a6a3"
}

12
crates/database/.sqlx/query-520fe30e21f6b6c4d9a47c457675eebd144cf020e9230d154e9e4d0c8d6e01ca.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into users (id, is_admin, username, password)\nvalues (?, ?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "520fe30e21f6b6c4d9a47c457675eebd144cf020e9230d154e9e4d0c8d6e01ca"
}

12
crates/database/.sqlx/query-52c16bb0e76dd1726d151b69d1ba3b89948ee6ac5116e442faef8512c1a615c0.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset is_archived = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "52c16bb0e76dd1726d151b69d1ba3b89948ee6ac5116e442faef8512c1a615c0"
}

12
crates/database/.sqlx/query-545f19b0373c7ffe16864eb242c15a0092355e120c5cbe006c877afdfc4a4e8c.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset username = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "545f19b0373c7ffe16864eb242c15a0092355e120c5cbe006c877afdfc4a4e8c"
}

98
crates/database/.sqlx/query-5567f75b47f739e85da3469bec0202be315c42dfc820d3c37bba498b1b783811.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere username is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "5567f75b47f739e85da3469bec0202be315c42dfc820d3c37bba498b1b783811"
}

44
crates/database/.sqlx/query-56a9c0dff010858189a95087d014c7d0ce930da5d841b9d788a9c0e84b580bc6.json generated Normal file
View file

@ -0,0 +1,44 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "56a9c0dff010858189a95087d014c7d0ce930da5d841b9d788a9c0e84b580bc6"
}

12
crates/database/.sqlx/query-58e0626629a768c33783bbc926c3d1477ad7e4e983b61ede013e5b066940eb5c.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset timezone = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "58e0626629a768c33783bbc926c3d1477ad7e4e983b61ede013e5b066940eb5c"
}

12
crates/database/.sqlx/query-5a365b761ada7d5f67e5ad3ff9a1a89d96383e28b15186576f90ff59f309196c.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update totp_login_requests\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and used_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "5a365b761ada7d5f67e5ad3ff9a1a89d96383e28b15186576f90ff59f309196c"
}

38
crates/database/.sqlx/query-5e148a43d9f64c73296b2b70deef07d2c863a93fff693aec1b47378c44bf77de.json generated Normal file
View file

@ -0,0 +1,38 @@
{
"db_name": "SQLite",
"query": "select name,\n label,\n created_at as \"created_at: DateTime<Utc>\",\n is_archived as \"is_archived: bool\"\nfrom roles\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 3,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false
]
},
"hash": "5e148a43d9f64c73296b2b70deef07d2c863a93fff693aec1b47378c44bf77de"
}

44
crates/database/.sqlx/query-5f946348ad62389fab3c97a1563d1592cbc5180abbba6d5abd44326bf0862669.json generated Normal file
View file

@ -0,0 +1,44 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\nwhere revoked_at is not null\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "5f946348ad62389fab3c97a1563d1592cbc5180abbba6d5abd44326bf0862669"
}

12
crates/database/.sqlx/query-62c75412f673f6a293b0d188d79c50676ec21cf94e2e50e18f9279c91e6b85c8.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert or ignore into settings(id)\nvalues (0);",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "62c75412f673f6a293b0d188d79c50676ec21cf94e2e50e18f9279c91e6b85c8"
}

12
crates/database/.sqlx/query-645f583812c4d71570d1e84b866e85c5a012d71cd745494049a8d9bebab3ed61.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update totp_login_requests\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "645f583812c4d71570d1e84b866e85c5a012d71cd745494049a8d9bebab3ed61"
}

12
crates/database/.sqlx/query-657fdc2b228b14a6aba717e5083daf48204274ab62d73ec8968bcd0c7568b157.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "vacuum",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "657fdc2b228b14a6aba717e5083daf48204274ab62d73ec8968bcd0c7568b157"
}

12
crates/database/.sqlx/query-68cfa3d135eb4cdbdbcb3b943518b4ac09c371af689c444eb439a37f91ecf7a5.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset paper_key = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "68cfa3d135eb4cdbdbcb3b943518b4ac09c371af689c444eb439a37f91ecf7a5"
}

12
crates/database/.sqlx/query-693c8c3de266cb3a8fc98bdea8e3b87de0dcb78316628d48f0e6efc0f8103040.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update roles\n\nset label = ?\n\nwhere name is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "693c8c3de266cb3a8fc98bdea8e3b87de0dcb78316628d48f0e6efc0f8103040"
}

12
crates/database/.sqlx/query-6fa3c48b9e93fb9ec6807f7547a8f999fc55a6fb8ad4abe7af89ec52e0d10a0e.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "delete\nfrom permissions\n\nwhere user is ?\n and role is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "6fa3c48b9e93fb9ec6807f7547a8f999fc55a6fb8ad4abe7af89ec52e0d10a0e"
}

12
crates/database/.sqlx/query-6ff12f357d884a50035d708577a7f3109a07a1ca193cb3082d13687af65c6de0.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset is_admin = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "6ff12f357d884a50035d708577a7f3109a07a1ca193cb3082d13687af65c6de0"
}

98
crates/database/.sqlx/query-71c74369dc5d374d8ec5aa347b5f599728b74e545df3e986e3e7e66882f73ba0.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere id is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "71c74369dc5d374d8ec5aa347b5f599728b74e545df3e986e3e7e66882f73ba0"
}

32
crates/database/.sqlx/query-73bdbde04fca37f2411e7a9e1b6dbccc0dd4d12ebcb933024d9867f07bba3eb8.json generated Normal file
View file

@ -0,0 +1,32 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n and role is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 2
},
"nullable": [
false,
false,
false
]
},
"hash": "73bdbde04fca37f2411e7a9e1b6dbccc0dd4d12ebcb933024d9867f07bba3eb8"
}

12
crates/database/.sqlx/query-7b7f2430b2a719b3d5ce504c0a9302731b3ff82da99ba7771c2728d88aee642a.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update keys\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere revoked_at is null\n and id is not (?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "7b7f2430b2a719b3d5ce504c0a9302731b3ff82da99ba7771c2728d88aee642a"
}

12
crates/database/.sqlx/query-7f26b73408318040f94fb6574d5cc25482cef1a57ba4c467fa0bc0fdf25bf39c.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update authorization_codes\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere code is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "7f26b73408318040f94fb6574d5cc25482cef1a57ba4c467fa0bc0fdf25bf39c"
}

12
crates/database/.sqlx/query-87906834faa6f185aee0e4d893b9754908b1c173e9dce383663d723891a89cd1.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset url = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "87906834faa6f185aee0e4d893b9754908b1c173e9dce383663d723891a89cd1"
}

12
crates/database/.sqlx/query-8c131e1f73ffa01fc3e5e08071a786b85f23b9638d1c7eaa7b633c052703c911.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset name = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "8c131e1f73ffa01fc3e5e08071a786b85f23b9638d1c7eaa7b633c052703c911"
}

32
crates/database/.sqlx/query-8c37375b0694df02b7f1b6678e4e2c3ffbc590c0f305ff5a8f44350fba3eaec7.json generated Normal file
View file

@ -0,0 +1,32 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false
]
},
"hash": "8c37375b0694df02b7f1b6678e4e2c3ffbc590c0f305ff5a8f44350fba3eaec7"
}

12
crates/database/.sqlx/query-93b15a942a6c7db595990f00e14fde26d6d36b8c8de9935179d41f6c7c755978.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere app is ?\n and revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "93b15a942a6c7db595990f00e14fde26d6d36b8c8de9935179d41f6c7c755978"
}

12
crates/database/.sqlx/query-9784afe2dcff4db86908175d4e3145baf72b3361f43e4127350a14a183ef63f7.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset password = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "9784afe2dcff4db86908175d4e3145baf72b3361f43e4127350a14a183ef63f7"
}

98
crates/database/.sqlx/query-979c7ba41dac5ea5593fc169ea95b68d2311c5ae05c1e18db43424c8ed2f2e4e.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "979c7ba41dac5ea5593fc169ea95b68d2311c5ae05c1e18db43424c8ed2f2e4e"
}

38
crates/database/.sqlx/query-9a3aef02e55fc436e9c09c1ee6d29477c2746765f6e7d5679058ec6525ee7253.json generated Normal file
View file

@ -0,0 +1,38 @@
{
"db_name": "SQLite",
"query": "select name,\n label,\n created_at as \"created_at: DateTime<Utc>\",\n is_archived as \"is_archived: bool\"\nfrom roles\n\nwhere name is (?)\n",
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 3,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false
]
},
"hash": "9a3aef02e55fc436e9c09c1ee6d29477c2746765f6e7d5679058ec6525ee7253"
}

98
crates/database/.sqlx/query-9dc379b0f3a3c944a33ef01dc40489b29b2a61b9f73f6ca4b5df7e9fb9bccf90.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join settings s on u.id = s.first_admin\n\nwhere u.is_admin is 1\n and u.is_archived is 0\n and u.id is s.first_admin\n\nlimit 1",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "9dc379b0f3a3c944a33ef01dc40489b29b2a61b9f73f6ca4b5df7e9fb9bccf90"
}

12
crates/database/.sqlx/query-9f1885c4786f73335b4d614f562bb7cad49c91bfe7f084d8c25c6c571673ab90.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "9f1885c4786f73335b4d614f562bb7cad49c91bfe7f084d8c25c6c571673ab90"
}

44
crates/database/.sqlx/query-a0dd1ddcc7d58fad78ed6c5027a9559428be9d0d59df6409ca9ec7cd728f6001.json generated Normal file
View file

