phil/ezidam
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: phil:rocket-05
Branches Tags
phil:master
phil:nix-ci
phil:rocket-05
phil:nix
phil:rocket05-rc4
phil:i18n
..
compare: phil:master
Branches Tags
phil:nix-ci
phil:rocket-05
phil:nix
phil:rocket05-rc4
phil:master
phil:i18n

No commits in common. "rocket-05" and "master" have entirely different histories.
rocket-05 ... master

108 changed files with 3323 additions and 3897 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -9,6 +9,3 @@
# os # os
.DS_Store .DS_Store
# nix docker
/result

1925
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

2
Cargo.toml
View file

@ -8,7 +8,7 @@ members = [
[workspace.dependencies] [workspace.dependencies]
thiserror = "1" thiserror = "1"
chrono = "0.4" chrono = "0.4"
sqlx = "0.7" sqlx = "0.6"
url = "2.3" url = "2.3"
serde = "1" serde = "1"
serde_json = "1" serde_json = "1"

12
crates/database/.sqlx/query-06cfa74715f3725e99e63aa206f1be5d26cb26924d53dc5a68ee4ea48d6bbbfd.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset business_logo = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "06cfa74715f3725e99e63aa206f1be5d26cb26924d53dc5a68ee4ea48d6bbbfd"
}

12
crates/database/.sqlx/query-0b60c7829e95dde4145b7f207b64df7006c1fde2faaca0f7952a009d6cda90a3.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset business_name = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "0b60c7829e95dde4145b7f207b64df7006c1fde2faaca0f7952a009d6cda90a3"
}

62
crates/database/.sqlx/query-13c26aaf556d259535afb95f5c53b4c594f373084c73000bc7865a280df74fdd.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere is_archived is 0\norder by created_at desc",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "13c26aaf556d259535afb95f5c53b4c594f373084c73000bc7865a280df74fdd"
}

12
crates/database/.sqlx/query-184d704e75f00513082dd2c6cc3ae5c3f58b57b222ba4333216b5c50c3c58c71.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset label = ?,\n redirect_uri = ?,\n is_confidential = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "184d704e75f00513082dd2c6cc3ae5c3f58b57b222ba4333216b5c50c3c58c71"
}

12
crates/database/.sqlx/query-1e2edc8cf28832344dbfa0878ac01361b6f97c552d6af8477da12cddb03d4865.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset secret = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "1e2edc8cf28832344dbfa0878ac01361b6f97c552d6af8477da12cddb03d4865"
}

12
crates/database/.sqlx/query-2d562e7b19d7d8303a0e79d143d25fd68743ae30d1ec0b0ca5c7dfc367fdf357.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update apps\n\nset is_archived = 1\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "2d562e7b19d7d8303a0e79d143d25fd68743ae30d1ec0b0ca5c7dfc367fdf357"
}

12
crates/database/.sqlx/query-2ee77458d93ae79d957e03e6ca50c1bf690f40b6cc6ec5f008eb0e928f376659.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update roles\n\nset is_archived = ?\n\nwhere name is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "2ee77458d93ae79d957e03e6ca50c1bf690f40b6cc6ec5f008eb0e928f376659"
}

12
crates/database/.sqlx/query-32d35bdd1f4cf64ce0ff7beb7a11591e0f35eab7211692bcde8230c68e4cedf3.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset password_recover = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "32d35bdd1f4cf64ce0ff7beb7a11591e0f35eab7211692bcde8230c68e4cedf3"
}

98
crates/database/.sqlx/query-37000307a757b4912ca300c346b5bd8ee5d50331d94abeee076ae4db46215a56.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere email is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "37000307a757b4912ca300c346b5bd8ee5d50331d94abeee076ae4db46215a56"
}

62
crates/database/.sqlx/query-37681902a5f5d87492812a525a6488e75d20c1c436a3ba2c5aa3f54da62fe861.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select\n -- info\n token,\n ip_address,\n user,\n app,\n\n -- timings\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\"\nfrom refresh_tokens\n\nwhere token is (?)",
"describe": {
"columns": [
{
"name": "token",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "ip_address",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 7,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
true,
true
]
},
"hash": "37681902a5f5d87492812a525a6488e75d20c1c436a3ba2c5aa3f54da62fe861"
}

12
crates/database/.sqlx/query-3c8e31ffa5cbfd4dded8a272777cb320fb51fd2e53ed25054d24e9801df0c358.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "3c8e31ffa5cbfd4dded8a272777cb320fb51fd2e53ed25054d24e9801df0c358"
}

12
crates/database/.sqlx/query-44cc12d7659e618fcb44a82697d60da940bdab3c87690ee42569ae3da1a8e791.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into roles (name, label)\nvalues (?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "44cc12d7659e618fcb44a82697d60da940bdab3c87690ee42569ae3da1a8e791"
}

32
crates/database/.sqlx/query-46caa546db24d2c1e8192f9e699202be5129c74a5569b2dc7bf95761fe09a6a3.json generated
View file

@ -1,32 +0,0 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere role is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false
]
},
"hash": "46caa546db24d2c1e8192f9e699202be5129c74a5569b2dc7bf95761fe09a6a3"
}

12
crates/database/.sqlx/query-520fe30e21f6b6c4d9a47c457675eebd144cf020e9230d154e9e4d0c8d6e01ca.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into users (id, is_admin, username, password)\nvalues (?, ?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "520fe30e21f6b6c4d9a47c457675eebd144cf020e9230d154e9e4d0c8d6e01ca"
}

12
crates/database/.sqlx/query-52c16bb0e76dd1726d151b69d1ba3b89948ee6ac5116e442faef8512c1a615c0.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset is_archived = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "52c16bb0e76dd1726d151b69d1ba3b89948ee6ac5116e442faef8512c1a615c0"
}

12
crates/database/.sqlx/query-545f19b0373c7ffe16864eb242c15a0092355e120c5cbe006c877afdfc4a4e8c.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset username = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "545f19b0373c7ffe16864eb242c15a0092355e120c5cbe006c877afdfc4a4e8c"
}

98
crates/database/.sqlx/query-5567f75b47f739e85da3469bec0202be315c42dfc820d3c37bba498b1b783811.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere username is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "5567f75b47f739e85da3469bec0202be315c42dfc820d3c37bba498b1b783811"
}

44
crates/database/.sqlx/query-56a9c0dff010858189a95087d014c7d0ce930da5d841b9d788a9c0e84b580bc6.json generated
View file

@ -1,44 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "56a9c0dff010858189a95087d014c7d0ce930da5d841b9d788a9c0e84b580bc6"
}

12
crates/database/.sqlx/query-58e0626629a768c33783bbc926c3d1477ad7e4e983b61ede013e5b066940eb5c.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset timezone = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "58e0626629a768c33783bbc926c3d1477ad7e4e983b61ede013e5b066940eb5c"
}

12
crates/database/.sqlx/query-5a365b761ada7d5f67e5ad3ff9a1a89d96383e28b15186576f90ff59f309196c.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update totp_login_requests\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and used_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "5a365b761ada7d5f67e5ad3ff9a1a89d96383e28b15186576f90ff59f309196c"
}

38
crates/database/.sqlx/query-5e148a43d9f64c73296b2b70deef07d2c863a93fff693aec1b47378c44bf77de.json generated
View file

@ -1,38 +0,0 @@
{
"db_name": "SQLite",
"query": "select name,\n label,\n created_at as \"created_at: DateTime<Utc>\",\n is_archived as \"is_archived: bool\"\nfrom roles\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 3,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false
]
},
"hash": "5e148a43d9f64c73296b2b70deef07d2c863a93fff693aec1b47378c44bf77de"
}

44
crates/database/.sqlx/query-5f946348ad62389fab3c97a1563d1592cbc5180abbba6d5abd44326bf0862669.json generated
View file

@ -1,44 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\nwhere revoked_at is not null\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "5f946348ad62389fab3c97a1563d1592cbc5180abbba6d5abd44326bf0862669"
}

12
crates/database/.sqlx/query-62c75412f673f6a293b0d188d79c50676ec21cf94e2e50e18f9279c91e6b85c8.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert or ignore into settings(id)\nvalues (0);",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "62c75412f673f6a293b0d188d79c50676ec21cf94e2e50e18f9279c91e6b85c8"
}

12
crates/database/.sqlx/query-645f583812c4d71570d1e84b866e85c5a012d71cd745494049a8d9bebab3ed61.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update totp_login_requests\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "645f583812c4d71570d1e84b866e85c5a012d71cd745494049a8d9bebab3ed61"
}

12
crates/database/.sqlx/query-657fdc2b228b14a6aba717e5083daf48204274ab62d73ec8968bcd0c7568b157.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "vacuum",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "657fdc2b228b14a6aba717e5083daf48204274ab62d73ec8968bcd0c7568b157"
}

12
crates/database/.sqlx/query-68cfa3d135eb4cdbdbcb3b943518b4ac09c371af689c444eb439a37f91ecf7a5.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset paper_key = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "68cfa3d135eb4cdbdbcb3b943518b4ac09c371af689c444eb439a37f91ecf7a5"
}

12
crates/database/.sqlx/query-693c8c3de266cb3a8fc98bdea8e3b87de0dcb78316628d48f0e6efc0f8103040.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update roles\n\nset label = ?\n\nwhere name is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "693c8c3de266cb3a8fc98bdea8e3b87de0dcb78316628d48f0e6efc0f8103040"
}

12
crates/database/.sqlx/query-6fa3c48b9e93fb9ec6807f7547a8f999fc55a6fb8ad4abe7af89ec52e0d10a0e.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "delete\nfrom permissions\n\nwhere user is ?\n and role is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "6fa3c48b9e93fb9ec6807f7547a8f999fc55a6fb8ad4abe7af89ec52e0d10a0e"
}

12
crates/database/.sqlx/query-6ff12f357d884a50035d708577a7f3109a07a1ca193cb3082d13687af65c6de0.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset is_admin = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "6ff12f357d884a50035d708577a7f3109a07a1ca193cb3082d13687af65c6de0"
}

98
crates/database/.sqlx/query-71c74369dc5d374d8ec5aa347b5f599728b74e545df3e986e3e7e66882f73ba0.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere id is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "71c74369dc5d374d8ec5aa347b5f599728b74e545df3e986e3e7e66882f73ba0"
}

32
crates/database/.sqlx/query-73bdbde04fca37f2411e7a9e1b6dbccc0dd4d12ebcb933024d9867f07bba3eb8.json generated
View file

@ -1,32 +0,0 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n and role is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 2
},
"nullable": [
false,
false,
false
]
},
"hash": "73bdbde04fca37f2411e7a9e1b6dbccc0dd4d12ebcb933024d9867f07bba3eb8"
}

12
crates/database/.sqlx/query-7b7f2430b2a719b3d5ce504c0a9302731b3ff82da99ba7771c2728d88aee642a.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update keys\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere revoked_at is null\n and id is not (?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "7b7f2430b2a719b3d5ce504c0a9302731b3ff82da99ba7771c2728d88aee642a"
}

12
crates/database/.sqlx/query-7f26b73408318040f94fb6574d5cc25482cef1a57ba4c467fa0bc0fdf25bf39c.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update authorization_codes\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere code is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "7f26b73408318040f94fb6574d5cc25482cef1a57ba4c467fa0bc0fdf25bf39c"
}

12
crates/database/.sqlx/query-87906834faa6f185aee0e4d893b9754908b1c173e9dce383663d723891a89cd1.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset url = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "87906834faa6f185aee0e4d893b9754908b1c173e9dce383663d723891a89cd1"
}

12
crates/database/.sqlx/query-8c131e1f73ffa01fc3e5e08071a786b85f23b9638d1c7eaa7b633c052703c911.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset name = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "8c131e1f73ffa01fc3e5e08071a786b85f23b9638d1c7eaa7b633c052703c911"
}

32
crates/database/.sqlx/query-8c37375b0694df02b7f1b6678e4e2c3ffbc590c0f305ff5a8f44350fba3eaec7.json generated
View file

@ -1,32 +0,0 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\nwhere user is (?)\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false
]
},
"hash": "8c37375b0694df02b7f1b6678e4e2c3ffbc590c0f305ff5a8f44350fba3eaec7"
}

12
crates/database/.sqlx/query-93b15a942a6c7db595990f00e14fde26d6d36b8c8de9935179d41f6c7c755978.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere app is ?\n and revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "93b15a942a6c7db595990f00e14fde26d6d36b8c8de9935179d41f6c7c755978"
}

12
crates/database/.sqlx/query-9784afe2dcff4db86908175d4e3145baf72b3361f43e4127350a14a183ef63f7.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset password = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "9784afe2dcff4db86908175d4e3145baf72b3361f43e4127350a14a183ef63f7"
}