@ -0,0 +1,44 @@
{
"db_name": "SQLite",
"query": "select\n -- info\n token,\n user,\n\n -- timings\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom totp_login_requests\n\nwhere token is (?)",
"describe": {
"columns": [
{
"name": "token",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
true
]
},
"hash": "a0dd1ddcc7d58fad78ed6c5027a9559428be9d0d59df6409ca9ec7cd728f6001"
}

12
crates/database/.sqlx/query-a2bf546b2cf6a53a3a127c08fbb7f3dfcf0fe7a30364b1fb57c3e6b757093578.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into totp_login_requests (token, user, expires_at)\nvalues (?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "a2bf546b2cf6a53a3a127c08fbb7f3dfcf0fe7a30364b1fb57c3e6b757093578"
}

12
crates/database/.sqlx/query-a55b17a3a70e6445517f19536220f0dafc78a0e8b69221dee4715f84841839da.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into authorization_codes (code, app, user, expires_at)\nvalues (?, ?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "a55b17a3a70e6445517f19536220f0dafc78a0e8b69221dee4715f84841839da"
}

32
crates/database/.sqlx/query-a9e910eedc27c495262571520627363290640b3af7d177a024cad06220a770f0.json generated Normal file
View file

@ -0,0 +1,32 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false
]
},
"hash": "a9e910eedc27c495262571520627363290640b3af7d177a024cad06220a770f0"
}

12
crates/database/.sqlx/query-aae93a39c5a9f46235b5ef871b45ba76d7efa1677bfe8291a62b8cbf9cd9e0d5.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset first_admin = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "aae93a39c5a9f46235b5ef871b45ba76d7efa1677bfe8291a62b8cbf9cd9e0d5"
}

56
crates/database/.sqlx/query-adcbc32e2c284b59eefb79fd2ff33d4ff1c2e250b2d103d8500fae203fb18a6d.json generated Normal file
View file

@ -0,0 +1,56 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n business_name,\n business_logo,\n url,\n first_admin\n\nfrom settings\n\nwhere id is 0\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "business_name",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "business_logo",
"ordinal": 4,
"type_info": "Blob"
},
{
"name": "url",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "first_admin",
"ordinal": 6,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
true,
true,
true,
true
]
},
"hash": "adcbc32e2c284b59eefb79fd2ff33d4ff1c2e250b2d103d8500fae203fb18a6d"
}

12
crates/database/.sqlx/query-afc08ba1fd47656c7d987e3817941004f988e683d28df2f533ff6272bc71b356.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset totp_secret = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "afc08ba1fd47656c7d987e3817941004f988e683d28df2f533ff6272bc71b356"
}

12
crates/database/.sqlx/query-b3936ae237f02cc048ca084372f7975921c79aef8fcd6d15a4d63c10f2377d24.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into refresh_tokens (token, ip_address, user, app, expires_at)\nvalues (?, ?, ?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "b3936ae237f02cc048ca084372f7975921c79aef8fcd6d15a4d63c10f2377d24"
}

12
crates/database/.sqlx/query-baaae9952348da17e2f4d099c6903c50bc90daed80ee2df1fd0dc1d9d2c67b26.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset totp_backup = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "baaae9952348da17e2f4d099c6903c50bc90daed80ee2df1fd0dc1d9d2c67b26"
}

12
crates/database/.sqlx/query-c00e5fce25caebdeeb24db20880e6c2210f583cddb0d478075f78124258712dd.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "c00e5fce25caebdeeb24db20880e6c2210f583cddb0d478075f78124258712dd"
}

12
crates/database/.sqlx/query-c28c88869239edc02c073f461645eca82d816650fabe65464e2059d5908d8a28.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update users\n\nset email = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "c28c88869239edc02c073f461645eca82d816650fabe65464e2059d5908d8a28"
}

50
crates/database/.sqlx/query-c3dcd38a2d4ff391aed4a2ac3f393646319950334494ecb5fa7effe9806d07ab.json generated Normal file
View file

@ -0,0 +1,50 @@
{
"db_name": "SQLite",
"query": "select code,\n app,\n user,\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom authorization_codes\n",
"describe": {
"columns": [
{
"name": "code",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true
]
},
"hash": "c3dcd38a2d4ff391aed4a2ac3f393646319950334494ecb5fa7effe9806d07ab"
}

12
crates/database/.sqlx/query-c6157ec3928527ec0ac5f493a5a91faff7e3668204a179e827a87d6279a02c40.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "c6157ec3928527ec0ac5f493a5a91faff7e3668204a179e827a87d6279a02c40"
}

12
crates/database/.sqlx/query-c724c273f9d99bde48c29d7a0e65198a1ddd775cd1bda10f6e4a8acfbca64b72.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into permissions(user, role)\nvalues (?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "c724c273f9d99bde48c29d7a0e65198a1ddd775cd1bda10f6e4a8acfbca64b72"
}

98
crates/database/.sqlx/query-ca7d100a9440fb7854a27f9aafd91ce94d1df9fa1ccd65b549be92d16741f9d2.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join refresh_tokens rt on u.id = rt.user\n\nwhere rt.token is ?\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "ca7d100a9440fb7854a27f9aafd91ce94d1df9fa1ccd65b549be92d16741f9d2"
}

98
crates/database/.sqlx/query-cf12bd3112b2047f263118649ba89800509d94f3a858be99fb7ce8c8bc05d8b7.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere password_recover is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "cf12bd3112b2047f263118649ba89800509d94f3a858be99fb7ce8c8bc05d8b7"
}

50
crates/database/.sqlx/query-cf624c4e122477228e3bab09f7cd0dedf4776f73e7a86f19e06772a0adf83406.json generated Normal file
View file

@ -0,0 +1,50 @@
{
"db_name": "SQLite",
"query": "select code,\n app,\n user,\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom authorization_codes\n\nwhere code is (?)\n",
"describe": {
"columns": [
{
"name": "code",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true
]
},
"hash": "cf624c4e122477228e3bab09f7cd0dedf4776f73e7a86f19e06772a0adf83406"
}

44
crates/database/.sqlx/query-d166553746afb2d3eaa1ddcb9986b7b9723258f4051bce8287038e3dd1ac928a.json generated Normal file
View file

@ -0,0 +1,44 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\nwhere revoked_at is null\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "d166553746afb2d3eaa1ddcb9986b7b9723258f4051bce8287038e3dd1ac928a"
}

98
crates/database/.sqlx/query-d6d3a401f5563ce339099ccbdedec1ac248865810cafafd5d78d6cc3f74d5237.json generated Normal file
View file

@ -0,0 +1,98 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join authorization_codes ac on u.id = ac.user\n\nwhere ac.code is ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "d6d3a401f5563ce339099ccbdedec1ac248865810cafafd5d78d6cc3f74d5237"
}

62
crates/database/.sqlx/query-d8517e5faa5292da25d21a85fcb2f676dce0f67275466566d5bbedf0f4b7f4f5.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere is_archived is 1\norder by created_at desc",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "d8517e5faa5292da25d21a85fcb2f676dce0f67275466566d5bbedf0f4b7f4f5"
}

62
crates/database/.sqlx/query-e22ba816faac0c17ca9f2c31fd1b4a5f13a09cece9ec78e0b6e018950c91facb.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere id is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "e22ba816faac0c17ca9f2c31fd1b4a5f13a09cece9ec78e0b6e018950c91facb"
}

20
crates/database/.sqlx/query-e977ca16c7bd7ec4125725ff5e42d3c547634e2b608d6be91814bce657e07b65.json generated Normal file
View file

@ -0,0 +1,20 @@
{
"db_name": "SQLite",
"query": "select page_count * page_size\nFROM pragma_page_count(), pragma_page_size();",
"describe": {
"columns": [
{
"name": "page_count * page_size",
"ordinal": 0,
"type_info": "Int"
}
],
"parameters": {
"Right": 0
},
"nullable": [
null
]
},
"hash": "e977ca16c7bd7ec4125725ff5e42d3c547634e2b608d6be91814bce657e07b65"
}

62
crates/database/.sqlx/query-eaf0744f65a1de803fa8cc21b67bad4bdf22760d431265cf97b911e6456b2fd8.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select a.id,\n a.created_at as \"created_at: DateTime<Utc>\",\n a.updated_at as \"updated_at: DateTime<Utc>\",\n a.label,\n a.redirect_uri,\n a.secret,\n a.is_confidential as \"is_confidential: bool\",\n a.is_archived as \"is_archived: bool\"\nfrom apps a\n\n inner join authorization_codes ac on a.id = ac.app\n\nwhere ac.code is ?\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "eaf0744f65a1de803fa8cc21b67bad4bdf22760d431265cf97b911e6456b2fd8"
}

62
crates/database/.sqlx/query-eb1a0153c88b0b2744ed1b71df04a91a129a0173fbbc3e2536f52d41e8dc99c4.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere id is (?)\n and redirect_uri is (?)\n and is_archived is 0\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 2
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "eb1a0153c88b0b2744ed1b71df04a91a129a0173fbbc3e2536f52d41e8dc99c4"
}

12
crates/database/.sqlx/query-ebe28f418d28303b2efe1fe192a63538d29d75c57b67d5eac1ac4ceaa1472a5c.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "update authorization_codes\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and used_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "ebe28f418d28303b2efe1fe192a63538d29d75c57b67d5eac1ac4ceaa1472a5c"
}

12
crates/database/.sqlx/query-ed27954feb3e21b5c519ccd0312526e68fb3d88a1feb28bdafb414e990da55e8.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into apps (id, label, redirect_uri, secret, is_confidential)\nvalues (?, ?, ?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "ed27954feb3e21b5c519ccd0312526e68fb3d88a1feb28bdafb414e990da55e8"
}

12
crates/database/.sqlx/query-f705411720bd037562f7e3622832262ac4c0a8fc0921fbd934d2b98146d3f413.json generated Normal file
View file

@ -0,0 +1,12 @@
{
"db_name": "SQLite",
"query": "insert into keys (id, private_der, public_der)\nvalues (?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "f705411720bd037562f7e3622832262ac4c0a8fc0921fbd934d2b98146d3f413"
}

62
crates/database/.sqlx/query-fb35faa6eb7349f783d0053509225216693532c7233a3bf61674b64c2fb3dad7.json generated Normal file
View file

@ -0,0 +1,62 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "fb35faa6eb7349f783d0053509225216693532c7233a3bf61674b64c2fb3dad7"
}

2
crates/database/Cargo.toml
View file

@ -8,4 +8,4 @@ thiserror = { workspace = true }
[dependencies.sqlx]
workspace = true
features = ["sqlite", "macros", "migrate", "chrono", "offline", "runtime-tokio-rustls"]
features = ["sqlite", "macros", "migrate", "chrono", "runtime-tokio-rustls"]

2129
crates/database/sqlx-data.json
View file

File diff suppressed because it is too large Load diff

2
crates/email/src/lib.rs
View file

@ -3,7 +3,7 @@ use lettre::transport::smtp::authentication::Credentials;
use lettre::transport::smtp::response::Response;
use lettre::{AsyncSmtpTransport, AsyncTransport, Message, Tokio1Executor};
use mrml::mjml::Mjml;
use mrml::prelude::parse::Error as MjmlParserError;
use mrml::prelude::parser::Error as MjmlParserError;
use mrml::prelude::render::{Error as MjmlRenderError, Options};
use serde::{Deserialize, Serialize};
use tera::{Context, Tera};

18
crates/ezidam/Cargo.toml
View file

@ -4,19 +4,19 @@ version = "0.1.0"
edition = "2021"
[dependencies]
rocket = { version = "=0.5.0-rc.3", features = ["json"] }
rocket_db_pools = { version = "=0.1.0-rc.3", features = ["sqlx_sqlite"] }
rocket_dyn_templates = { version = "=0.1.0-rc.3", features = ["tera"] }
infer = { version = "0.13", default-features = false }
rocket = { version = "0.5.0", features = ["json"] }
rocket_db_pools = { version = "0.1.0", features = ["sqlx_sqlite"] }
rocket_dyn_templates = { version = "0.1.0", features = ["tera"] }
infer = { version = "0.15", default-features = false }
erased-serde = "0.3"
url = { workspace = true }
futures = "0.3"
base64 = "0.21.0"
rocket_cors = "0.6.0-alpha2"
base64 = "0.21"
rocket_cors = "0.6"
email_address = { workspace = true }
chrono-tz = "0.8.2"
chrono-humanize = "0.2.2"
minify-html = "0.10.8"
chrono-tz = "0.8"
chrono-humanize = "0.2"
minify-html = "0.11"
# local crates
database_pool = { path = "../database_pool" }

10
crates/ezidam/src/guards/access_token.rs
View file

@ -35,7 +35,7 @@ impl AccessToken {
},
Err(e) => match e {
Outcome::Success(s) => Ok(Some(Self(s))),
Outcome::Failure(e) => Err(BearerAuthError::Jwt(e.1)),
Outcome::Error(e) => Err(BearerAuthError::Jwt(e.1)),
Outcome::Forward(_) => Ok(None),
},
}
@ -50,15 +50,15 @@ impl<'r> FromRequest<'r> for AccessToken {
let keys: Vec<_> = request.headers().get("Authorization").collect();
match keys.len() {
0 => Outcome::Forward(()),
0 => Outcome::Forward(Status::Unauthorized),
1 => match AccessToken::from_bearer(keys[0], request).await {
Ok(access_token) => match access_token {
Some(access_token) => Outcome::Success(access_token),
None => Outcome::Forward(()),
None => Outcome::Forward(Status::Unauthorized),
},
Err(e) => Outcome::Failure((Status::Unauthorized, e)),
Err(e) => Outcome::Error((Status::Unauthorized, e)),
},
_ => Outcome::Failure((Status::BadRequest, BearerAuthError::BadCount)),
_ => Outcome::Error((Status::BadRequest, BearerAuthError::BadCount)),
}
}
}

6
crates/ezidam/src/guards/basic_auth.rs
View file

@ -56,12 +56,12 @@ impl<'r> FromRequest<'r> for BasicAuth {
let keys: Vec<_> = request.headers().get("Authorization").collect();
match keys.len() {
0 => Outcome::Forward(()),
0 => Outcome::Forward(Status::BadRequest),
1 => match BasicAuth::from_base64(keys[0]) {
Ok(auth_header) => Outcome::Success(auth_header),
Err(e) => Outcome::Failure((Status::BadRequest, e)),
Err(e) => Outcome::Error((Status::BadRequest, e)),
},
_ => Outcome::Failure((Status::BadRequest, BasicAuthError::BadCount)),
_ => Outcome::Error((Status::BadRequest, BasicAuthError::BadCount)),
}
}
}

6
crates/ezidam/src/guards/completed_setup.rs
View file

@ -19,16 +19,16 @@ impl<'r> FromRequest<'r> for CompletedSetup {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database,
Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f),
};
match User::get_initial_admin(&**db).await {
Ok(initial_admin) => match initial_admin {
Some(_) => Outcome::Success(CompletedSetup),
None => Outcome::Forward(()),
None => Outcome::Forward(Status::PermanentRedirect),
},
Err(e) => Outcome::Failure((Status::InternalServerError, Error::Request(e))),
Err(e) => Outcome::Error((Status::InternalServerError, Error::Request(e))),
}
}
}