98
crates/database/.sqlx/query-979c7ba41dac5ea5593fc169ea95b68d2311c5ae05c1e18db43424c8ed2f2e4e.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "979c7ba41dac5ea5593fc169ea95b68d2311c5ae05c1e18db43424c8ed2f2e4e"
}

38
crates/database/.sqlx/query-9a3aef02e55fc436e9c09c1ee6d29477c2746765f6e7d5679058ec6525ee7253.json generated
View file

@ -1,38 +0,0 @@
{
"db_name": "SQLite",
"query": "select name,\n label,\n created_at as \"created_at: DateTime<Utc>\",\n is_archived as \"is_archived: bool\"\nfrom roles\n\nwhere name is (?)\n",
"describe": {
"columns": [
{
"name": "name",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 3,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false
]
},
"hash": "9a3aef02e55fc436e9c09c1ee6d29477c2746765f6e7d5679058ec6525ee7253"
}

98
crates/database/.sqlx/query-9dc379b0f3a3c944a33ef01dc40489b29b2a61b9f73f6ca4b5df7e9fb9bccf90.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join settings s on u.id = s.first_admin\n\nwhere u.is_admin is 1\n and u.is_archived is 0\n and u.id is s.first_admin\n\nlimit 1",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "9dc379b0f3a3c944a33ef01dc40489b29b2a61b9f73f6ca4b5df7e9fb9bccf90"
}

12
crates/database/.sqlx/query-9f1885c4786f73335b4d614f562bb7cad49c91bfe7f084d8c25c6c571673ab90.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 0
},
"nullable": []
},
"hash": "9f1885c4786f73335b4d614f562bb7cad49c91bfe7f084d8c25c6c571673ab90"
}

44
crates/database/.sqlx/query-a0dd1ddcc7d58fad78ed6c5027a9559428be9d0d59df6409ca9ec7cd728f6001.json generated
View file

@ -1,44 +0,0 @@
{
"db_name": "SQLite",
"query": "select\n -- info\n token,\n user,\n\n -- timings\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom totp_login_requests\n\nwhere token is (?)",
"describe": {
"columns": [
{
"name": "token",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
true
]
},
"hash": "a0dd1ddcc7d58fad78ed6c5027a9559428be9d0d59df6409ca9ec7cd728f6001"
}

12
crates/database/.sqlx/query-a2bf546b2cf6a53a3a127c08fbb7f3dfcf0fe7a30364b1fb57c3e6b757093578.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into totp_login_requests (token, user, expires_at)\nvalues (?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "a2bf546b2cf6a53a3a127c08fbb7f3dfcf0fe7a30364b1fb57c3e6b757093578"
}

12
crates/database/.sqlx/query-a55b17a3a70e6445517f19536220f0dafc78a0e8b69221dee4715f84841839da.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into authorization_codes (code, app, user, expires_at)\nvalues (?, ?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 4
},
"nullable": []
},
"hash": "a55b17a3a70e6445517f19536220f0dafc78a0e8b69221dee4715f84841839da"
}

32
crates/database/.sqlx/query-a9e910eedc27c495262571520627363290640b3af7d177a024cad06220a770f0.json generated
View file

@ -1,32 +0,0 @@
{
"db_name": "SQLite",
"query": "select user,\n role,\n created_at as \"created_at: DateTime<Utc>\"\n\nfrom permissions\n",
"describe": {
"columns": [
{
"name": "user",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "role",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false
]
},
"hash": "a9e910eedc27c495262571520627363290640b3af7d177a024cad06220a770f0"
}

12
crates/database/.sqlx/query-aae93a39c5a9f46235b5ef871b45ba76d7efa1677bfe8291a62b8cbf9cd9e0d5.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update settings\n\nset first_admin = ?\n\nwhere id is 0\n",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "aae93a39c5a9f46235b5ef871b45ba76d7efa1677bfe8291a62b8cbf9cd9e0d5"
}

56
crates/database/.sqlx/query-adcbc32e2c284b59eefb79fd2ff33d4ff1c2e250b2d103d8500fae203fb18a6d.json generated
View file

@ -1,56 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n business_name,\n business_logo,\n url,\n first_admin\n\nfrom settings\n\nwhere id is 0\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Int64"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "business_name",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "business_logo",
"ordinal": 4,
"type_info": "Blob"
},
{
"name": "url",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "first_admin",
"ordinal": 6,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
true,
true,
true,
true
]
},
"hash": "adcbc32e2c284b59eefb79fd2ff33d4ff1c2e250b2d103d8500fae203fb18a6d"
}

12
crates/database/.sqlx/query-afc08ba1fd47656c7d987e3817941004f988e683d28df2f533ff6272bc71b356.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset totp_secret = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "afc08ba1fd47656c7d987e3817941004f988e683d28df2f533ff6272bc71b356"
}

12
crates/database/.sqlx/query-b3936ae237f02cc048ca084372f7975921c79aef8fcd6d15a4d63c10f2377d24.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into refresh_tokens (token, ip_address, user, app, expires_at)\nvalues (?, ?, ?, ?, datetime(?, 'unixepoch'))\n",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "b3936ae237f02cc048ca084372f7975921c79aef8fcd6d15a4d63c10f2377d24"
}

12
crates/database/.sqlx/query-baaae9952348da17e2f4d099c6903c50bc90daed80ee2df1fd0dc1d9d2c67b26.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset totp_backup = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "baaae9952348da17e2f4d099c6903c50bc90daed80ee2df1fd0dc1d9d2c67b26"
}

12
crates/database/.sqlx/query-c00e5fce25caebdeeb24db20880e6c2210f583cddb0d478075f78124258712dd.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and revoked_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "c00e5fce25caebdeeb24db20880e6c2210f583cddb0d478075f78124258712dd"
}

12
crates/database/.sqlx/query-c28c88869239edc02c073f461645eca82d816650fabe65464e2059d5908d8a28.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update users\n\nset email = ?\n\nwhere id is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "c28c88869239edc02c073f461645eca82d816650fabe65464e2059d5908d8a28"
}

50
crates/database/.sqlx/query-c3dcd38a2d4ff391aed4a2ac3f393646319950334494ecb5fa7effe9806d07ab.json generated
View file

@ -1,50 +0,0 @@
{
"db_name": "SQLite",
"query": "select code,\n app,\n user,\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom authorization_codes\n",
"describe": {
"columns": [
{
"name": "code",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
true
]
},
"hash": "c3dcd38a2d4ff391aed4a2ac3f393646319950334494ecb5fa7effe9806d07ab"
}

12
crates/database/.sqlx/query-c6157ec3928527ec0ac5f493a5a91faff7e3668204a179e827a87d6279a02c40.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update refresh_tokens\n\nset revoked_at = CURRENT_TIMESTAMP\n\nwhere token is ?",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "c6157ec3928527ec0ac5f493a5a91faff7e3668204a179e827a87d6279a02c40"
}

12
crates/database/.sqlx/query-c724c273f9d99bde48c29d7a0e65198a1ddd775cd1bda10f6e4a8acfbca64b72.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into permissions(user, role)\nvalues (?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 2
},
"nullable": []
},
"hash": "c724c273f9d99bde48c29d7a0e65198a1ddd775cd1bda10f6e4a8acfbca64b72"
}

98
crates/database/.sqlx/query-ca7d100a9440fb7854a27f9aafd91ce94d1df9fa1ccd65b549be92d16741f9d2.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join refresh_tokens rt on u.id = rt.user\n\nwhere rt.token is ?\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "ca7d100a9440fb7854a27f9aafd91ce94d1df9fa1ccd65b549be92d16741f9d2"
}

98
crates/database/.sqlx/query-cf12bd3112b2047f263118649ba89800509d94f3a858be99fb7ce8c8bc05d8b7.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n is_admin as \"is_admin: bool\",\n username,\n name,\n email,\n password,\n password_recover,\n paper_key,\n is_archived as \"is_archived: bool\",\n timezone,\n totp_secret,\n totp_backup\nfrom users\n\nwhere password_recover is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "cf12bd3112b2047f263118649ba89800509d94f3a858be99fb7ce8c8bc05d8b7"
}

50
crates/database/.sqlx/query-cf624c4e122477228e3bab09f7cd0dedf4776f73e7a86f19e06772a0adf83406.json generated
View file

@ -1,50 +0,0 @@
{
"db_name": "SQLite",
"query": "select code,\n app,\n user,\n created_at as \"created_at: DateTime<Utc>\",\n expires_at as \"expires_at: DateTime<Utc>\",\n used_at as \"used_at: DateTime<Utc>\"\nfrom authorization_codes\n\nwhere code is (?)\n",
"describe": {
"columns": [
{
"name": "code",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "app",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "user",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "expires_at: DateTime<Utc>",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "used_at: DateTime<Utc>",
"ordinal": 5,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true
]
},
"hash": "cf624c4e122477228e3bab09f7cd0dedf4776f73e7a86f19e06772a0adf83406"
}

44
crates/database/.sqlx/query-d166553746afb2d3eaa1ddcb9986b7b9723258f4051bce8287038e3dd1ac928a.json generated
View file

@ -1,44 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n revoked_at as \"revoked_at: DateTime<Utc>\",\n private_der,\n public_der\n\nfrom keys\nwhere revoked_at is null\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "revoked_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "private_der",
"ordinal": 3,
"type_info": "Blob"
},
{
"name": "public_der",
"ordinal": 4,
"type_info": "Blob"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
true,
false,
false
]
},
"hash": "d166553746afb2d3eaa1ddcb9986b7b9723258f4051bce8287038e3dd1ac928a"
}

98
crates/database/.sqlx/query-d6d3a401f5563ce339099ccbdedec1ac248865810cafafd5d78d6cc3f74d5237.json generated
View file

@ -1,98 +0,0 @@
{
"db_name": "SQLite",
"query": "select u.id,\n u.created_at as \"created_at: DateTime<Utc>\",\n u.updated_at as \"updated_at: DateTime<Utc>\",\n u.is_admin as \"is_admin: bool\",\n u.username,\n u.name,\n u.email,\n u.password,\n u.password_recover,\n u.paper_key,\n u.is_archived as \"is_archived: bool\",\n u.timezone,\n u.totp_secret,\n u.totp_backup\nfrom users u\n\n inner join authorization_codes ac on u.id = ac.user\n\nwhere ac.code is ?",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "is_admin: bool",
"ordinal": 3,
"type_info": "Int64"
},
{
"name": "username",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "name",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "email",
"ordinal": 6,
"type_info": "Text"
},
{
"name": "password",
"ordinal": 7,
"type_info": "Text"
},
{
"name": "password_recover",
"ordinal": 8,
"type_info": "Text"
},
{
"name": "paper_key",
"ordinal": 9,
"type_info": "Text"
},
{
"name": "is_archived: bool",
"ordinal": 10,
"type_info": "Int64"
},
{
"name": "timezone",
"ordinal": 11,
"type_info": "Text"
},
{
"name": "totp_secret",
"ordinal": 12,
"type_info": "Blob"
},
{
"name": "totp_backup",
"ordinal": 13,
"type_info": "Text"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
true,
true,
true,
true,
true,
false,
false,
true,
true
]
},
"hash": "d6d3a401f5563ce339099ccbdedec1ac248865810cafafd5d78d6cc3f74d5237"
}

62
crates/database/.sqlx/query-d8517e5faa5292da25d21a85fcb2f676dce0f67275466566d5bbedf0f4b7f4f5.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere is_archived is 1\norder by created_at desc",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "d8517e5faa5292da25d21a85fcb2f676dce0f67275466566d5bbedf0f4b7f4f5"
}

62
crates/database/.sqlx/query-e22ba816faac0c17ca9f2c31fd1b4a5f13a09cece9ec78e0b6e018950c91facb.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere id is (?)\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "e22ba816faac0c17ca9f2c31fd1b4a5f13a09cece9ec78e0b6e018950c91facb"
}

20
crates/database/.sqlx/query-e977ca16c7bd7ec4125725ff5e42d3c547634e2b608d6be91814bce657e07b65.json generated
View file

@ -1,20 +0,0 @@
{
"db_name": "SQLite",
"query": "select page_count * page_size\nFROM pragma_page_count(), pragma_page_size();",
"describe": {
"columns": [
{
"name": "page_count * page_size",
"ordinal": 0,
"type_info": "Int"
}
],
"parameters": {
"Right": 0
},
"nullable": [
null
]
},
"hash": "e977ca16c7bd7ec4125725ff5e42d3c547634e2b608d6be91814bce657e07b65"
}