98
crates/ezidam/src/guards/jwt.rs
View file

@ -16,6 +16,7 @@ use rocket::time::Duration;
use rocket::tokio::task;
use rocket::Request;
use settings::Settings;
use std::ops::DerefMut;
use users::User;
mod admin;
@ -78,14 +79,14 @@ pub async fn validate_jwt<T>(
// Get database
let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database,
Outcome::Failure(e) => return Err(Outcome::Failure((e.0, Error::GetDatabase))),
Outcome::Error(e) => return Err(Outcome::Error((e.0, Error::GetDatabase))),
Outcome::Forward(f) => return Err(Outcome::Forward(f)),
};
let mut transaction = match db.begin().await {
Ok(transaction) => transaction,
Err(_e) => {
return Err(Outcome::Failure((
return Err(Outcome::Error((
Status::InternalServerError,
Error::StartTransaction,
)));
@ -93,10 +94,10 @@ pub async fn validate_jwt<T>(
};
// Get keys
let keys = match Key::get_all(&mut transaction, Some(false)).await {
let keys = match Key::get_all(transaction.deref_mut(), Some(false)).await {
Ok(keys) => keys,
Err(e) => {
return Err(Outcome::Failure((
return Err(Outcome::Error((
Status::InternalServerError,
Error::Keys(e),
)))
@ -105,10 +106,10 @@ pub async fn validate_jwt<T>(
if let Some(specific_user) = specific_user {
// Get settings
let settings = match Settings::get(&mut transaction).await {
let settings = match Settings::get(transaction.deref_mut()).await {
Ok(settings) => settings,
Err(e) => {
return Err(Outcome::Failure((
return Err(Outcome::Error((
Status::InternalServerError,
Error::GetSettings(e),
)));
@ -119,7 +120,7 @@ pub async fn validate_jwt<T>(
let first_admin = match settings.first_admin() {
Some(home_page) => UserID(home_page.to_string()),
None => {
return Err(Outcome::Failure((
return Err(Outcome::Error((
Status::InternalServerError,
Error::FirstAdminNotSet,
)));
@ -133,7 +134,7 @@ pub async fn validate_jwt<T>(
}
if let Err(_e) = transaction.commit().await {
return Err(Outcome::Failure((
return Err(Outcome::Error((
Status::InternalServerError,
Error::CommitTransaction,
)));
@ -191,11 +192,11 @@ pub async fn validate_jwt<T>(
// Return jwt claims
Ok(claims)
}
Err(_e) => Err(Outcome::Forward(())),
Err(_e) => Err(Outcome::Forward(Status::Unauthorized)),
},
Err(e) => {
// Failed to run blocking task
Err(Outcome::Failure((
Err(Outcome::Error((
Status::InternalServerError,
Error::BlockingTask(e.to_string()),
)))
@ -211,92 +212,92 @@ pub async fn use_refresh_token(
// Get database
let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database,
Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f),
};
// Get cookies
let cookie_jar = match request.guard::<&CookieJar>().await {
Outcome::Success(cookie_jar) => cookie_jar,
Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetCookies)),
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetCookies)),
Outcome::Forward(f) => return Outcome::Forward(f),
};
let mut transaction = match db.begin().await {
Ok(transaction) => transaction,
Err(_e) => {
return Outcome::Failure((Status::InternalServerError, Error::StartTransaction));
return Outcome::Error((Status::InternalServerError, Error::StartTransaction));
}
};
let refresh_token = match RefreshToken::get_one(&mut transaction, &refresh).await {
let refresh_token = match RefreshToken::get_one(transaction.deref_mut(), &refresh).await {
Ok(refresh_token) => match refresh_token {
Some(refresh_token) => refresh_token,
None => return Outcome::Forward(()),
None => return Outcome::Forward(Status::Unauthorized),
},
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::GetRefreshToken(e)));
return Outcome::Error((Status::InternalServerError, Error::GetRefreshToken(e)));
}
};
let user = match User::get_one_from_refresh_token(&mut transaction, &refresh).await {
let user = match User::get_one_from_refresh_token(transaction.deref_mut(), &refresh).await {
Ok(user) => match user {
Some(user) => user,
None => {
return Outcome::Failure((Status::InternalServerError, Error::UserNotFound));
return Outcome::Error((Status::InternalServerError, Error::UserNotFound));
}
},
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::GetUser(e)));
return Outcome::Error((Status::InternalServerError, Error::GetUser(e)));
}
};
// make sure that `get_admin` is respected, dont generate token for unwanted users!
if let Some(get_admin) = get_admin {
if user.is_admin() != get_admin {
return Outcome::Forward(());
return Outcome::Forward(Status::Forbidden);
}
}
if refresh_token.has_been_used() {
// Revoke all tokens for user
if let Err(e) =
RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user()).await
RefreshToken::revoke_all_for_user(transaction.deref_mut(), refresh_token.user()).await
{
return Outcome::Failure((Status::InternalServerError, Error::RevokeRefreshTokens(e)));
return Outcome::Error((Status::InternalServerError, Error::RevokeRefreshTokens(e)));
}
if let Err(_e) = transaction.commit().await {
return Outcome::Failure((Status::InternalServerError, Error::CommitTransaction));
return Outcome::Error((Status::InternalServerError, Error::CommitTransaction));
}
return Outcome::Forward(());
return Outcome::Forward(Status::Unauthorized);
}
if refresh_token.is_revoked() {
return Outcome::Forward(());
return Outcome::Forward(Status::Unauthorized);
}
if refresh_token.has_expired() {
return Outcome::Forward(());
return Outcome::Forward(Status::Unauthorized);
}
if let Err(e) = refresh_token.use_token(&mut transaction).await {
return Outcome::Failure((Status::InternalServerError, Error::MarkRefreshTokenUsed(e)));
if let Err(e) = refresh_token.use_token(transaction.deref_mut()).await {
return Outcome::Error((Status::InternalServerError, Error::MarkRefreshTokenUsed(e)));
}
// Get base url
let settings = match Settings::get(&mut transaction).await {
let settings = match Settings::get(transaction.deref_mut()).await {
Ok(settings) => settings,
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::GetSettings(e)));
return Outcome::Error((Status::InternalServerError, Error::GetSettings(e)));
}
};
let home_page = match settings.url().map(String::from) {
Some(home_page) => home_page,
None => {
return Outcome::Failure((Status::InternalServerError, Error::ServerUrlNotSet));
return Outcome::Error((Status::InternalServerError, Error::ServerUrlNotSet));
}
};
@ -304,7 +305,7 @@ pub async fn use_refresh_token(
let new_refresh_token = match task::spawn_blocking(SecretString::default).await {
Ok(new_refresh_token) => new_refresh_token,
Err(e) => {
return Outcome::Failure((
return Outcome::Error((
Status::InternalServerError,
Error::BlockingTask(e.to_string()),
));
@ -315,13 +316,13 @@ pub async fn use_refresh_token(
let ip_address = match request.client_ip() {
Some(ip) => ip.to_string(),
None => {
return Outcome::Failure((Status::BadRequest, Error::UnknownIp));
return Outcome::Error((Status::BadRequest, Error::UnknownIp));
}
};
// Insert refresh token in database
if let Err(e) = RefreshToken::insert(
&mut transaction,
transaction.deref_mut(),
new_refresh_token.as_ref(),
ip_address,
user.id(),
@ -330,7 +331,7 @@ pub async fn use_refresh_token(
)
.await
{
return Outcome::Failure((Status::InternalServerError, Error::SaveRefreshToken(e)));
return Outcome::Error((Status::InternalServerError, Error::SaveRefreshToken(e)));
}
// Add refresh token as a cookie
@ -345,24 +346,21 @@ pub async fn use_refresh_token(
cookie_jar.add(cookie);
// Get latest key from database
let key = match Key::get_most_recent(&mut transaction).await {
let key = match Key::get_most_recent(transaction.deref_mut()).await {
Ok(key) => match key {
Some(key) => key,
None => {
return Outcome::Failure((
Status::InternalServerError,
Error::MostRecentKeyNotFound,
));
return Outcome::Error((Status::InternalServerError, Error::MostRecentKeyNotFound));
}
},
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::GetKey(e)));
return Outcome::Error((Status::InternalServerError, Error::GetKey(e)));
}
};
// Make sure key has not been revoked
if key.is_revoked() {
return Outcome::Failure((Status::InternalServerError, Error::MostRecentKeyRevoked));
return Outcome::Error((Status::InternalServerError, Error::MostRecentKeyRevoked));
}
// Import private key
@ -373,11 +371,11 @@ pub async fn use_refresh_token(
Ok(private_key) => match private_key {
Ok(private_key) => private_key,
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::ImportKey(e)));
return Outcome::Error((Status::InternalServerError, Error::ImportKey(e)));
}
},
Err(e) => {
return Outcome::Failure((
return Outcome::Error((
Status::InternalServerError,
Error::BlockingTask(e.to_string()),
));
@ -385,13 +383,13 @@ pub async fn use_refresh_token(
};
// Get user roles
let roles = match Permission::get_all(&mut transaction, Some(user.id()), None).await {
let roles = match Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await {
Ok(roles) => roles
.into_iter()
.map(|role| role.role().to_string())
.collect(),
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::GetPermissions(e)));
return Outcome::Error((Status::InternalServerError, Error::GetPermissions(e)));
}
};
@ -403,7 +401,7 @@ pub async fn use_refresh_token(
{
Ok(jwt) => jwt,
Err(e) => {
return Outcome::Failure((Status::InternalServerError, Error::SignJwt(e)));
return Outcome::Error((Status::InternalServerError, Error::SignJwt(e)));
}
};
@ -416,7 +414,7 @@ pub async fn use_refresh_token(
cookie_jar.add(cookie);
if let Err(_e) = transaction.commit().await {
return Outcome::Failure((Status::InternalServerError, Error::CommitTransaction));
return Outcome::Error((Status::InternalServerError, Error::CommitTransaction));
}
Outcome::Success(jwt_claims)
@ -436,7 +434,7 @@ pub async fn use_access_token_or_refresh_token(
match validate_jwt(access, request, get_admin, specific_user).await {
Ok(jwt_claims) => match jwt_claims {
Some(jwt_claims) => Outcome::Success(jwt_claims),
None => Outcome::Forward(()),
None => Outcome::Forward(Status::Unauthorized),
},
Err(e) => e,
}
@ -447,7 +445,7 @@ pub async fn use_access_token_or_refresh_token(
}
(None, None) => {
// Nothing to do
Outcome::Forward(())
Outcome::Forward(Status::Unauthorized)
}
}
}

7
crates/ezidam/src/guards/jwt/admin_not_current.rs
View file

@ -2,6 +2,7 @@ use super::Error;
use crate::guards::{use_access_token_or_refresh_token, SpecificUser};
use crate::id::RocketUserID;
use jwt::JwtClaims;
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome};
use rocket::Request;
@ -30,7 +31,7 @@ impl<'r> FromRequest<'r> for JwtAdminNotCurrent {
ret
} {
Some(user_id) => user_id,
None => return Outcome::Forward(()),
None => return Outcome::Forward(Status::Forbidden),
};
// Don't allow first admin
@ -49,10 +50,10 @@ impl<'r> FromRequest<'r> for JwtAdminNotCurrent {
if success.0.subject != user_id.0 .0 {
Outcome::Success(success)
} else {
Outcome::Forward(())
Outcome::Forward(Status::Forbidden)
}
}
Outcome::Failure(failure) => Outcome::Failure(failure),
Outcome::Error(failure) => Outcome::Error(failure),
Outcome::Forward(forward) => Outcome::Forward(forward),
}
}

6
crates/ezidam/src/guards/need_setup.rs
View file

@ -19,16 +19,16 @@ impl<'r> FromRequest<'r> for NeedSetup {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database,
Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f),
};
match User::get_initial_admin(&**db).await {
Ok(initial_admin) => match initial_admin {
Some(_) => Outcome::Forward(()),
Some(_) => Outcome::Forward(Status::PermanentRedirect),
None => Outcome::Success(NeedSetup),
},
Err(e) => Outcome::Failure((Status::InternalServerError, Error::Request(e))),
Err(e) => Outcome::Error((Status::InternalServerError, Error::Request(e))),
}
}
}

3
crates/ezidam/src/guards/refresh_token.rs
View file

@ -1,4 +1,5 @@
use crate::tokens::REFRESH_TOKEN_COOKIE_NAME;
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome};
use rocket::Request;
@ -26,7 +27,7 @@ impl<'r> FromRequest<'r> for RefreshToken {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
match get_refresh_token_from_cookie(request) {
Some(refresh_token) => Outcome::Success(Self(refresh_token)),
None => Outcome::Forward(()),
None => Outcome::Forward(Status::Unauthorized),
}
}
}

5
crates/ezidam/src/guards/totp_request.rs
View file

@ -1,3 +1,4 @@
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome};
use rocket::Request;
use users::totp_login_request::{TOTP_REQUEST_COOKIE_NAME, TOTP_REQUEST_LEN};
@ -16,10 +17,10 @@ impl<'r> FromRequest<'r> for TotpRequest {
if value.len() == TOTP_REQUEST_LEN {
Outcome::Success(Self(value.to_string()))
} else {
Outcome::Forward(())
Outcome::Forward(Status::BadRequest)
}
}
None => Outcome::Forward(()),
None => Outcome::Forward(Status::BadRequest),
}
}
}