62
crates/database/.sqlx/query-eaf0744f65a1de803fa8cc21b67bad4bdf22760d431265cf97b911e6456b2fd8.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select a.id,\n a.created_at as \"created_at: DateTime<Utc>\",\n a.updated_at as \"updated_at: DateTime<Utc>\",\n a.label,\n a.redirect_uri,\n a.secret,\n a.is_confidential as \"is_confidential: bool\",\n a.is_archived as \"is_archived: bool\"\nfrom apps a\n\n inner join authorization_codes ac on a.id = ac.app\n\nwhere ac.code is ?\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 1
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "eaf0744f65a1de803fa8cc21b67bad4bdf22760d431265cf97b911e6456b2fd8"
}

62
crates/database/.sqlx/query-eb1a0153c88b0b2744ed1b71df04a91a129a0173fbbc3e2536f52d41e8dc99c4.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\nwhere id is (?)\n and redirect_uri is (?)\n and is_archived is 0\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 2
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "eb1a0153c88b0b2744ed1b71df04a91a129a0173fbbc3e2536f52d41e8dc99c4"
}

12
crates/database/.sqlx/query-ebe28f418d28303b2efe1fe192a63538d29d75c57b67d5eac1ac4ceaa1472a5c.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "update authorization_codes\n\nset used_at = CURRENT_TIMESTAMP\n\nwhere user is ?\n and used_at is null",
"describe": {
"columns": [],
"parameters": {
"Right": 1
},
"nullable": []
},
"hash": "ebe28f418d28303b2efe1fe192a63538d29d75c57b67d5eac1ac4ceaa1472a5c"
}

12
crates/database/.sqlx/query-ed27954feb3e21b5c519ccd0312526e68fb3d88a1feb28bdafb414e990da55e8.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into apps (id, label, redirect_uri, secret, is_confidential)\nvalues (?, ?, ?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 5
},
"nullable": []
},
"hash": "ed27954feb3e21b5c519ccd0312526e68fb3d88a1feb28bdafb414e990da55e8"
}

12
crates/database/.sqlx/query-f705411720bd037562f7e3622832262ac4c0a8fc0921fbd934d2b98146d3f413.json generated
View file

@ -1,12 +0,0 @@
{
"db_name": "SQLite",
"query": "insert into keys (id, private_der, public_der)\nvalues (?, ?, ?)\n",
"describe": {
"columns": [],
"parameters": {
"Right": 3
},
"nullable": []
},
"hash": "f705411720bd037562f7e3622832262ac4c0a8fc0921fbd934d2b98146d3f413"
}

62
crates/database/.sqlx/query-fb35faa6eb7349f783d0053509225216693532c7233a3bf61674b64c2fb3dad7.json generated
View file

@ -1,62 +0,0 @@
{
"db_name": "SQLite",
"query": "select id,\n created_at as \"created_at: DateTime<Utc>\",\n updated_at as \"updated_at: DateTime<Utc>\",\n label,\n redirect_uri,\n secret,\n is_confidential as \"is_confidential: bool\",\n is_archived as \"is_archived: bool\"\nfrom apps\n\norder by created_at desc\n",
"describe": {
"columns": [
{
"name": "id",
"ordinal": 0,
"type_info": "Text"
},
{
"name": "created_at: DateTime<Utc>",
"ordinal": 1,
"type_info": "Text"
},
{
"name": "updated_at: DateTime<Utc>",
"ordinal": 2,
"type_info": "Text"
},
{
"name": "label",
"ordinal": 3,
"type_info": "Text"
},
{
"name": "redirect_uri",
"ordinal": 4,
"type_info": "Text"
},
{
"name": "secret",
"ordinal": 5,
"type_info": "Text"
},
{
"name": "is_confidential: bool",
"ordinal": 6,
"type_info": "Int64"
},
{
"name": "is_archived: bool",
"ordinal": 7,
"type_info": "Int64"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false,
false,
false,
false,
false,
false,
false,
false
]
},
"hash": "fb35faa6eb7349f783d0053509225216693532c7233a3bf61674b64c2fb3dad7"
}

2
crates/database/Cargo.toml
View file

@ -8,4 +8,4 @@ thiserror = { workspace = true }
[dependencies.sqlx] [dependencies.sqlx]
workspace = true workspace = true
features = ["sqlite", "macros", "migrate", "chrono", "runtime-tokio-rustls"] features = ["sqlite", "macros", "migrate", "chrono", "offline", "runtime-tokio-rustls"]

2129
crates/database/sqlx-data.json Normal file
View file

File diff suppressed because it is too large Load diff

2
crates/email/src/lib.rs
View file

@ -3,7 +3,7 @@ use lettre::transport::smtp::authentication::Credentials;
use lettre::transport::smtp::response::Response; use lettre::transport::smtp::response::Response;
use lettre::{AsyncSmtpTransport, AsyncTransport, Message, Tokio1Executor}; use lettre::{AsyncSmtpTransport, AsyncTransport, Message, Tokio1Executor};
use mrml::mjml::Mjml; use mrml::mjml::Mjml;
use mrml::prelude::parser::Error as MjmlParserError; use mrml::prelude::parse::Error as MjmlParserError;
use mrml::prelude::render::{Error as MjmlRenderError, Options}; use mrml::prelude::render::{Error as MjmlRenderError, Options};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use tera::{Context, Tera}; use tera::{Context, Tera};

18
crates/ezidam/Cargo.toml
View file

@ -4,19 +4,19 @@ version = "0.1.0"
edition = "2021" edition = "2021"
[dependencies] [dependencies]
rocket = { version = "0.5.0", features = ["json"] } rocket = { version = "=0.5.0-rc.3", features = ["json"] }
rocket_db_pools = { version = "0.1.0", features = ["sqlx_sqlite"] } rocket_db_pools = { version = "=0.1.0-rc.3", features = ["sqlx_sqlite"] }
rocket_dyn_templates = { version = "0.1.0", features = ["tera"] } rocket_dyn_templates = { version = "=0.1.0-rc.3", features = ["tera"] }
infer = { version = "0.15", default-features = false } infer = { version = "0.13", default-features = false }
erased-serde = "0.3" erased-serde = "0.3"
url = { workspace = true } url = { workspace = true }
futures = "0.3" futures = "0.3"
base64 = "0.21" base64 = "0.21.0"
rocket_cors = "0.6" rocket_cors = "0.6.0-alpha2"
email_address = { workspace = true } email_address = { workspace = true }
chrono-tz = "0.8" chrono-tz = "0.8.2"
chrono-humanize = "0.2" chrono-humanize = "0.2.2"
minify-html = "0.11" minify-html = "0.10.8"
# local crates # local crates
database_pool = { path = "../database_pool" } database_pool = { path = "../database_pool" }

10
crates/ezidam/src/guards/access_token.rs
View file

@ -35,7 +35,7 @@ impl AccessToken {
}, },
Err(e) => match e { Err(e) => match e {
Outcome::Success(s) => Ok(Some(Self(s))), Outcome::Success(s) => Ok(Some(Self(s))),
Outcome::Error(e) => Err(BearerAuthError::Jwt(e.1)), Outcome::Failure(e) => Err(BearerAuthError::Jwt(e.1)),
Outcome::Forward(_) => Ok(None), Outcome::Forward(_) => Ok(None),
}, },
} }
@ -50,15 +50,15 @@ impl<'r> FromRequest<'r> for AccessToken {
let keys: Vec<_> = request.headers().get("Authorization").collect(); let keys: Vec<_> = request.headers().get("Authorization").collect();
match keys.len() { match keys.len() {
0 => Outcome::Forward(Status::Unauthorized), 0 => Outcome::Forward(()),
1 => match AccessToken::from_bearer(keys[0], request).await { 1 => match AccessToken::from_bearer(keys[0], request).await {
Ok(access_token) => match access_token { Ok(access_token) => match access_token {
Some(access_token) => Outcome::Success(access_token), Some(access_token) => Outcome::Success(access_token),
None => Outcome::Forward(Status::Unauthorized), None => Outcome::Forward(()),
}, },
Err(e) => Outcome::Error((Status::Unauthorized, e)), Err(e) => Outcome::Failure((Status::Unauthorized, e)),
}, },
_ => Outcome::Error((Status::BadRequest, BearerAuthError::BadCount)), _ => Outcome::Failure((Status::BadRequest, BearerAuthError::BadCount)),
} }
} }
} }

6
crates/ezidam/src/guards/basic_auth.rs
View file

@ -56,12 +56,12 @@ impl<'r> FromRequest<'r> for BasicAuth {
let keys: Vec<_> = request.headers().get("Authorization").collect(); let keys: Vec<_> = request.headers().get("Authorization").collect();
match keys.len() { match keys.len() {
0 => Outcome::Forward(Status::BadRequest), 0 => Outcome::Forward(()),
1 => match BasicAuth::from_base64(keys[0]) { 1 => match BasicAuth::from_base64(keys[0]) {
Ok(auth_header) => Outcome::Success(auth_header), Ok(auth_header) => Outcome::Success(auth_header),
Err(e) => Outcome::Error((Status::BadRequest, e)), Err(e) => Outcome::Failure((Status::BadRequest, e)),
}, },
_ => Outcome::Error((Status::BadRequest, BasicAuthError::BadCount)), _ => Outcome::Failure((Status::BadRequest, BasicAuthError::BadCount)),
} }
} }
} }

6
crates/ezidam/src/guards/completed_setup.rs
View file

@ -19,16 +19,16 @@ impl<'r> FromRequest<'r> for CompletedSetup {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> { async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let db = match request.guard::<&Database>().await { let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database, Outcome::Success(database) => database,
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)), Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f), Outcome::Forward(f) => return Outcome::Forward(f),
}; };
match User::get_initial_admin(&**db).await { match User::get_initial_admin(&**db).await {
Ok(initial_admin) => match initial_admin { Ok(initial_admin) => match initial_admin {
Some(_) => Outcome::Success(CompletedSetup), Some(_) => Outcome::Success(CompletedSetup),
None => Outcome::Forward(Status::PermanentRedirect), None => Outcome::Forward(()),
}, },
Err(e) => Outcome::Error((Status::InternalServerError, Error::Request(e))), Err(e) => Outcome::Failure((Status::InternalServerError, Error::Request(e))),
} }
} }
} }

98
crates/ezidam/src/guards/jwt.rs
View file

@ -16,7 +16,6 @@ use rocket::time::Duration;
use rocket::tokio::task; use rocket::tokio::task;
use rocket::Request; use rocket::Request;
use settings::Settings; use settings::Settings;
use std::ops::DerefMut;
use users::User; use users::User;
mod admin; mod admin;
@ -79,14 +78,14 @@ pub async fn validate_jwt<T>(
// Get database // Get database
let db = match request.guard::<&Database>().await { let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database, Outcome::Success(database) => database,
Outcome::Error(e) => return Err(Outcome::Error((e.0, Error::GetDatabase))), Outcome::Failure(e) => return Err(Outcome::Failure((e.0, Error::GetDatabase))),
Outcome::Forward(f) => return Err(Outcome::Forward(f)), Outcome::Forward(f) => return Err(Outcome::Forward(f)),
}; };
let mut transaction = match db.begin().await { let mut transaction = match db.begin().await {
Ok(transaction) => transaction, Ok(transaction) => transaction,
Err(_e) => { Err(_e) => {
return Err(Outcome::Error(( return Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::StartTransaction, Error::StartTransaction,
))); )));
@ -94,10 +93,10 @@ pub async fn validate_jwt<T>(
}; };
// Get keys // Get keys
let keys = match Key::get_all(transaction.deref_mut(), Some(false)).await { let keys = match Key::get_all(&mut transaction, Some(false)).await {
Ok(keys) => keys, Ok(keys) => keys,
Err(e) => { Err(e) => {
return Err(Outcome::Error(( return Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::Keys(e), Error::Keys(e),
))) )))
@ -106,10 +105,10 @@ pub async fn validate_jwt<T>(
if let Some(specific_user) = specific_user { if let Some(specific_user) = specific_user {
// Get settings // Get settings
let settings = match Settings::get(transaction.deref_mut()).await { let settings = match Settings::get(&mut transaction).await {
Ok(settings) => settings, Ok(settings) => settings,
Err(e) => { Err(e) => {
return Err(Outcome::Error(( return Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::GetSettings(e), Error::GetSettings(e),
))); )));
@ -120,7 +119,7 @@ pub async fn validate_jwt<T>(
let first_admin = match settings.first_admin() { let first_admin = match settings.first_admin() {
Some(home_page) => UserID(home_page.to_string()), Some(home_page) => UserID(home_page.to_string()),
None => { None => {
return Err(Outcome::Error(( return Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::FirstAdminNotSet, Error::FirstAdminNotSet,
))); )));
@ -134,7 +133,7 @@ pub async fn validate_jwt<T>(
} }
if let Err(_e) = transaction.commit().await { if let Err(_e) = transaction.commit().await {
return Err(Outcome::Error(( return Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::CommitTransaction, Error::CommitTransaction,
))); )));
@ -192,11 +191,11 @@ pub async fn validate_jwt<T>(
// Return jwt claims // Return jwt claims
Ok(claims) Ok(claims)
} }
Err(_e) => Err(Outcome::Forward(Status::Unauthorized)), Err(_e) => Err(Outcome::Forward(())),
}, },
Err(e) => { Err(e) => {
// Failed to run blocking task // Failed to run blocking task
Err(Outcome::Error(( Err(Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::BlockingTask(e.to_string()), Error::BlockingTask(e.to_string()),
))) )))
@ -212,92 +211,92 @@ pub async fn use_refresh_token(
// Get database // Get database
let db = match request.guard::<&Database>().await { let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database, Outcome::Success(database) => database,
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)), Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f), Outcome::Forward(f) => return Outcome::Forward(f),
}; };
// Get cookies // Get cookies
let cookie_jar = match request.guard::<&CookieJar>().await { let cookie_jar = match request.guard::<&CookieJar>().await {
Outcome::Success(cookie_jar) => cookie_jar, Outcome::Success(cookie_jar) => cookie_jar,
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetCookies)), Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetCookies)),
Outcome::Forward(f) => return Outcome::Forward(f), Outcome::Forward(f) => return Outcome::Forward(f),
}; };
let mut transaction = match db.begin().await { let mut transaction = match db.begin().await {
Ok(transaction) => transaction, Ok(transaction) => transaction,
Err(_e) => { Err(_e) => {
return Outcome::Error((Status::InternalServerError, Error::StartTransaction)); return Outcome::Failure((Status::InternalServerError, Error::StartTransaction));
} }
}; };
let refresh_token = match RefreshToken::get_one(transaction.deref_mut(), &refresh).await { let refresh_token = match RefreshToken::get_one(&mut transaction, &refresh).await {
Ok(refresh_token) => match refresh_token { Ok(refresh_token) => match refresh_token {
Some(refresh_token) => refresh_token, Some(refresh_token) => refresh_token,
None => return Outcome::Forward(Status::Unauthorized), None => return Outcome::Forward(()),
}, },
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::GetRefreshToken(e))); return Outcome::Failure((Status::InternalServerError, Error::GetRefreshToken(e)));
} }
}; };
let user = match User::get_one_from_refresh_token(transaction.deref_mut(), &refresh).await { let user = match User::get_one_from_refresh_token(&mut transaction, &refresh).await {
Ok(user) => match user { Ok(user) => match user {
Some(user) => user, Some(user) => user,
None => { None => {
return Outcome::Error((Status::InternalServerError, Error::UserNotFound)); return Outcome::Failure((Status::InternalServerError, Error::UserNotFound));
} }
}, },
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::GetUser(e))); return Outcome::Failure((Status::InternalServerError, Error::GetUser(e)));
} }
}; };
// make sure that `get_admin` is respected, dont generate token for unwanted users! // make sure that `get_admin` is respected, dont generate token for unwanted users!
if let Some(get_admin) = get_admin { if let Some(get_admin) = get_admin {
if user.is_admin() != get_admin { if user.is_admin() != get_admin {
return Outcome::Forward(Status::Forbidden); return Outcome::Forward(());
} }
} }
if refresh_token.has_been_used() { if refresh_token.has_been_used() {
// Revoke all tokens for user // Revoke all tokens for user
if let Err(e) = if let Err(e) =
RefreshToken::revoke_all_for_user(transaction.deref_mut(), refresh_token.user()).await RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user()).await
{ {
return Outcome::Error((Status::InternalServerError, Error::RevokeRefreshTokens(e))); return Outcome::Failure((Status::InternalServerError, Error::RevokeRefreshTokens(e)));
} }
if let Err(_e) = transaction.commit().await { if let Err(_e) = transaction.commit().await {
return Outcome::Error((Status::InternalServerError, Error::CommitTransaction)); return Outcome::Failure((Status::InternalServerError, Error::CommitTransaction));
} }
return Outcome::Forward(Status::Unauthorized); return Outcome::Forward(());
} }
if refresh_token.is_revoked() { if refresh_token.is_revoked() {
return Outcome::Forward(Status::Unauthorized); return Outcome::Forward(());
} }
if refresh_token.has_expired() { if refresh_token.has_expired() {
return Outcome::Forward(Status::Unauthorized); return Outcome::Forward(());
} }
if let Err(e) = refresh_token.use_token(transaction.deref_mut()).await { if let Err(e) = refresh_token.use_token(&mut transaction).await {
return Outcome::Error((Status::InternalServerError, Error::MarkRefreshTokenUsed(e))); return Outcome::Failure((Status::InternalServerError, Error::MarkRefreshTokenUsed(e)));
} }
// Get base url // Get base url
let settings = match Settings::get(transaction.deref_mut()).await { let settings = match Settings::get(&mut transaction).await {
Ok(settings) => settings, Ok(settings) => settings,
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::GetSettings(e))); return Outcome::Failure((Status::InternalServerError, Error::GetSettings(e)));
} }
}; };
let home_page = match settings.url().map(String::from) { let home_page = match settings.url().map(String::from) {
Some(home_page) => home_page, Some(home_page) => home_page,
None => { None => {
return Outcome::Error((Status::InternalServerError, Error::ServerUrlNotSet)); return Outcome::Failure((Status::InternalServerError, Error::ServerUrlNotSet));
} }
}; };
@ -305,7 +304,7 @@ pub async fn use_refresh_token(
let new_refresh_token = match task::spawn_blocking(SecretString::default).await { let new_refresh_token = match task::spawn_blocking(SecretString::default).await {
Ok(new_refresh_token) => new_refresh_token, Ok(new_refresh_token) => new_refresh_token,
Err(e) => { Err(e) => {
return Outcome::Error(( return Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::BlockingTask(e.to_string()), Error::BlockingTask(e.to_string()),
)); ));
@ -316,13 +315,13 @@ pub async fn use_refresh_token(
let ip_address = match request.client_ip() { let ip_address = match request.client_ip() {
Some(ip) => ip.to_string(), Some(ip) => ip.to_string(),
None => { None => {
return Outcome::Error((Status::BadRequest, Error::UnknownIp)); return Outcome::Failure((Status::BadRequest, Error::UnknownIp));
} }
}; };
// Insert refresh token in database // Insert refresh token in database
if let Err(e) = RefreshToken::insert( if let Err(e) = RefreshToken::insert(
transaction.deref_mut(), &mut transaction,
new_refresh_token.as_ref(), new_refresh_token.as_ref(),
ip_address, ip_address,
user.id(), user.id(),
@ -331,7 +330,7 @@ pub async fn use_refresh_token(
) )
.await .await
{ {
return Outcome::Error((Status::InternalServerError, Error::SaveRefreshToken(e))); return Outcome::Failure((Status::InternalServerError, Error::SaveRefreshToken(e)));
} }
// Add refresh token as a cookie // Add refresh token as a cookie
@ -346,21 +345,24 @@ pub async fn use_refresh_token(
cookie_jar.add(cookie); cookie_jar.add(cookie);
// Get latest key from database // Get latest key from database
let key = match Key::get_most_recent(transaction.deref_mut()).await { let key = match Key::get_most_recent(&mut transaction).await {
Ok(key) => match key { Ok(key) => match key {
Some(key) => key, Some(key) => key,
None => { None => {
return Outcome::Error((Status::InternalServerError, Error::MostRecentKeyNotFound)); return Outcome::Failure((
Status::InternalServerError,
Error::MostRecentKeyNotFound,
));
} }
}, },
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::GetKey(e))); return Outcome::Failure((Status::InternalServerError, Error::GetKey(e)));
} }
}; };
// Make sure key has not been revoked // Make sure key has not been revoked
if key.is_revoked() { if key.is_revoked() {
return Outcome::Error((Status::InternalServerError, Error::MostRecentKeyRevoked)); return Outcome::Failure((Status::InternalServerError, Error::MostRecentKeyRevoked));
} }
// Import private key // Import private key
@ -371,11 +373,11 @@ pub async fn use_refresh_token(
Ok(private_key) => match private_key { Ok(private_key) => match private_key {
Ok(private_key) => private_key, Ok(private_key) => private_key,
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::ImportKey(e))); return Outcome::Failure((Status::InternalServerError, Error::ImportKey(e)));
} }
}, },
Err(e) => { Err(e) => {
return Outcome::Error(( return Outcome::Failure((
Status::InternalServerError, Status::InternalServerError,
Error::BlockingTask(e.to_string()), Error::BlockingTask(e.to_string()),
)); ));
@ -383,13 +385,13 @@ pub async fn use_refresh_token(
}; };
// Get user roles // Get user roles
let roles = match Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await { let roles = match Permission::get_all(&mut transaction, Some(user.id()), None).await {
Ok(roles) => roles Ok(roles) => roles
.into_iter() .into_iter()
.map(|role| role.role().to_string()) .map(|role| role.role().to_string())
.collect(), .collect(),
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::GetPermissions(e))); return Outcome::Failure((Status::InternalServerError, Error::GetPermissions(e)));
} }
}; };
@ -401,7 +403,7 @@ pub async fn use_refresh_token(
{ {
Ok(jwt) => jwt, Ok(jwt) => jwt,
Err(e) => { Err(e) => {
return Outcome::Error((Status::InternalServerError, Error::SignJwt(e))); return Outcome::Failure((Status::InternalServerError, Error::SignJwt(e)));
} }
}; };
@ -414,7 +416,7 @@ pub async fn use_refresh_token(
cookie_jar.add(cookie); cookie_jar.add(cookie);
if let Err(_e) = transaction.commit().await { if let Err(_e) = transaction.commit().await {
return Outcome::Error((Status::InternalServerError, Error::CommitTransaction)); return Outcome::Failure((Status::InternalServerError, Error::CommitTransaction));
} }
Outcome::Success(jwt_claims) Outcome::Success(jwt_claims)
@ -434,7 +436,7 @@ pub async fn use_access_token_or_refresh_token(
match validate_jwt(access, request, get_admin, specific_user).await { match validate_jwt(access, request, get_admin, specific_user).await {
Ok(jwt_claims) => match jwt_claims { Ok(jwt_claims) => match jwt_claims {
Some(jwt_claims) => Outcome::Success(jwt_claims), Some(jwt_claims) => Outcome::Success(jwt_claims),
None => Outcome::Forward(Status::Unauthorized), None => Outcome::Forward(()),
}, },
Err(e) => e, Err(e) => e,
} }
@ -445,7 +447,7 @@ pub async fn use_access_token_or_refresh_token(
} }
(None, None) => { (None, None) => {
// Nothing to do // Nothing to do
Outcome::Forward(Status::Unauthorized) Outcome::Forward(())
} }
} }
} }

7
crates/ezidam/src/guards/jwt/admin_not_current.rs
View file

@ -2,7 +2,6 @@ use super::Error;
use crate::guards::{use_access_token_or_refresh_token, SpecificUser}; use crate::guards::{use_access_token_or_refresh_token, SpecificUser};
use crate::id::RocketUserID; use crate::id::RocketUserID;
use jwt::JwtClaims; use jwt::JwtClaims;
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome}; use rocket::request::{FromRequest, Outcome};
use rocket::Request; use rocket::Request;
@ -31,7 +30,7 @@ impl<'r> FromRequest<'r> for JwtAdminNotCurrent {
ret ret
} { } {
Some(user_id) => user_id, Some(user_id) => user_id,
None => return Outcome::Forward(Status::Forbidden), None => return Outcome::Forward(()),
}; };
// Don't allow first admin // Don't allow first admin
@ -50,10 +49,10 @@ impl<'r> FromRequest<'r> for JwtAdminNotCurrent {
if success.0.subject != user_id.0 .0 { if success.0.subject != user_id.0 .0 {
Outcome::Success(success) Outcome::Success(success)
} else { } else {
Outcome::Forward(Status::Forbidden) Outcome::Forward(())
} }
} }
Outcome::Error(failure) => Outcome::Error(failure), Outcome::Failure(failure) => Outcome::Failure(failure),
Outcome::Forward(forward) => Outcome::Forward(forward), Outcome::Forward(forward) => Outcome::Forward(forward),
} }
} }