2
crates/ezidam/src/lib.rs
View file

@ -30,6 +30,8 @@ pub fn config() -> rocket::figment::Figment {
Figment::from(Config::default())
// from `ezidam.toml`
.merge(Toml::file(Env::var_or("EZIDAM_CONFIG", "ezidam.toml")).nested())
// from env variables directly
.merge(Env::prefixed("EZIDAM_").ignore(&["PROFILE"]).global())
// from code below
.merge(("ip_header", "x-forwarded-for"))
}

3
crates/ezidam/src/routes.rs
View file

@ -7,7 +7,7 @@ pub mod settings;
pub mod setup;
pub mod well_known;
pub(self) mod prelude {
mod prelude {
pub use crate::database::Database;
pub use crate::error::Error;
pub use crate::file_from_bytes::FileFromBytes;
@ -27,6 +27,7 @@ pub(self) mod prelude {
pub use rocket_db_pools::sqlx::Acquire;
pub use rocket_db_pools::Connection;
pub use rocket_dyn_templates::Template;
pub use std::ops::DerefMut;
pub type Result<T> = std::result::Result<T, Error>;
}

27
crates/ezidam/src/routes/admin/apps.rs
View file

@ -10,7 +10,9 @@ pub async fn admin_apps_list(
admin: JwtAdmin,
flash: Option<FlashMessage<'_>>,
) -> Result<Template> {
let apps = App::get_all(&mut *db, None).await?;
let mut transaction = db.begin().await?;
let apps = App::get_all(transaction.deref_mut(), None).await?;
transaction.commit().await?;
let page = Page::AdminAppsList(super::content::AdminAppsList {
user: admin.0,
@ -54,8 +56,9 @@ pub async fn admin_apps_new_form(
let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??;
// Insert in database
let mut transaction = db.begin().await?;
App::insert(
&mut *db,
transaction.deref_mut(),
&app_id,
form.label,
&redirect_uri,
@ -63,6 +66,7 @@ pub async fn admin_apps_new_form(
form.is_confidential,
)
.await?;
transaction.commit().await?;
Ok(Flash::new(
Redirect::to(uri!(admin_apps_list)),
@ -79,9 +83,11 @@ pub async fn admin_apps_view(
flash: Option<FlashMessage<'_>>,
) -> Result<Template> {
let app_id = id.0;
let app = App::get_one_by_id(&mut *db, app_id.as_ref())
let mut transaction = db.begin().await?;
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref())
.await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?;
transaction.commit().await?;
if app.is_archived() {
return Err(Error::gone(format!(
@ -108,14 +114,16 @@ pub async fn admin_apps_view_form(
let redirect_uri = Url::parse(form.redirect_uri)?;
// Update app
let mut transaction = db.begin().await?;
App::update(
&mut *db,
transaction.deref_mut(),
&id.0,
form.label,
&redirect_uri,
form.is_confidential,
)
.await?;
transaction.commit().await?;
Ok(Flash::new(
Redirect::to(uri!(admin_apps_list)),
@ -144,7 +152,7 @@ pub async fn admin_apps_new_secret(
// Get app
let app_id = &id.0;
let app = App::get_one_by_id(&mut transaction, app_id.as_ref())
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref())
.await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?;
@ -163,7 +171,8 @@ pub async fn admin_apps_new_secret(
let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??;
// Save new secret
app.new_secret(&mut transaction, &app_secret_hash).await?;
app.new_secret(transaction.deref_mut(), &app_secret_hash)
.await?;
transaction.commit().await?;
@ -198,7 +207,7 @@ pub async fn admin_apps_archive(
// Get app
let app_id = &id.0;
let app = App::get_one_by_id(&mut transaction, app_id.as_ref())
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref())
.await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?;
@ -210,10 +219,10 @@ pub async fn admin_apps_archive(
}
// Archive
app.archive(&mut transaction).await?;
app.archive(transaction.deref_mut()).await?;
// Revoke refresh tokens
refresh_tokens::RefreshToken::revoke_all_for_app(&mut transaction, app_id).await?;
refresh_tokens::RefreshToken::revoke_all_for_app(transaction.deref_mut(), app_id).await?;
transaction.commit().await?;

8
crates/ezidam/src/routes/admin/dashboard.rs
View file

@ -10,17 +10,17 @@ pub async fn admin_dashboard(mut db: Connection<Database>, admin: JwtAdmin) -> R
let mut transaction = db.begin().await?;
// Get users
let users = User::get_all(&mut transaction).await?;
let users = User::get_all(transaction.deref_mut()).await?;
// Get roles
let roles = Role::get_all(&mut transaction).await?;
let roles = Role::get_all(transaction.deref_mut()).await?;
// Get apps
let apps = App::get_all(&mut transaction, None).await?;
let apps = App::get_all(transaction.deref_mut(), None).await?;
// Get number of logins in the last 24 hours
let number_logins_last_24_hours =
AuthorizationCode::used_in_last_24_hours(&mut transaction).await?;
AuthorizationCode::used_in_last_24_hours(transaction.deref_mut()).await?;
transaction.commit().await?;

40
crates/ezidam/src/routes/admin/permissions.rs
View file

@ -25,7 +25,7 @@ pub async fn admin_permissions_users(
) -> Result<Template> {
let mut transaction = db.begin().await?;
let users = User::get_all(&mut transaction)
let users = User::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|user| !user.is_archived())
@ -69,7 +69,7 @@ pub async fn admin_permissions_for_user(
let mut transaction = db.begin().await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -78,14 +78,14 @@ pub async fn admin_permissions_for_user(
}
// Get roles
let roles = Role::get_all(&mut transaction)
let roles = Role::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|role| !role.is_archived())
.collect::<Vec<_>>();
// Get permissions for user
let permissions = Permission::get_all(&mut transaction, Some(user.id()), None).await?;
let permissions = Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await?;
transaction.commit().await?;
@ -133,12 +133,12 @@ pub async fn admin_permissions_for_user_form(
.iter()
.map(|role| RoleID::from_str(role))
.collect::<std::result::Result<Vec<_>, _>>()
.map_err(|_| Error::bad_request(format!("Invalid role detected")))?;
.map_err(|_| Error::bad_request("Invalid role detected".to_string()))?;
let mut transaction = db.begin().await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -147,14 +147,14 @@ pub async fn admin_permissions_for_user_form(
}
// Get roles
let roles = Role::get_all(&mut transaction)
let roles = Role::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|role| !role.is_archived())
.collect::<Vec<_>>();
// Get permissions for user
let permissions = Permission::get_all(&mut transaction, Some(user.id()), None).await?;
let permissions = Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await?;
transaction.commit().await?;
@ -167,14 +167,14 @@ pub async fn admin_permissions_for_user_form(
if permissions.iter().all(|perm| perm.role() != role.name()) {
// If the permission does not exist, add it
Permission::add(&mut transaction, user.id(), role.name()).await?;
Permission::add(transaction.deref_mut(), user.id(), role.name()).await?;
}
} else {
// Intent is to delete permission
if permissions.iter().any(|perm| perm.role() == role.name()) {
// If the permission exists, delete it
Permission::delete(&mut transaction, user.id(), role.name()).await?;
Permission::delete(transaction.deref_mut(), user.id(), role.name()).await?;
}
}
}
@ -200,7 +200,7 @@ pub async fn admin_permissions_roles(
) -> Result<Template> {
let mut transaction = db.begin().await?;
let roles = Role::get_all(&mut transaction)
let roles = Role::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|role| !role.is_archived())
@ -236,7 +236,7 @@ pub async fn admin_permissions_for_role(
let mut transaction = db.begin().await?;
// Get role
let role = Role::get_by_name(&mut transaction, &id.0)
let role = Role::get_by_name(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Failed to find role"))?;
@ -245,14 +245,14 @@ pub async fn admin_permissions_for_role(
}
// Get users
let users = User::get_all(&mut transaction)
let users = User::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|user| !user.is_archived())
.collect::<Vec<_>>();
// Get permissions for role
let permissions = Permission::get_all(&mut transaction, None, Some(role.name())).await?;
let permissions = Permission::get_all(transaction.deref_mut(), None, Some(role.name())).await?;
transaction.commit().await?;
@ -300,12 +300,12 @@ pub async fn admin_permissions_for_role_form(
.iter()
.map(|user| UserID::from_str(user))
.collect::<std::result::Result<Vec<_>, _>>()
.map_err(|_| Error::bad_request(format!("Invalid user detected")))?;
.map_err(|_| Error::bad_request("Invalid user detected".to_string()))?;
let mut transaction = db.begin().await?;
// Get role
let role = Role::get_by_name(&mut transaction, &id.0)
let role = Role::get_by_name(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Failed to find role"))?;
@ -314,14 +314,14 @@ pub async fn admin_permissions_for_role_form(
}
// Get users
let users = User::get_all(&mut transaction)
let users = User::get_all(transaction.deref_mut())
.await?
.into_iter()
.filter(|user| !user.is_archived())
.collect::<Vec<_>>();
// Get permissions for role
let permissions = Permission::get_all(&mut transaction, None, Some(role.name())).await?;
let permissions = Permission::get_all(transaction.deref_mut(), None, Some(role.name())).await?;
transaction.commit().await?;
@ -334,14 +334,14 @@ pub async fn admin_permissions_for_role_form(
if permissions.iter().all(|perm| perm.user() != user.id()) {
// If the permission does not exist, add it
Permission::add(&mut transaction, user.id(), role.name()).await?;
Permission::add(transaction.deref_mut(), user.id(), role.name()).await?;
}
} else {
// Intent is to delete permission
if permissions.iter().any(|perm| perm.user() == user.id()) {
// If the permission exists, delete it
Permission::delete(&mut transaction, user.id(), role.name()).await?;
Permission::delete(transaction.deref_mut(), user.id(), role.name()).await?;
}
}
}