6
crates/ezidam/src/guards/need_setup.rs
View file

@ -19,16 +19,16 @@ impl<'r> FromRequest<'r> for NeedSetup {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> { async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let db = match request.guard::<&Database>().await { let db = match request.guard::<&Database>().await {
Outcome::Success(database) => database, Outcome::Success(database) => database,
Outcome::Error(e) => return Outcome::Error((e.0, Error::GetDatabase)), Outcome::Failure(e) => return Outcome::Failure((e.0, Error::GetDatabase)),
Outcome::Forward(f) => return Outcome::Forward(f), Outcome::Forward(f) => return Outcome::Forward(f),
}; };
match User::get_initial_admin(&**db).await { match User::get_initial_admin(&**db).await {
Ok(initial_admin) => match initial_admin { Ok(initial_admin) => match initial_admin {
Some(_) => Outcome::Forward(Status::PermanentRedirect), Some(_) => Outcome::Forward(()),
None => Outcome::Success(NeedSetup), None => Outcome::Success(NeedSetup),
}, },
Err(e) => Outcome::Error((Status::InternalServerError, Error::Request(e))), Err(e) => Outcome::Failure((Status::InternalServerError, Error::Request(e))),
} }
} }
} }

3
crates/ezidam/src/guards/refresh_token.rs
View file

@ -1,5 +1,4 @@
use crate::tokens::REFRESH_TOKEN_COOKIE_NAME; use crate::tokens::REFRESH_TOKEN_COOKIE_NAME;
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome}; use rocket::request::{FromRequest, Outcome};
use rocket::Request; use rocket::Request;
@ -27,7 +26,7 @@ impl<'r> FromRequest<'r> for RefreshToken {
async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> { async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
match get_refresh_token_from_cookie(request) { match get_refresh_token_from_cookie(request) {
Some(refresh_token) => Outcome::Success(Self(refresh_token)), Some(refresh_token) => Outcome::Success(Self(refresh_token)),
None => Outcome::Forward(Status::Unauthorized), None => Outcome::Forward(()),
} }
} }
} }

5
crates/ezidam/src/guards/totp_request.rs
View file

@ -1,4 +1,3 @@
use rocket::http::Status;
use rocket::request::{FromRequest, Outcome}; use rocket::request::{FromRequest, Outcome};
use rocket::Request; use rocket::Request;
use users::totp_login_request::{TOTP_REQUEST_COOKIE_NAME, TOTP_REQUEST_LEN}; use users::totp_login_request::{TOTP_REQUEST_COOKIE_NAME, TOTP_REQUEST_LEN};
@ -17,10 +16,10 @@ impl<'r> FromRequest<'r> for TotpRequest {
if value.len() == TOTP_REQUEST_LEN { if value.len() == TOTP_REQUEST_LEN {
Outcome::Success(Self(value.to_string())) Outcome::Success(Self(value.to_string()))
} else { } else {
Outcome::Forward(Status::BadRequest) Outcome::Forward(())
} }
} }
None => Outcome::Forward(Status::BadRequest), None => Outcome::Forward(()),
} }
} }
} }

2
crates/ezidam/src/lib.rs
View file

@ -30,8 +30,6 @@ pub fn config() -> rocket::figment::Figment {
Figment::from(Config::default()) Figment::from(Config::default())
// from `ezidam.toml` // from `ezidam.toml`
.merge(Toml::file(Env::var_or("EZIDAM_CONFIG", "ezidam.toml")).nested()) .merge(Toml::file(Env::var_or("EZIDAM_CONFIG", "ezidam.toml")).nested())
// from env variables directly
.merge(Env::prefixed("EZIDAM_").ignore(&["PROFILE"]).global())
// from code below // from code below
.merge(("ip_header", "x-forwarded-for")) .merge(("ip_header", "x-forwarded-for"))
} }

3
crates/ezidam/src/routes.rs
View file

@ -7,7 +7,7 @@ pub mod settings;
pub mod setup; pub mod setup;
pub mod well_known; pub mod well_known;
mod prelude { pub(self) mod prelude {
pub use crate::database::Database; pub use crate::database::Database;
pub use crate::error::Error; pub use crate::error::Error;
pub use crate::file_from_bytes::FileFromBytes; pub use crate::file_from_bytes::FileFromBytes;
@ -27,7 +27,6 @@ mod prelude {
pub use rocket_db_pools::sqlx::Acquire; pub use rocket_db_pools::sqlx::Acquire;
pub use rocket_db_pools::Connection; pub use rocket_db_pools::Connection;
pub use rocket_dyn_templates::Template; pub use rocket_dyn_templates::Template;
pub use std::ops::DerefMut;
pub type Result<T> = std::result::Result<T, Error>; pub type Result<T> = std::result::Result<T, Error>;
} }

27
crates/ezidam/src/routes/admin/apps.rs
View file

@ -10,9 +10,7 @@ pub async fn admin_apps_list(
admin: JwtAdmin, admin: JwtAdmin,
flash: Option<FlashMessage<'_>>, flash: Option<FlashMessage<'_>>,
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let apps = App::get_all(&mut *db, None).await?;
let apps = App::get_all(transaction.deref_mut(), None).await?;
transaction.commit().await?;
let page = Page::AdminAppsList(super::content::AdminAppsList { let page = Page::AdminAppsList(super::content::AdminAppsList {
user: admin.0, user: admin.0,
@ -56,9 +54,8 @@ pub async fn admin_apps_new_form(
let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??; let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??;
// Insert in database // Insert in database
let mut transaction = db.begin().await?;
App::insert( App::insert(
transaction.deref_mut(), &mut *db,
&app_id, &app_id,
form.label, form.label,
&redirect_uri, &redirect_uri,
@ -66,7 +63,6 @@ pub async fn admin_apps_new_form(
form.is_confidential, form.is_confidential,
) )
.await?; .await?;
transaction.commit().await?;
Ok(Flash::new( Ok(Flash::new(
Redirect::to(uri!(admin_apps_list)), Redirect::to(uri!(admin_apps_list)),
@ -83,11 +79,9 @@ pub async fn admin_apps_view(
flash: Option<FlashMessage<'_>>, flash: Option<FlashMessage<'_>>,
) -> Result<Template> { ) -> Result<Template> {
let app_id = id.0; let app_id = id.0;
let mut transaction = db.begin().await?; let app = App::get_one_by_id(&mut *db, app_id.as_ref())
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref())
.await? .await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?; .ok_or_else(|| Error::not_found(app_id.to_string()))?;
transaction.commit().await?;
if app.is_archived() { if app.is_archived() {
return Err(Error::gone(format!( return Err(Error::gone(format!(
@ -114,16 +108,14 @@ pub async fn admin_apps_view_form(
let redirect_uri = Url::parse(form.redirect_uri)?; let redirect_uri = Url::parse(form.redirect_uri)?;
// Update app // Update app
let mut transaction = db.begin().await?;
App::update( App::update(
transaction.deref_mut(), &mut *db,
&id.0, &id.0,
form.label, form.label,
&redirect_uri, &redirect_uri,
form.is_confidential, form.is_confidential,
) )
.await?; .await?;
transaction.commit().await?;
Ok(Flash::new( Ok(Flash::new(
Redirect::to(uri!(admin_apps_list)), Redirect::to(uri!(admin_apps_list)),
@ -152,7 +144,7 @@ pub async fn admin_apps_new_secret(
// Get app // Get app
let app_id = &id.0; let app_id = &id.0;
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref()) let app = App::get_one_by_id(&mut transaction, app_id.as_ref())
.await? .await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?; .ok_or_else(|| Error::not_found(app_id.to_string()))?;
@ -171,8 +163,7 @@ pub async fn admin_apps_new_secret(
let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??; let app_secret_hash = task::spawn_blocking(move || Secret::new(app_secret)).await??;
// Save new secret // Save new secret
app.new_secret(transaction.deref_mut(), &app_secret_hash) app.new_secret(&mut transaction, &app_secret_hash).await?;
.await?;
transaction.commit().await?; transaction.commit().await?;
@ -207,7 +198,7 @@ pub async fn admin_apps_archive(
// Get app // Get app
let app_id = &id.0; let app_id = &id.0;
let app = App::get_one_by_id(transaction.deref_mut(), app_id.as_ref()) let app = App::get_one_by_id(&mut transaction, app_id.as_ref())
.await? .await?
.ok_or_else(|| Error::not_found(app_id.to_string()))?; .ok_or_else(|| Error::not_found(app_id.to_string()))?;
@ -219,10 +210,10 @@ pub async fn admin_apps_archive(
} }
// Archive // Archive
app.archive(transaction.deref_mut()).await?; app.archive(&mut transaction).await?;
// Revoke refresh tokens // Revoke refresh tokens
refresh_tokens::RefreshToken::revoke_all_for_app(transaction.deref_mut(), app_id).await?; refresh_tokens::RefreshToken::revoke_all_for_app(&mut transaction, app_id).await?;
transaction.commit().await?; transaction.commit().await?;

8
crates/ezidam/src/routes/admin/dashboard.rs
View file

@ -10,17 +10,17 @@ pub async fn admin_dashboard(mut db: Connection<Database>, admin: JwtAdmin) -> R
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get users // Get users
let users = User::get_all(transaction.deref_mut()).await?; let users = User::get_all(&mut transaction).await?;
// Get roles // Get roles
let roles = Role::get_all(transaction.deref_mut()).await?; let roles = Role::get_all(&mut transaction).await?;
// Get apps // Get apps
let apps = App::get_all(transaction.deref_mut(), None).await?; let apps = App::get_all(&mut transaction, None).await?;
// Get number of logins in the last 24 hours // Get number of logins in the last 24 hours
let number_logins_last_24_hours = let number_logins_last_24_hours =
AuthorizationCode::used_in_last_24_hours(transaction.deref_mut()).await?; AuthorizationCode::used_in_last_24_hours(&mut transaction).await?;
transaction.commit().await?; transaction.commit().await?;

40
crates/ezidam/src/routes/admin/permissions.rs
View file

@ -25,7 +25,7 @@ pub async fn admin_permissions_users(
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let users = User::get_all(transaction.deref_mut()) let users = User::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|user| !user.is_archived()) .filter(|user| !user.is_archived())
@ -69,7 +69,7 @@ pub async fn admin_permissions_for_user(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find user"))?; .ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -78,14 +78,14 @@ pub async fn admin_permissions_for_user(
} }
// Get roles // Get roles
let roles = Role::get_all(transaction.deref_mut()) let roles = Role::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|role| !role.is_archived()) .filter(|role| !role.is_archived())
.collect::<Vec<_>>(); .collect::<Vec<_>>();
// Get permissions for user // Get permissions for user
let permissions = Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await?; let permissions = Permission::get_all(&mut transaction, Some(user.id()), None).await?;
transaction.commit().await?; transaction.commit().await?;
@ -133,12 +133,12 @@ pub async fn admin_permissions_for_user_form(
.iter() .iter()
.map(|role| RoleID::from_str(role)) .map(|role| RoleID::from_str(role))
.collect::<std::result::Result<Vec<_>, _>>() .collect::<std::result::Result<Vec<_>, _>>()
.map_err(|_| Error::bad_request("Invalid role detected".to_string()))?; .map_err(|_| Error::bad_request(format!("Invalid role detected")))?;
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find user"))?; .ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -147,14 +147,14 @@ pub async fn admin_permissions_for_user_form(
} }
// Get roles // Get roles
let roles = Role::get_all(transaction.deref_mut()) let roles = Role::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|role| !role.is_archived()) .filter(|role| !role.is_archived())
.collect::<Vec<_>>(); .collect::<Vec<_>>();
// Get permissions for user // Get permissions for user
let permissions = Permission::get_all(transaction.deref_mut(), Some(user.id()), None).await?; let permissions = Permission::get_all(&mut transaction, Some(user.id()), None).await?;
transaction.commit().await?; transaction.commit().await?;
@ -167,14 +167,14 @@ pub async fn admin_permissions_for_user_form(
if permissions.iter().all(|perm| perm.role() != role.name()) { if permissions.iter().all(|perm| perm.role() != role.name()) {
// If the permission does not exist, add it // If the permission does not exist, add it
Permission::add(transaction.deref_mut(), user.id(), role.name()).await?; Permission::add(&mut transaction, user.id(), role.name()).await?;
} }
} else { } else {
// Intent is to delete permission // Intent is to delete permission
if permissions.iter().any(|perm| perm.role() == role.name()) { if permissions.iter().any(|perm| perm.role() == role.name()) {
// If the permission exists, delete it // If the permission exists, delete it
Permission::delete(transaction.deref_mut(), user.id(), role.name()).await?; Permission::delete(&mut transaction, user.id(), role.name()).await?;
} }
} }
} }
@ -200,7 +200,7 @@ pub async fn admin_permissions_roles(
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let roles = Role::get_all(transaction.deref_mut()) let roles = Role::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|role| !role.is_archived()) .filter(|role| !role.is_archived())
@ -236,7 +236,7 @@ pub async fn admin_permissions_for_role(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get role // Get role
let role = Role::get_by_name(transaction.deref_mut(), &id.0) let role = Role::get_by_name(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find role"))?; .ok_or_else(|| Error::not_found("Failed to find role"))?;
@ -245,14 +245,14 @@ pub async fn admin_permissions_for_role(
} }
// Get users // Get users
let users = User::get_all(transaction.deref_mut()) let users = User::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|user| !user.is_archived()) .filter(|user| !user.is_archived())
.collect::<Vec<_>>(); .collect::<Vec<_>>();
// Get permissions for role // Get permissions for role
let permissions = Permission::get_all(transaction.deref_mut(), None, Some(role.name())).await?; let permissions = Permission::get_all(&mut transaction, None, Some(role.name())).await?;
transaction.commit().await?; transaction.commit().await?;
@ -300,12 +300,12 @@ pub async fn admin_permissions_for_role_form(
.iter() .iter()
.map(|user| UserID::from_str(user)) .map(|user| UserID::from_str(user))
.collect::<std::result::Result<Vec<_>, _>>() .collect::<std::result::Result<Vec<_>, _>>()
.map_err(|_| Error::bad_request("Invalid user detected".to_string()))?; .map_err(|_| Error::bad_request(format!("Invalid user detected")))?;
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get role // Get role
let role = Role::get_by_name(transaction.deref_mut(), &id.0) let role = Role::get_by_name(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find role"))?; .ok_or_else(|| Error::not_found("Failed to find role"))?;
@ -314,14 +314,14 @@ pub async fn admin_permissions_for_role_form(
} }
// Get users // Get users
let users = User::get_all(transaction.deref_mut()) let users = User::get_all(&mut transaction)
.await? .await?
.into_iter() .into_iter()
.filter(|user| !user.is_archived()) .filter(|user| !user.is_archived())
.collect::<Vec<_>>(); .collect::<Vec<_>>();
// Get permissions for role // Get permissions for role
let permissions = Permission::get_all(transaction.deref_mut(), None, Some(role.name())).await?; let permissions = Permission::get_all(&mut transaction, None, Some(role.name())).await?;
transaction.commit().await?; transaction.commit().await?;
@ -334,14 +334,14 @@ pub async fn admin_permissions_for_role_form(
if permissions.iter().all(|perm| perm.user() != user.id()) { if permissions.iter().all(|perm| perm.user() != user.id()) {
// If the permission does not exist, add it // If the permission does not exist, add it
Permission::add(transaction.deref_mut(), user.id(), role.name()).await?; Permission::add(&mut transaction, user.id(), role.name()).await?;
} }
} else { } else {
// Intent is to delete permission // Intent is to delete permission
if permissions.iter().any(|perm| perm.user() == user.id()) { if permissions.iter().any(|perm| perm.user() == user.id()) {
// If the permission exists, delete it // If the permission exists, delete it
Permission::delete(transaction.deref_mut(), user.id(), role.name()).await?; Permission::delete(&mut transaction, user.id(), role.name()).await?;
} }
} }
} }

22
crates/ezidam/src/routes/admin/roles.rs
View file

@ -12,7 +12,7 @@ pub async fn admin_roles_list(
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let roles = Role::get_all(transaction.deref_mut()).await?; let roles = Role::get_all(&mut transaction).await?;
transaction.commit().await?; transaction.commit().await?;
@ -62,7 +62,7 @@ pub async fn admin_roles_new_form(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Insert role in database // Insert role in database
if let Err(e) = Role::insert(transaction.deref_mut(), &name, form.label).await { if let Err(e) = Role::insert(&mut transaction, &name, form.label).await {
return Ok(Flash::new( return Ok(Flash::new(
Redirect::to(uri!(admin_roles_new)), Redirect::to(uri!(admin_roles_new)),
FlashKind::Danger, FlashKind::Danger,
@ -91,7 +91,7 @@ pub async fn admin_roles_view(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let role = Role::get_by_name(transaction.deref_mut(), &role_id) let role = Role::get_by_name(&mut transaction, &role_id)
.await? .await?
.ok_or_else(|| Error::not_found(role_id.to_string()))?; .ok_or_else(|| Error::not_found(role_id.to_string()))?;
@ -128,13 +128,12 @@ pub async fn admin_roles_archive(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get role // Get role
let role = Role::get_by_name(transaction.deref_mut(), &id.0) let role = Role::get_by_name(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find role"))?; .ok_or_else(|| Error::not_found("Could not find role"))?;
// Set new status // Set new status
role.set_archive_status(transaction.deref_mut(), true) role.set_archive_status(&mut transaction, true).await?;
.await?;
transaction.commit().await?; transaction.commit().await?;
@ -150,13 +149,12 @@ pub async fn admin_roles_archive(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get role // Get role
let role = Role::get_by_name(transaction.deref_mut(), &id.0) let role = Role::get_by_name(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find role"))?; .ok_or_else(|| Error::not_found("Could not find role"))?;
// Set new status // Set new status
role.set_archive_status(transaction.deref_mut(), false) role.set_archive_status(&mut transaction, false).await?;
.await?;
transaction.commit().await?; transaction.commit().await?;
@ -193,7 +191,7 @@ pub async fn admin_roles_info_update(
) -> Result<Flash<Redirect>> { ) -> Result<Flash<Redirect>> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let role = Role::get_by_name(transaction.deref_mut(), &id.0) let role = Role::get_by_name(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find role"))?; .ok_or_else(|| Error::not_found("Could not find role"))?;
@ -203,7 +201,7 @@ pub async fn admin_roles_info_update(
// Update label // Update label
if role.label() != form.label { if role.label() != form.label {
if let Err(e) = role.set_label(transaction.deref_mut(), form.label).await { if let Err(e) = role.set_label(&mut transaction, form.label).await {
return Ok(Flash::new( return Ok(Flash::new(
Redirect::to(uri!(admin_roles_view(id))), Redirect::to(uri!(admin_roles_view(id))),
FlashKind::Danger, FlashKind::Danger,
@ -217,6 +215,6 @@ pub async fn admin_roles_info_update(
Ok(Flash::new( Ok(Flash::new(
Redirect::to(uri!(admin_roles_view(id))), Redirect::to(uri!(admin_roles_view(id))),
FlashKind::Success, FlashKind::Success,
"Role has been updated.".to_string(), format!("Role has been updated."),
)) ))
} }

45
crates/ezidam/src/routes/admin/settings.rs
View file

@ -15,9 +15,7 @@ use users::User;
#[get("/admin/settings/branding")] #[get("/admin/settings/branding")]
pub async fn settings_branding(mut db: Connection<Database>, admin: JwtAdmin) -> Result<Page> { pub async fn settings_branding(mut db: Connection<Database>, admin: JwtAdmin) -> Result<Page> {
let mut transaction = db.begin().await?; let settings = Settings::get(&mut *db).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
transaction.commit().await?;
Ok(Page::AdminSettingsBranding( Ok(Page::AdminSettingsBranding(
super::content::AdminSettingsBranding { super::content::AdminSettingsBranding {
@ -46,12 +44,12 @@ pub async fn settings_update_branding(
match form.delete_logo { match form.delete_logo {
Some(delete_logo) => { Some(delete_logo) => {
if delete_logo { if delete_logo {
Settings::delete_business_logo(transaction.deref_mut()).await?; Settings::delete_business_logo(&mut transaction).await?;
} }
} }
None => { None => {
if let Some(business_name) = form.business_name { if let Some(business_name) = form.business_name {
Settings::set_business_name(transaction.deref_mut(), business_name).await?; Settings::set_business_name(&mut transaction, business_name).await?;
} }
if form.file.len() != 0 { if form.file.len() != 0 {
@ -63,7 +61,7 @@ pub async fn settings_update_branding(
let file_bytes = rocket::tokio::fs::read(file_path).await?; let file_bytes = rocket::tokio::fs::read(file_path).await?;
// Save in database // Save in database
Settings::set_business_logo(transaction.deref_mut(), &file_bytes).await?; Settings::set_business_logo(&mut transaction, &file_bytes).await?;
} }
} }
} }
@ -112,39 +110,30 @@ pub async fn settings_security_form(
task::spawn_blocking(move || jwt::generate(&key_id_for_generation)).await??; task::spawn_blocking(move || jwt::generate(&key_id_for_generation)).await??;
// Insert keys in database // Insert keys in database
jwt::database::save_new_keys( jwt::database::save_new_keys(&mut transaction, &key_id, &private_key, &public_key)
transaction.deref_mut(), .await?;
&key_id,
&private_key,
&public_key,
)
.await?;
// Revoke all keys except new one // Revoke all keys except new one
jwt::database::revoke_all_except_one(transaction.deref_mut(), &key_id).await?; jwt::database::revoke_all_except_one(&mut transaction, &key_id).await?;
// Get app // Get app
let app = App::get_one_by_id(transaction.deref_mut(), "ezidam") let app = App::get_one_by_id(&mut transaction, "ezidam")
.await? .await?
.ok_or_else(|| Error::not_found("Could not find application"))?; .ok_or_else(|| Error::not_found("Could not find application"))?;
// Get user info // Get user info
let user = User::get_by_login(transaction.deref_mut(), &admin.0.subject) let user = User::get_by_login(&mut transaction, &admin.0.subject)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
// Revoke all refresh tokens // Revoke all refresh tokens
RefreshToken::revoke_all(transaction.deref_mut()).await?; RefreshToken::revoke_all(&mut transaction).await?;
// Generate refresh token // Generate refresh token
let refresh_token = generate_refresh_token( let refresh_token =
transaction.deref_mut(), generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
ip_address, .await
user.id(), .map_err(Error::internal_server_error)?;
app.id(),
)
.await
.map_err(Error::internal_server_error)?;
// Add refresh token as a cookie // Add refresh token as a cookie
let mut cookie = Cookie::new(REFRESH_TOKEN_COOKIE_NAME, refresh_token); let mut cookie = Cookie::new(REFRESH_TOKEN_COOKIE_NAME, refresh_token);
@ -155,7 +144,7 @@ pub async fn settings_security_form(
cookie_jar.add(cookie); cookie_jar.add(cookie);
// Get base url // Get base url
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
let home_page = settings let home_page = settings
.url() .url()
.map(String::from) .map(String::from)
@ -163,7 +152,7 @@ pub async fn settings_security_form(
// Generate jwt // Generate jwt
let jwt = generate_jwt( let jwt = generate_jwt(
transaction.deref_mut(), &mut transaction,
&private_key, &private_key,
&home_page, &home_page,
&app.id().0, &app.id().0,
@ -205,7 +194,7 @@ pub async fn settings_maintenance(
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let database_size = Settings::database_size(transaction.deref_mut()) let database_size = Settings::database_size(&mut transaction)
.await? .await?
.ok_or_else(|| Error::internal_server_error("Failed to get database size"))?; .ok_or_else(|| Error::internal_server_error("Failed to get database size"))?;