22
crates/ezidam/src/routes/admin/roles.rs
View file

@ -12,7 +12,7 @@ pub async fn admin_roles_list(
) -> Result<Template> {
let mut transaction = db.begin().await?;
let roles = Role::get_all(&mut transaction).await?;
let roles = Role::get_all(transaction.deref_mut()).await?;
transaction.commit().await?;
@ -62,7 +62,7 @@ pub async fn admin_roles_new_form(
let mut transaction = db.begin().await?;
// Insert role in database
if let Err(e) = Role::insert(&mut transaction, &name, form.label).await {
if let Err(e) = Role::insert(transaction.deref_mut(), &name, form.label).await {
return Ok(Flash::new(
Redirect::to(uri!(admin_roles_new)),
FlashKind::Danger,
@ -91,7 +91,7 @@ pub async fn admin_roles_view(
let mut transaction = db.begin().await?;
let role = Role::get_by_name(&mut transaction, &role_id)
let role = Role::get_by_name(transaction.deref_mut(), &role_id)
.await?
.ok_or_else(|| Error::not_found(role_id.to_string()))?;
@ -128,12 +128,13 @@ pub async fn admin_roles_archive(
let mut transaction = db.begin().await?;
// Get role
let role = Role::get_by_name(&mut transaction, &id.0)
let role = Role::get_by_name(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find role"))?;
// Set new status
role.set_archive_status(&mut transaction, true).await?;
role.set_archive_status(transaction.deref_mut(), true)
.await?;
transaction.commit().await?;
@ -149,12 +150,13 @@ pub async fn admin_roles_archive(
let mut transaction = db.begin().await?;
// Get role
let role = Role::get_by_name(&mut transaction, &id.0)
let role = Role::get_by_name(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find role"))?;
// Set new status
role.set_archive_status(&mut transaction, false).await?;
role.set_archive_status(transaction.deref_mut(), false)
.await?;
transaction.commit().await?;
@ -191,7 +193,7 @@ pub async fn admin_roles_info_update(
) -> Result<Flash<Redirect>> {
let mut transaction = db.begin().await?;
let role = Role::get_by_name(&mut transaction, &id.0)
let role = Role::get_by_name(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find role"))?;
@ -201,7 +203,7 @@ pub async fn admin_roles_info_update(
// Update label
if role.label() != form.label {
if let Err(e) = role.set_label(&mut transaction, form.label).await {
if let Err(e) = role.set_label(transaction.deref_mut(), form.label).await {
return Ok(Flash::new(
Redirect::to(uri!(admin_roles_view(id))),
FlashKind::Danger,
@ -215,6 +217,6 @@ pub async fn admin_roles_info_update(
Ok(Flash::new(
Redirect::to(uri!(admin_roles_view(id))),
FlashKind::Success,
format!("Role has been updated."),
"Role has been updated.".to_string(),
))
}

39
crates/ezidam/src/routes/admin/settings.rs
View file

@ -15,7 +15,9 @@ use users::User;
#[get("/admin/settings/branding")]
pub async fn settings_branding(mut db: Connection<Database>, admin: JwtAdmin) -> Result<Page> {
let settings = Settings::get(&mut *db).await?;
let mut transaction = db.begin().await?;
let settings = Settings::get(transaction.deref_mut()).await?;
transaction.commit().await?;
Ok(Page::AdminSettingsBranding(
super::content::AdminSettingsBranding {
@ -44,12 +46,12 @@ pub async fn settings_update_branding(
match form.delete_logo {
Some(delete_logo) => {
if delete_logo {
Settings::delete_business_logo(&mut transaction).await?;
Settings::delete_business_logo(transaction.deref_mut()).await?;
}
}
None => {
if let Some(business_name) = form.business_name {
Settings::set_business_name(&mut transaction, business_name).await?;
Settings::set_business_name(transaction.deref_mut(), business_name).await?;
}
if form.file.len() != 0 {
@ -61,7 +63,7 @@ pub async fn settings_update_branding(
let file_bytes = rocket::tokio::fs::read(file_path).await?;
// Save in database
Settings::set_business_logo(&mut transaction, &file_bytes).await?;
Settings::set_business_logo(transaction.deref_mut(), &file_bytes).await?;
}
}
}
@ -110,28 +112,37 @@ pub async fn settings_security_form(
task::spawn_blocking(move || jwt::generate(&key_id_for_generation)).await??;
// Insert keys in database
jwt::database::save_new_keys(&mut transaction, &key_id, &private_key, &public_key)
jwt::database::save_new_keys(
transaction.deref_mut(),
&key_id,
&private_key,
&public_key,
)
.await?;
// Revoke all keys except new one
jwt::database::revoke_all_except_one(&mut transaction, &key_id).await?;
jwt::database::revoke_all_except_one(transaction.deref_mut(), &key_id).await?;
// Get app
let app = App::get_one_by_id(&mut transaction, "ezidam")
let app = App::get_one_by_id(transaction.deref_mut(), "ezidam")
.await?
.ok_or_else(|| Error::not_found("Could not find application"))?;
// Get user info
let user = User::get_by_login(&mut transaction, &admin.0.subject)
let user = User::get_by_login(transaction.deref_mut(), &admin.0.subject)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Revoke all refresh tokens
RefreshToken::revoke_all(&mut transaction).await?;
RefreshToken::revoke_all(transaction.deref_mut()).await?;
// Generate refresh token
let refresh_token =
generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
let refresh_token = generate_refresh_token(
transaction.deref_mut(),
ip_address,
user.id(),
app.id(),
)
.await
.map_err(Error::internal_server_error)?;
@ -144,7 +155,7 @@ pub async fn settings_security_form(
cookie_jar.add(cookie);
// Get base url
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
let home_page = settings
.url()
.map(String::from)
@ -152,7 +163,7 @@ pub async fn settings_security_form(
// Generate jwt
let jwt = generate_jwt(
&mut transaction,
transaction.deref_mut(),
&private_key,
&home_page,
&app.id().0,
@ -194,7 +205,7 @@ pub async fn settings_maintenance(
) -> Result<Template> {
let mut transaction = db.begin().await?;
let database_size = Settings::database_size(&mut transaction)
let database_size = Settings::database_size(transaction.deref_mut())
.await?
.ok_or_else(|| Error::internal_server_error("Failed to get database size"))?;

60
crates/ezidam/src/routes/admin/users.rs
View file

@ -18,7 +18,9 @@ pub async fn admin_users_list(
admin: JwtAdmin,
flash: Option<FlashMessage<'_>>,
) -> Result<Template> {
let users = User::get_all(&mut *db).await?;
let mut transaction = db.begin().await?;
let users = User::get_all(transaction.deref_mut()).await?;
transaction.commit().await?;
let page = Page::AdminUsersList(super::content::AdminUsersList {
user: admin.0,
@ -68,7 +70,7 @@ pub async fn admin_users_new_form(
let mut transaction = db.begin().await?;
// Insert user in database
if let Err(e) = User::insert(&mut transaction, &user_id, false, &username, None).await {
if let Err(e) = User::insert(transaction.deref_mut(), &user_id, false, &username, None).await {
return Ok(Flash::new(
Redirect::to(uri!(admin_users_new)),
FlashKind::Danger,
@ -94,9 +96,11 @@ pub async fn admin_users_view(
flash: Option<FlashMessage<'_>>,
) -> Result<Template> {
let user_id = id.0;
let user = User::get_by_id(&mut *db, &user_id)
let mut transaction = db.begin().await?;
let user = User::get_by_id(transaction.deref_mut(), &user_id)
.await?
.ok_or_else(|| Error::not_found(user_id.to_string()))?;
transaction.commit().await?;
// If user has password reset token
let password_recover_expiration = user
@ -136,13 +140,13 @@ pub async fn admin_users_archive(
let mut transaction = db.begin().await?;
// Get ID of first admin
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
let first_admin = settings
.first_admin()
.ok_or_else(|| Error::bad_request("First user is not set"))?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
@ -152,17 +156,19 @@ pub async fn admin_users_archive(
}
// Set new status
user.set_archive_status(&mut transaction, true).await?;
user.set_archive_status(transaction.deref_mut(), true)
.await?;
// Revoke refresh tokens
refresh_tokens::RefreshToken::revoke_all_for_user(&mut transaction, user.id()).await?;
refresh_tokens::RefreshToken::revoke_all_for_user(transaction.deref_mut(), user.id())
.await?;
// Use all authorization codes
AuthorizationCode::use_all_for_user(&mut transaction, user.id()).await?;
AuthorizationCode::use_all_for_user(transaction.deref_mut(), user.id()).await?;
// Use all totp login requests
if user.totp_secret().is_some() {
TotpLoginRequest::use_all_for_user(&mut transaction, user.id()).await?;
TotpLoginRequest::use_all_for_user(transaction.deref_mut(), user.id()).await?;
}
transaction.commit().await?;
@ -178,12 +184,13 @@ pub async fn admin_users_archive(
let mut transaction = db.begin().await?;
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Set new status
user.set_archive_status(&mut transaction, false).await?;
user.set_archive_status(transaction.deref_mut(), false)
.await?;
transaction.commit().await?;
@ -234,10 +241,10 @@ pub async fn admin_users_password_reset(
let mut transaction = db.begin().await?;
// Get settings
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
@ -245,7 +252,7 @@ pub async fn admin_users_password_reset(
let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database
user.set_password_reset_token(&mut transaction, Some(&token))
user.set_password_reset_token(transaction.deref_mut(), Some(&token))
.await?;
transaction.commit().await?;
@ -414,12 +421,12 @@ pub async fn admin_users_paper_key_reset(
let mut transaction = db.begin().await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete paper key
user.set_paper_key(&mut transaction, None).await?;
user.set_paper_key(transaction.deref_mut(), None).await?;
transaction.commit().await?;
@ -452,15 +459,15 @@ pub async fn admin_users_totp_secret_disable(
let mut transaction = db.begin().await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete totp secret
user.set_totp_secret(&mut transaction, None).await?;
user.set_totp_secret(transaction.deref_mut(), None).await?;
// Delete totp backup
user.set_totp_backup(&mut transaction, None).await?;
user.set_totp_backup(transaction.deref_mut(), None).await?;
transaction.commit().await?;
@ -493,12 +500,12 @@ pub async fn admin_users_totp_backup_delete(
let mut transaction = db.begin().await?;
// Get user
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete totp backup
user.set_totp_backup(&mut transaction, None).await?;
user.set_totp_backup(transaction.deref_mut(), None).await?;
transaction.commit().await?;
@ -531,7 +538,7 @@ pub async fn admin_users_info_update(
) -> Result<Flash<Redirect>> {
let mut transaction = db.begin().await?;
let user = User::get_by_id(&mut transaction, &id.0)
let user = User::get_by_id(transaction.deref_mut(), &id.0)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
@ -553,7 +560,7 @@ pub async fn admin_users_info_update(
}
};
if let Err(e) = user.set_username(&mut transaction, &username).await {
if let Err(e) = user.set_username(transaction.deref_mut(), &username).await {
return Ok(Flash::new(
Redirect::to(uri!(admin_users_view(id))),
FlashKind::Danger,
@ -571,7 +578,7 @@ pub async fn admin_users_info_update(
// If it does not exist, use provided value
.unwrap_or(true)
{
user.set_name(&mut transaction, form.name).await?;
user.set_name(transaction.deref_mut(), form.name).await?;
}
// Update email
@ -595,7 +602,7 @@ pub async fn admin_users_info_update(
}
};
if let Err(e) = user.set_email(&mut transaction, email).await {
if let Err(e) = user.set_email(transaction.deref_mut(), email).await {
return Ok(Flash::new(
Redirect::to(uri!(admin_users_view(id))),
FlashKind::Danger,
@ -607,7 +614,8 @@ pub async fn admin_users_info_update(
// Admin status
let new_status = matches!(form.is_admin, Some("on"));
if user.is_admin() != new_status {
user.set_admin_status(&mut transaction, new_status).await?;
user.set_admin_status(transaction.deref_mut(), new_status)
.await?;
}
transaction.commit().await?;

14
crates/ezidam/src/routes/oauth/authorize.rs
View file

@ -21,7 +21,7 @@ pub async fn authorize_page(
// Get app info
let app = App::get_valid_app(
&mut transaction,
transaction.deref_mut(),
auth_request.response_type,
auth_request.scope,
auth_request.client_id,
@ -29,7 +29,7 @@ pub async fn authorize_page(
)
.await?;
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
transaction.commit().await?;
@ -59,7 +59,7 @@ pub async fn authorize_ezidam(mut db: Connection<Database>) -> Result<Redirect>
// Get ezidam app info
let app_id = "ezidam";
let app = App::get_one_by_id(&mut transaction, app_id)
let app = App::get_one_by_id(transaction.deref_mut(), app_id)
.await?
.ok_or_else(|| Error::not_found(app_id))?;
@ -117,7 +117,7 @@ pub async fn authorize_form(
// Get app info
let app = App::get_valid_app(
&mut transaction,
transaction.deref_mut(),
auth_request.response_type,
auth_request.scope,
auth_request.client_id,
@ -145,7 +145,7 @@ pub async fn authorize_form(
};
// Get user
let Some(user) = User::get_by_login(&mut transaction, form.login).await? else {
let Some(user) = User::get_by_login(transaction.deref_mut(), form.login).await? else {
return Ok(Either::Right(invalid_credentials(form.login, auth_request)));
};
@ -183,7 +183,7 @@ pub async fn authorize_form(
// Save in database
let mut transaction = db.begin().await?;
users::totp_login_request::TotpLoginRequest::insert(
&mut transaction,
transaction.deref_mut(),
totp_token.as_ref(),
&user_id,
totp_duration,
@ -211,7 +211,7 @@ pub async fn authorize_form(
let mut transaction = db.begin().await?;
// Save authorization code
AuthorizationCode::insert(&mut transaction, code.as_ref(), app.id(), &user_id).await?;
AuthorizationCode::insert(transaction.deref_mut(), code.as_ref(), app.id(), &user_id).await?;
transaction.commit().await?;

23
crates/ezidam/src/routes/oauth/redirect.rs
View file

@ -26,15 +26,15 @@ pub async fn redirect_page(
let mut transaction = db.begin().await?;
// Get authorization code
let code = AuthorizationCode::get_one(&mut transaction, redirect_request.code)
let code = AuthorizationCode::get_one(transaction.deref_mut(), redirect_request.code)
.await?
.ok_or_else(|| Error::not_found("Could not find authorization code"))?;
// Make sure code has not been used
if code.has_been_used() {
// Revoke all codes and refresh tokens for user
AuthorizationCode::use_all_for_user(&mut transaction, code.user()).await?;
RefreshToken::revoke_all_for_user(&mut transaction, code.user()).await?;
AuthorizationCode::use_all_for_user(transaction.deref_mut(), code.user()).await?;
RefreshToken::revoke_all_for_user(transaction.deref_mut(), code.user()).await?;
transaction.commit().await?;
@ -49,12 +49,13 @@ pub async fn redirect_page(
}
// Get app
let app = App::get_one_from_authorization_code(&mut transaction, redirect_request.code)
let app = App::get_one_from_authorization_code(transaction.deref_mut(), redirect_request.code)
.await?
.ok_or_else(|| Error::not_found("Could not find application"))?;
// Get user info
let user = User::get_one_from_authorization_code(&mut transaction, redirect_request.code)
let user =
User::get_one_from_authorization_code(transaction.deref_mut(), redirect_request.code)
.await?
.ok_or_else(|| Error::not_found("Could not find user"))?;
@ -64,10 +65,10 @@ pub async fn redirect_page(
}
// Mark code as used
code.use_code(&mut transaction).await?;
code.use_code(transaction.deref_mut()).await?;
// Get base url
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
let home_page = settings
.url()
.map(String::from)
@ -76,7 +77,7 @@ pub async fn redirect_page(
if jwt_user.is_none() {
// Generate refresh token
let refresh_token =
generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
generate_refresh_token(transaction.deref_mut(), ip_address, user.id(), app.id())
.await
.map_err(Error::internal_server_error)?;
@ -89,7 +90,7 @@ pub async fn redirect_page(
cookie_jar.add(cookie);
// Get latest key from database
let key = Key::get_most_recent(&mut transaction)
let key = Key::get_most_recent(transaction.deref_mut())
.await?
.ok_or_else(|| Error::internal_server_error("Failed to get key to sign JWT"))?;
@ -105,7 +106,7 @@ pub async fn redirect_page(
// Generate jwt
let jwt = generate_jwt(
&mut transaction,
transaction.deref_mut(),
&private_key,
&home_page,
&app.id().0,
@ -130,7 +131,7 @@ pub async fn redirect_page(
{
// If it has expired, delete it
if password_recover.has_expired() {
user.set_password_reset_token(&mut transaction, None)
user.set_password_reset_token(transaction.deref_mut(), None)
.await?;
}
}