60
crates/ezidam/src/routes/admin/users.rs
View file

@ -18,9 +18,7 @@ pub async fn admin_users_list(
admin: JwtAdmin, admin: JwtAdmin,
flash: Option<FlashMessage<'_>>, flash: Option<FlashMessage<'_>>,
) -> Result<Template> { ) -> Result<Template> {
let mut transaction = db.begin().await?; let users = User::get_all(&mut *db).await?;
let users = User::get_all(transaction.deref_mut()).await?;
transaction.commit().await?;
let page = Page::AdminUsersList(super::content::AdminUsersList { let page = Page::AdminUsersList(super::content::AdminUsersList {
user: admin.0, user: admin.0,
@ -70,7 +68,7 @@ pub async fn admin_users_new_form(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Insert user in database // Insert user in database
if let Err(e) = User::insert(transaction.deref_mut(), &user_id, false, &username, None).await { if let Err(e) = User::insert(&mut transaction, &user_id, false, &username, None).await {
return Ok(Flash::new( return Ok(Flash::new(
Redirect::to(uri!(admin_users_new)), Redirect::to(uri!(admin_users_new)),
FlashKind::Danger, FlashKind::Danger,
@ -96,11 +94,9 @@ pub async fn admin_users_view(
flash: Option<FlashMessage<'_>>, flash: Option<FlashMessage<'_>>,
) -> Result<Template> { ) -> Result<Template> {
let user_id = id.0; let user_id = id.0;
let mut transaction = db.begin().await?; let user = User::get_by_id(&mut *db, &user_id)
let user = User::get_by_id(transaction.deref_mut(), &user_id)
.await? .await?
.ok_or_else(|| Error::not_found(user_id.to_string()))?; .ok_or_else(|| Error::not_found(user_id.to_string()))?;
transaction.commit().await?;
// If user has password reset token // If user has password reset token
let password_recover_expiration = user let password_recover_expiration = user
@ -140,13 +136,13 @@ pub async fn admin_users_archive(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get ID of first admin // Get ID of first admin
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
let first_admin = settings let first_admin = settings
.first_admin() .first_admin()
.ok_or_else(|| Error::bad_request("First user is not set"))?; .ok_or_else(|| Error::bad_request("First user is not set"))?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
@ -156,19 +152,17 @@ pub async fn admin_users_archive(
} }
// Set new status // Set new status
user.set_archive_status(transaction.deref_mut(), true) user.set_archive_status(&mut transaction, true).await?;
.await?;
// Revoke refresh tokens // Revoke refresh tokens
refresh_tokens::RefreshToken::revoke_all_for_user(transaction.deref_mut(), user.id()) refresh_tokens::RefreshToken::revoke_all_for_user(&mut transaction, user.id()).await?;
.await?;
// Use all authorization codes // Use all authorization codes
AuthorizationCode::use_all_for_user(transaction.deref_mut(), user.id()).await?; AuthorizationCode::use_all_for_user(&mut transaction, user.id()).await?;
// Use all totp login requests // Use all totp login requests
if user.totp_secret().is_some() { if user.totp_secret().is_some() {
TotpLoginRequest::use_all_for_user(transaction.deref_mut(), user.id()).await?; TotpLoginRequest::use_all_for_user(&mut transaction, user.id()).await?;
} }
transaction.commit().await?; transaction.commit().await?;
@ -184,13 +178,12 @@ pub async fn admin_users_archive(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
// Set new status // Set new status
user.set_archive_status(transaction.deref_mut(), false) user.set_archive_status(&mut transaction, false).await?;
.await?;
transaction.commit().await?; transaction.commit().await?;
@ -241,10 +234,10 @@ pub async fn admin_users_password_reset(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get settings // Get settings
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
@ -252,7 +245,7 @@ pub async fn admin_users_password_reset(
let token = task::spawn_blocking(PasswordResetToken::generate).await?; let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database // Save in database
user.set_password_reset_token(transaction.deref_mut(), Some(&token)) user.set_password_reset_token(&mut transaction, Some(&token))
.await?; .await?;
transaction.commit().await?; transaction.commit().await?;
@ -421,12 +414,12 @@ pub async fn admin_users_paper_key_reset(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete paper key // Delete paper key
user.set_paper_key(transaction.deref_mut(), None).await?; user.set_paper_key(&mut transaction, None).await?;
transaction.commit().await?; transaction.commit().await?;
@ -459,15 +452,15 @@ pub async fn admin_users_totp_secret_disable(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete totp secret // Delete totp secret
user.set_totp_secret(transaction.deref_mut(), None).await?; user.set_totp_secret(&mut transaction, None).await?;
// Delete totp backup // Delete totp backup
user.set_totp_backup(transaction.deref_mut(), None).await?; user.set_totp_backup(&mut transaction, None).await?;
transaction.commit().await?; transaction.commit().await?;
@ -500,12 +493,12 @@ pub async fn admin_users_totp_backup_delete(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
// Delete totp backup // Delete totp backup
user.set_totp_backup(transaction.deref_mut(), None).await?; user.set_totp_backup(&mut transaction, None).await?;
transaction.commit().await?; transaction.commit().await?;
@ -538,7 +531,7 @@ pub async fn admin_users_info_update(
) -> Result<Flash<Redirect>> { ) -> Result<Flash<Redirect>> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let user = User::get_by_id(transaction.deref_mut(), &id.0) let user = User::get_by_id(&mut transaction, &id.0)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find user"))?; .ok_or_else(|| Error::not_found("Could not find user"))?;
@ -560,7 +553,7 @@ pub async fn admin_users_info_update(
} }
}; };
if let Err(e) = user.set_username(transaction.deref_mut(), &username).await { if let Err(e) = user.set_username(&mut transaction, &username).await {
return Ok(Flash::new( return Ok(Flash::new(
Redirect::to(uri!(admin_users_view(id))), Redirect::to(uri!(admin_users_view(id))),
FlashKind::Danger, FlashKind::Danger,
@ -578,7 +571,7 @@ pub async fn admin_users_info_update(
// If it does not exist, use provided value // If it does not exist, use provided value
.unwrap_or(true) .unwrap_or(true)
{ {
user.set_name(transaction.deref_mut(), form.name).await?; user.set_name(&mut transaction, form.name).await?;
} }
// Update email // Update email
@ -602,7 +595,7 @@ pub async fn admin_users_info_update(
} }
}; };
if let Err(e) = user.set_email(transaction.deref_mut(), email).await { if let Err(e) = user.set_email(&mut transaction, email).await {
return Ok(Flash::new( return Ok(Flash::new(
Redirect::to(uri!(admin_users_view(id))), Redirect::to(uri!(admin_users_view(id))),
FlashKind::Danger, FlashKind::Danger,
@ -614,8 +607,7 @@ pub async fn admin_users_info_update(
// Admin status // Admin status
let new_status = matches!(form.is_admin, Some("on")); let new_status = matches!(form.is_admin, Some("on"));
if user.is_admin() != new_status { if user.is_admin() != new_status {
user.set_admin_status(transaction.deref_mut(), new_status) user.set_admin_status(&mut transaction, new_status).await?;
.await?;
} }
transaction.commit().await?; transaction.commit().await?;

14
crates/ezidam/src/routes/oauth/authorize.rs
View file

@ -21,7 +21,7 @@ pub async fn authorize_page(
// Get app info // Get app info
let app = App::get_valid_app( let app = App::get_valid_app(
transaction.deref_mut(), &mut transaction,
auth_request.response_type, auth_request.response_type,
auth_request.scope, auth_request.scope,
auth_request.client_id, auth_request.client_id,
@ -29,7 +29,7 @@ pub async fn authorize_page(
) )
.await?; .await?;
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
transaction.commit().await?; transaction.commit().await?;
@ -59,7 +59,7 @@ pub async fn authorize_ezidam(mut db: Connection<Database>) -> Result<Redirect>
// Get ezidam app info // Get ezidam app info
let app_id = "ezidam"; let app_id = "ezidam";
let app = App::get_one_by_id(transaction.deref_mut(), app_id) let app = App::get_one_by_id(&mut transaction, app_id)
.await? .await?
.ok_or_else(|| Error::not_found(app_id))?; .ok_or_else(|| Error::not_found(app_id))?;
@ -117,7 +117,7 @@ pub async fn authorize_form(
// Get app info // Get app info
let app = App::get_valid_app( let app = App::get_valid_app(
transaction.deref_mut(), &mut transaction,
auth_request.response_type, auth_request.response_type,
auth_request.scope, auth_request.scope,
auth_request.client_id, auth_request.client_id,
@ -145,7 +145,7 @@ pub async fn authorize_form(
}; };
// Get user // Get user
let Some(user) = User::get_by_login(transaction.deref_mut(), form.login).await? else { let Some(user) = User::get_by_login(&mut transaction, form.login).await? else {
return Ok(Either::Right(invalid_credentials(form.login, auth_request))); return Ok(Either::Right(invalid_credentials(form.login, auth_request)));
}; };
@ -183,7 +183,7 @@ pub async fn authorize_form(
// Save in database // Save in database
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
users::totp_login_request::TotpLoginRequest::insert( users::totp_login_request::TotpLoginRequest::insert(
transaction.deref_mut(), &mut transaction,
totp_token.as_ref(), totp_token.as_ref(),
&user_id, &user_id,
totp_duration, totp_duration,
@ -211,7 +211,7 @@ pub async fn authorize_form(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Save authorization code // Save authorization code
AuthorizationCode::insert(transaction.deref_mut(), code.as_ref(), app.id(), &user_id).await?; AuthorizationCode::insert(&mut transaction, code.as_ref(), app.id(), &user_id).await?;
transaction.commit().await?; transaction.commit().await?;

27
crates/ezidam/src/routes/oauth/redirect.rs
View file

@ -26,15 +26,15 @@ pub async fn redirect_page(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get authorization code // Get authorization code
let code = AuthorizationCode::get_one(transaction.deref_mut(), redirect_request.code) let code = AuthorizationCode::get_one(&mut transaction, redirect_request.code)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find authorization code"))?; .ok_or_else(|| Error::not_found("Could not find authorization code"))?;
// Make sure code has not been used // Make sure code has not been used
if code.has_been_used() { if code.has_been_used() {
// Revoke all codes and refresh tokens for user // Revoke all codes and refresh tokens for user
AuthorizationCode::use_all_for_user(transaction.deref_mut(), code.user()).await?; AuthorizationCode::use_all_for_user(&mut transaction, code.user()).await?;
RefreshToken::revoke_all_for_user(transaction.deref_mut(), code.user()).await?; RefreshToken::revoke_all_for_user(&mut transaction, code.user()).await?;
transaction.commit().await?; transaction.commit().await?;
@ -49,15 +49,14 @@ pub async fn redirect_page(
} }
// Get app // Get app
let app = App::get_one_from_authorization_code(transaction.deref_mut(), redirect_request.code) let app = App::get_one_from_authorization_code(&mut transaction, redirect_request.code)
.await? .await?
.ok_or_else(|| Error::not_found("Could not find application"))?; .ok_or_else(|| Error::not_found("Could not find application"))?;
// Get user info // Get user info
let user = let user = User::get_one_from_authorization_code(&mut transaction, redirect_request.code)
User::get_one_from_authorization_code(transaction.deref_mut(), redirect_request.code) .await?
.await? .ok_or_else(|| Error::not_found("Could not find user"))?;
.ok_or_else(|| Error::not_found("Could not find user"))?;
// Check if user is archived // Check if user is archived
if user.is_archived() { if user.is_archived() {
@ -65,10 +64,10 @@ pub async fn redirect_page(
} }
// Mark code as used // Mark code as used
code.use_code(transaction.deref_mut()).await?; code.use_code(&mut transaction).await?;
// Get base url // Get base url
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
let home_page = settings let home_page = settings
.url() .url()
.map(String::from) .map(String::from)
@ -77,7 +76,7 @@ pub async fn redirect_page(
if jwt_user.is_none() { if jwt_user.is_none() {
// Generate refresh token // Generate refresh token
let refresh_token = let refresh_token =
generate_refresh_token(transaction.deref_mut(), ip_address, user.id(), app.id()) generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
.await .await
.map_err(Error::internal_server_error)?; .map_err(Error::internal_server_error)?;
@ -90,7 +89,7 @@ pub async fn redirect_page(
cookie_jar.add(cookie); cookie_jar.add(cookie);
// Get latest key from database // Get latest key from database
let key = Key::get_most_recent(transaction.deref_mut()) let key = Key::get_most_recent(&mut transaction)
.await? .await?
.ok_or_else(|| Error::internal_server_error("Failed to get key to sign JWT"))?; .ok_or_else(|| Error::internal_server_error("Failed to get key to sign JWT"))?;
@ -106,7 +105,7 @@ pub async fn redirect_page(
// Generate jwt // Generate jwt
let jwt = generate_jwt( let jwt = generate_jwt(
transaction.deref_mut(), &mut transaction,
&private_key, &private_key,
&home_page, &home_page,
&app.id().0, &app.id().0,
@ -131,7 +130,7 @@ pub async fn redirect_page(
{ {
// If it has expired, delete it // If it has expired, delete it
if password_recover.has_expired() { if password_recover.has_expired() {
user.set_password_reset_token(transaction.deref_mut(), None) user.set_password_reset_token(&mut transaction, None)
.await?; .await?;
} }
} }