33
crates/ezidam/src/routes/oauth/token.rs
View file

@ -187,7 +187,7 @@ pub async fn request_token(
.ok_or(TokenError::AuthorizationCodeNotProvided)?;
// Get authorization code
let code = AuthorizationCode::get_one(&mut transaction, authorization_code)
let code = AuthorizationCode::get_one(transaction.deref_mut(), authorization_code)
.await
.map_err(TokenError::AuthorizationError)?
.ok_or(TokenError::AuthorizationCodeNotFound(
@ -197,10 +197,10 @@ pub async fn request_token(
// Make sure code has not been used
if code.has_been_used() {
// Revoke all codes and refresh tokens for user
AuthorizationCode::use_all_for_user(&mut transaction, code.user())
AuthorizationCode::use_all_for_user(transaction.deref_mut(), code.user())
.await
.map_err(TokenError::AuthorizationError)?;
RefreshToken::revoke_all_for_user(&mut transaction, code.user())
RefreshToken::revoke_all_for_user(transaction.deref_mut(), code.user())
.await
.map_err(TokenError::RefreshTokenError)?;
@ -218,7 +218,8 @@ pub async fn request_token(
}
// Get user info
let user = User::get_one_from_authorization_code(&mut transaction, authorization_code)
let user =
User::get_one_from_authorization_code(transaction.deref_mut(), authorization_code)
.await
.map_err(TokenError::UserError)?
.ok_or(TokenError::UserNotFound)?;
@ -229,7 +230,8 @@ pub async fn request_token(
}
// Get app from code
let app = App::get_one_from_authorization_code(&mut transaction, authorization_code)
let app =
App::get_one_from_authorization_code(transaction.deref_mut(), authorization_code)
.await
.map_err(TokenError::AppError)?
.ok_or(TokenError::AppNotFoundFromAuthorizationCode(
@ -237,7 +239,7 @@ pub async fn request_token(
))?;
// Mark code as used
code.use_code(&mut transaction)
code.use_code(transaction.deref_mut())
.await
.map_err(TokenError::AuthorizationError)?;
@ -248,19 +250,19 @@ pub async fn request_token(
.refresh_token
.ok_or(TokenError::RefreshTokenNotProvided)?;
let user = User::get_one_from_refresh_token(&mut transaction, refresh_token)
let user = User::get_one_from_refresh_token(transaction.deref_mut(), refresh_token)
.await
.map_err(TokenError::UserError)?
.ok_or(TokenError::UserNotFound)?;
let refresh_token = RefreshToken::get_one(&mut transaction, refresh_token)
let refresh_token = RefreshToken::get_one(transaction.deref_mut(), refresh_token)
.await
.map_err(TokenError::RefreshTokenError)?
.ok_or(TokenError::RefreshTokenNotFound(refresh_token.into()))?;
if refresh_token.has_been_used() {
// Revoke all tokens for user
RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user())
RefreshToken::revoke_all_for_user(transaction.deref_mut(), refresh_token.user())
.await
.map_err(TokenError::RefreshTokenError)?;
@ -281,7 +283,7 @@ pub async fn request_token(
}
// Get app
let app = App::get_one_by_id(&mut transaction, refresh_token.app().as_ref())
let app = App::get_one_by_id(transaction.deref_mut(), refresh_token.app().as_ref())
.await
.map_err(TokenError::AppError)?
.ok_or(TokenError::AppNotFoundFromRefreshToken(format!(
@ -290,7 +292,7 @@ pub async fn request_token(
)))?;
refresh_token
.use_token(&mut transaction)
.use_token(transaction.deref_mut())
.await
.map_err(TokenError::RefreshTokenError)?;
@ -336,7 +338,7 @@ pub async fn request_token(
}
// Get base url
let settings = Settings::get(&mut transaction)
let settings = Settings::get(transaction.deref_mut())
.await
.map_err(TokenError::SettingsError)?;
let home_page = settings
@ -345,12 +347,13 @@ pub async fn request_token(
.ok_or(TokenError::ServerUrlNotSet)?;
// Generate refresh token
let refresh_token = generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
let refresh_token =
generate_refresh_token(transaction.deref_mut(), ip_address, user.id(), app.id())
.await
.map_err(TokenError::RefreshTokenGenerate)?;
// Get latest key from database
let key = Key::get_most_recent(&mut transaction)
let key = Key::get_most_recent(transaction.deref_mut())
.await
.map_err(TokenError::JwtError)?
.ok_or(TokenError::JwkNotFound)?;
@ -369,7 +372,7 @@ pub async fn request_token(
// Generate jwt
let jwt = generate_jwt(
&mut transaction,
transaction.deref_mut(),
&private_key,
&home_page,
&app.id().0,

30
crates/ezidam/src/routes/oauth/totp.rs
View file

@ -3,7 +3,7 @@ use crate::routes::prelude::*;
use apps::App;
use authorization_codes::AuthorizationCode;
use hash::{Secret, SecretString};
use rocket::http::{Cookie, CookieJar};
use rocket::http::CookieJar;
use rocket::{get, post};
use users::totp_login_request::TOTP_REQUEST_COOKIE_NAME;
use users::User;
@ -19,7 +19,7 @@ pub async fn totp_page(
// Get app info
let _app = App::get_valid_app(
&mut transaction,
transaction.deref_mut(),
auth_request.response_type,
auth_request.scope,
auth_request.client_id,
@ -28,8 +28,10 @@ pub async fn totp_page(
.await?;
// Get totp request
let totp_request =
users::totp_login_request::TotpLoginRequest::get_one(&mut transaction, &totp_request.0)
let totp_request = users::totp_login_request::TotpLoginRequest::get_one(
transaction.deref_mut(),
&totp_request.0,
)
.await?
.ok_or_else(|| Error::not_found("Failed to find totp request"))?;
@ -42,7 +44,7 @@ pub async fn totp_page(
}
// Get user
let user = User::get_by_id(&mut transaction, totp_request.user())
let user = User::get_by_id(transaction.deref_mut(), totp_request.user())
.await?
.ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -75,7 +77,7 @@ pub async fn totp_verify(
// Get app info
let app = App::get_valid_app(
&mut transaction,
transaction.deref_mut(),
auth_request.response_type,
auth_request.scope,
auth_request.client_id,
@ -84,8 +86,10 @@ pub async fn totp_verify(
.await?;
// Get totp request
let totp_request =
users::totp_login_request::TotpLoginRequest::get_one(&mut transaction, &totp_request.0)
let totp_request = users::totp_login_request::TotpLoginRequest::get_one(
transaction.deref_mut(),
&totp_request.0,
)
.await?
.ok_or_else(|| Error::not_found("Failed to find totp request"))?;
@ -98,7 +102,7 @@ pub async fn totp_verify(
}
// Get user
let user = User::get_by_id(&mut transaction, totp_request.user())
let user = User::get_by_id(transaction.deref_mut(), totp_request.user())
.await?
.ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -146,20 +150,20 @@ pub async fn totp_verify(
let mut transaction = db.begin().await?;
// Save authorization code
AuthorizationCode::insert(&mut transaction, code.as_ref(), app.id(), user.id()).await?;
AuthorizationCode::insert(transaction.deref_mut(), code.as_ref(), app.id(), user.id()).await?;
// Mark totp token as used
totp_request.use_code(&mut transaction).await?;
totp_request.use_code(transaction.deref_mut()).await?;
// Delete totp backup if it got used
if delete_totp_backup {
user.set_totp_backup(&mut transaction, None).await?;
user.set_totp_backup(transaction.deref_mut(), None).await?;
}
transaction.commit().await?;
// Delete cookie
cookie_jar.remove(Cookie::named(TOTP_REQUEST_COOKIE_NAME));
cookie_jar.remove(TOTP_REQUEST_COOKIE_NAME);
// Construct uri to redirect to
let uri = redirect_uri(auth_request, &app, &code);

10
crates/ezidam/src/routes/root/forgot_password.rs
View file

@ -67,7 +67,7 @@ pub async fn forgot_password_email_form(
let mut transaction = db.begin().await?;
// Get settings
let settings = Settings::get(&mut transaction).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
// Get server url
let url = settings
@ -85,7 +85,7 @@ pub async fn forgot_password_email_form(
};
// Get user
let user = match User::get_by_email(&mut transaction, &email).await? {
let user = match User::get_by_email(transaction.deref_mut(), &email).await? {
Some(user) => user,
None => {
return Ok(Flash::new(
@ -100,7 +100,7 @@ pub async fn forgot_password_email_form(
let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database
user.set_password_reset_token(&mut transaction, Some(&token))
user.set_password_reset_token(transaction.deref_mut(), Some(&token))
.await?;
transaction.commit().await?;
@ -236,7 +236,7 @@ pub async fn forgot_password_paper_key_form(
let mut transaction = db.begin().await?;
// Get user
let user = match User::get_by_login(&mut transaction, form.login).await? {
let user = match User::get_by_login(transaction.deref_mut(), form.login).await? {
Some(user) => user,
None => {
return Ok(Flash::new(
@ -272,7 +272,7 @@ pub async fn forgot_password_paper_key_form(
let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database
user.set_password_reset_token(&mut transaction, Some(&token))
user.set_password_reset_token(transaction.deref_mut(), Some(&token))
.await?;
transaction.commit().await?;

4
crates/ezidam/src/routes/root/logo.rs
View file

@ -5,7 +5,9 @@ use settings::Settings;
#[get("/logo")]
pub async fn get_logo(mut db: Connection<Database>) -> Result<FileFromBytes> {
// Get settings
let settings = Settings::get(&mut *db).await?;
let mut transaction = db.begin().await?;
let settings = Settings::get(transaction.deref_mut()).await?;
transaction.commit().await?;
// HTTP response
Ok(FileFromBytes::from(settings.business_logo()))

16
crates/ezidam/src/routes/root/logout.rs
View file

@ -1,6 +1,6 @@
use crate::routes::prelude::*;
use crate::tokens::{JWT_COOKIE_NAME, REFRESH_TOKEN_COOKIE_NAME};
use rocket::http::{Cookie, CookieJar};
use rocket::http::CookieJar;
use rocket::post;
#[post("/logout")]
@ -11,18 +11,22 @@ pub async fn request_logout(
) -> Result<Redirect> {
let mut transaction = db.begin().await?;
let refresh_token = refresh_tokens::RefreshToken::get_one(&mut transaction, &refresh_token.0)
let refresh_token =
refresh_tokens::RefreshToken::get_one(transaction.deref_mut(), &refresh_token.0)
.await?
.ok_or_else(|| Error::not_found("Unknown refresh token"))?;
// Delete cookies
cookie_jar.remove(Cookie::named(JWT_COOKIE_NAME));
cookie_jar.remove(Cookie::named(REFRESH_TOKEN_COOKIE_NAME));
cookie_jar.remove(JWT_COOKIE_NAME);
cookie_jar.remove(REFRESH_TOKEN_COOKIE_NAME);
// If refresh token has already been used
if refresh_token.has_been_used() {
// Revoke all refresh tokens for user
refresh_tokens::RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user())
refresh_tokens::RefreshToken::revoke_all_for_user(
transaction.deref_mut(),
refresh_token.user(),
)
.await?;
transaction.commit().await?;
@ -41,7 +45,7 @@ pub async fn request_logout(
}
// Revoke token
refresh_token.revoke(&mut transaction).await?;
refresh_token.revoke(transaction.deref_mut()).await?;
transaction.commit().await?;

Some files were not shown because too many files have changed in this diff Show more