53
crates/ezidam/src/routes/oauth/token.rs
View file

@ -187,7 +187,7 @@ pub async fn request_token(
.ok_or(TokenError::AuthorizationCodeNotProvided)?; .ok_or(TokenError::AuthorizationCodeNotProvided)?;
// Get authorization code // Get authorization code
let code = AuthorizationCode::get_one(transaction.deref_mut(), authorization_code) let code = AuthorizationCode::get_one(&mut transaction, authorization_code)
.await .await
.map_err(TokenError::AuthorizationError)? .map_err(TokenError::AuthorizationError)?
.ok_or(TokenError::AuthorizationCodeNotFound( .ok_or(TokenError::AuthorizationCodeNotFound(
@ -197,10 +197,10 @@ pub async fn request_token(
// Make sure code has not been used // Make sure code has not been used
if code.has_been_used() { if code.has_been_used() {
// Revoke all codes and refresh tokens for user // Revoke all codes and refresh tokens for user
AuthorizationCode::use_all_for_user(transaction.deref_mut(), code.user()) AuthorizationCode::use_all_for_user(&mut transaction, code.user())
.await .await
.map_err(TokenError::AuthorizationError)?; .map_err(TokenError::AuthorizationError)?;
RefreshToken::revoke_all_for_user(transaction.deref_mut(), code.user()) RefreshToken::revoke_all_for_user(&mut transaction, code.user())
.await .await
.map_err(TokenError::RefreshTokenError)?; .map_err(TokenError::RefreshTokenError)?;
@ -218,11 +218,10 @@ pub async fn request_token(
} }
// Get user info // Get user info
let user = let user = User::get_one_from_authorization_code(&mut transaction, authorization_code)
User::get_one_from_authorization_code(transaction.deref_mut(), authorization_code) .await
.await .map_err(TokenError::UserError)?
.map_err(TokenError::UserError)? .ok_or(TokenError::UserNotFound)?;
.ok_or(TokenError::UserNotFound)?;
// Check if user is archived // Check if user is archived
if user.is_archived() { if user.is_archived() {
@ -230,16 +229,15 @@ pub async fn request_token(
} }
// Get app from code // Get app from code
let app = let app = App::get_one_from_authorization_code(&mut transaction, authorization_code)
App::get_one_from_authorization_code(transaction.deref_mut(), authorization_code) .await
.await .map_err(TokenError::AppError)?
.map_err(TokenError::AppError)? .ok_or(TokenError::AppNotFoundFromAuthorizationCode(
.ok_or(TokenError::AppNotFoundFromAuthorizationCode( authorization_code.into(),
authorization_code.into(), ))?;
))?;
// Mark code as used // Mark code as used
code.use_code(transaction.deref_mut()) code.use_code(&mut transaction)
.await .await
.map_err(TokenError::AuthorizationError)?; .map_err(TokenError::AuthorizationError)?;
@ -250,19 +248,19 @@ pub async fn request_token(
.refresh_token .refresh_token
.ok_or(TokenError::RefreshTokenNotProvided)?; .ok_or(TokenError::RefreshTokenNotProvided)?;
let user = User::get_one_from_refresh_token(transaction.deref_mut(), refresh_token) let user = User::get_one_from_refresh_token(&mut transaction, refresh_token)
.await .await
.map_err(TokenError::UserError)? .map_err(TokenError::UserError)?
.ok_or(TokenError::UserNotFound)?; .ok_or(TokenError::UserNotFound)?;
let refresh_token = RefreshToken::get_one(transaction.deref_mut(), refresh_token) let refresh_token = RefreshToken::get_one(&mut transaction, refresh_token)
.await .await
.map_err(TokenError::RefreshTokenError)? .map_err(TokenError::RefreshTokenError)?
.ok_or(TokenError::RefreshTokenNotFound(refresh_token.into()))?; .ok_or(TokenError::RefreshTokenNotFound(refresh_token.into()))?;
if refresh_token.has_been_used() { if refresh_token.has_been_used() {
// Revoke all tokens for user // Revoke all tokens for user
RefreshToken::revoke_all_for_user(transaction.deref_mut(), refresh_token.user()) RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user())
.await .await
.map_err(TokenError::RefreshTokenError)?; .map_err(TokenError::RefreshTokenError)?;
@ -283,7 +281,7 @@ pub async fn request_token(
} }
// Get app // Get app
let app = App::get_one_by_id(transaction.deref_mut(), refresh_token.app().as_ref()) let app = App::get_one_by_id(&mut transaction, refresh_token.app().as_ref())
.await .await
.map_err(TokenError::AppError)? .map_err(TokenError::AppError)?
.ok_or(TokenError::AppNotFoundFromRefreshToken(format!( .ok_or(TokenError::AppNotFoundFromRefreshToken(format!(
@ -292,7 +290,7 @@ pub async fn request_token(
)))?; )))?;
refresh_token refresh_token
.use_token(transaction.deref_mut()) .use_token(&mut transaction)
.await .await
.map_err(TokenError::RefreshTokenError)?; .map_err(TokenError::RefreshTokenError)?;
@ -338,7 +336,7 @@ pub async fn request_token(
} }
// Get base url // Get base url
let settings = Settings::get(transaction.deref_mut()) let settings = Settings::get(&mut transaction)
.await .await
.map_err(TokenError::SettingsError)?; .map_err(TokenError::SettingsError)?;
let home_page = settings let home_page = settings
@ -347,13 +345,12 @@ pub async fn request_token(
.ok_or(TokenError::ServerUrlNotSet)?; .ok_or(TokenError::ServerUrlNotSet)?;
// Generate refresh token // Generate refresh token
let refresh_token = let refresh_token = generate_refresh_token(&mut transaction, ip_address, user.id(), app.id())
generate_refresh_token(transaction.deref_mut(), ip_address, user.id(), app.id()) .await
.await .map_err(TokenError::RefreshTokenGenerate)?;
.map_err(TokenError::RefreshTokenGenerate)?;
// Get latest key from database // Get latest key from database
let key = Key::get_most_recent(transaction.deref_mut()) let key = Key::get_most_recent(&mut transaction)
.await .await
.map_err(TokenError::JwtError)? .map_err(TokenError::JwtError)?
.ok_or(TokenError::JwkNotFound)?; .ok_or(TokenError::JwkNotFound)?;
@ -372,7 +369,7 @@ pub async fn request_token(
// Generate jwt // Generate jwt
let jwt = generate_jwt( let jwt = generate_jwt(
transaction.deref_mut(), &mut transaction,
&private_key, &private_key,
&home_page, &home_page,
&app.id().0, &app.id().0,

38
crates/ezidam/src/routes/oauth/totp.rs
View file

@ -3,7 +3,7 @@ use crate::routes::prelude::*;
use apps::App; use apps::App;
use authorization_codes::AuthorizationCode; use authorization_codes::AuthorizationCode;
use hash::{Secret, SecretString}; use hash::{Secret, SecretString};
use rocket::http::CookieJar; use rocket::http::{Cookie, CookieJar};
use rocket::{get, post}; use rocket::{get, post};
use users::totp_login_request::TOTP_REQUEST_COOKIE_NAME; use users::totp_login_request::TOTP_REQUEST_COOKIE_NAME;
use users::User; use users::User;
@ -19,7 +19,7 @@ pub async fn totp_page(
// Get app info // Get app info
let _app = App::get_valid_app( let _app = App::get_valid_app(
transaction.deref_mut(), &mut transaction,
auth_request.response_type, auth_request.response_type,
auth_request.scope, auth_request.scope,
auth_request.client_id, auth_request.client_id,
@ -28,12 +28,10 @@ pub async fn totp_page(
.await?; .await?;
// Get totp request // Get totp request
let totp_request = users::totp_login_request::TotpLoginRequest::get_one( let totp_request =
transaction.deref_mut(), users::totp_login_request::TotpLoginRequest::get_one(&mut transaction, &totp_request.0)
&totp_request.0, .await?
) .ok_or_else(|| Error::not_found("Failed to find totp request"))?;
.await?
.ok_or_else(|| Error::not_found("Failed to find totp request"))?;
if totp_request.has_expired() { if totp_request.has_expired() {
return Err(Error::bad_request("Totp request has expired")); return Err(Error::bad_request("Totp request has expired"));
@ -44,7 +42,7 @@ pub async fn totp_page(
} }
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), totp_request.user()) let user = User::get_by_id(&mut transaction, totp_request.user())
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find user"))?; .ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -77,7 +75,7 @@ pub async fn totp_verify(
// Get app info // Get app info
let app = App::get_valid_app( let app = App::get_valid_app(
transaction.deref_mut(), &mut transaction,
auth_request.response_type, auth_request.response_type,
auth_request.scope, auth_request.scope,
auth_request.client_id, auth_request.client_id,
@ -86,12 +84,10 @@ pub async fn totp_verify(
.await?; .await?;
// Get totp request // Get totp request
let totp_request = users::totp_login_request::TotpLoginRequest::get_one( let totp_request =
transaction.deref_mut(), users::totp_login_request::TotpLoginRequest::get_one(&mut transaction, &totp_request.0)
&totp_request.0, .await?
) .ok_or_else(|| Error::not_found("Failed to find totp request"))?;
.await?
.ok_or_else(|| Error::not_found("Failed to find totp request"))?;
if totp_request.has_expired() { if totp_request.has_expired() {
return Err(Error::bad_request("Totp request has expired")); return Err(Error::bad_request("Totp request has expired"));
@ -102,7 +98,7 @@ pub async fn totp_verify(
} }
// Get user // Get user
let user = User::get_by_id(transaction.deref_mut(), totp_request.user()) let user = User::get_by_id(&mut transaction, totp_request.user())
.await? .await?
.ok_or_else(|| Error::not_found("Failed to find user"))?; .ok_or_else(|| Error::not_found("Failed to find user"))?;
@ -150,20 +146,20 @@ pub async fn totp_verify(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Save authorization code // Save authorization code
AuthorizationCode::insert(transaction.deref_mut(), code.as_ref(), app.id(), user.id()).await?; AuthorizationCode::insert(&mut transaction, code.as_ref(), app.id(), user.id()).await?;
// Mark totp token as used // Mark totp token as used
totp_request.use_code(transaction.deref_mut()).await?; totp_request.use_code(&mut transaction).await?;
// Delete totp backup if it got used // Delete totp backup if it got used
if delete_totp_backup { if delete_totp_backup {
user.set_totp_backup(transaction.deref_mut(), None).await?; user.set_totp_backup(&mut transaction, None).await?;
} }
transaction.commit().await?; transaction.commit().await?;
// Delete cookie // Delete cookie
cookie_jar.remove(TOTP_REQUEST_COOKIE_NAME); cookie_jar.remove(Cookie::named(TOTP_REQUEST_COOKIE_NAME));
// Construct uri to redirect to // Construct uri to redirect to
let uri = redirect_uri(auth_request, &app, &code); let uri = redirect_uri(auth_request, &app, &code);

10
crates/ezidam/src/routes/root/forgot_password.rs
View file

@ -67,7 +67,7 @@ pub async fn forgot_password_email_form(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get settings // Get settings
let settings = Settings::get(transaction.deref_mut()).await?; let settings = Settings::get(&mut transaction).await?;
// Get server url // Get server url
let url = settings let url = settings
@ -85,7 +85,7 @@ pub async fn forgot_password_email_form(
}; };
// Get user // Get user
let user = match User::get_by_email(transaction.deref_mut(), &email).await? { let user = match User::get_by_email(&mut transaction, &email).await? {
Some(user) => user, Some(user) => user,
None => { None => {
return Ok(Flash::new( return Ok(Flash::new(
@ -100,7 +100,7 @@ pub async fn forgot_password_email_form(
let token = task::spawn_blocking(PasswordResetToken::generate).await?; let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database // Save in database
user.set_password_reset_token(transaction.deref_mut(), Some(&token)) user.set_password_reset_token(&mut transaction, Some(&token))
.await?; .await?;
transaction.commit().await?; transaction.commit().await?;
@ -236,7 +236,7 @@ pub async fn forgot_password_paper_key_form(
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
// Get user // Get user
let user = match User::get_by_login(transaction.deref_mut(), form.login).await? { let user = match User::get_by_login(&mut transaction, form.login).await? {
Some(user) => user, Some(user) => user,
None => { None => {
return Ok(Flash::new( return Ok(Flash::new(
@ -272,7 +272,7 @@ pub async fn forgot_password_paper_key_form(
let token = task::spawn_blocking(PasswordResetToken::generate).await?; let token = task::spawn_blocking(PasswordResetToken::generate).await?;
// Save in database // Save in database
user.set_password_reset_token(transaction.deref_mut(), Some(&token)) user.set_password_reset_token(&mut transaction, Some(&token))
.await?; .await?;
transaction.commit().await?; transaction.commit().await?;

4
crates/ezidam/src/routes/root/logo.rs
View file

@ -5,9 +5,7 @@ use settings::Settings;
#[get("/logo")] #[get("/logo")]
pub async fn get_logo(mut db: Connection<Database>) -> Result<FileFromBytes> { pub async fn get_logo(mut db: Connection<Database>) -> Result<FileFromBytes> {
// Get settings // Get settings
let mut transaction = db.begin().await?; let settings = Settings::get(&mut *db).await?;
let settings = Settings::get(transaction.deref_mut()).await?;
transaction.commit().await?;
// HTTP response // HTTP response
Ok(FileFromBytes::from(settings.business_logo())) Ok(FileFromBytes::from(settings.business_logo()))

22
crates/ezidam/src/routes/root/logout.rs
View file

@ -1,6 +1,6 @@
use crate::routes::prelude::*; use crate::routes::prelude::*;
use crate::tokens::{JWT_COOKIE_NAME, REFRESH_TOKEN_COOKIE_NAME}; use crate::tokens::{JWT_COOKIE_NAME, REFRESH_TOKEN_COOKIE_NAME};
use rocket::http::CookieJar; use rocket::http::{Cookie, CookieJar};
use rocket::post; use rocket::post;
#[post("/logout")] #[post("/logout")]
@ -11,23 +11,19 @@ pub async fn request_logout(
) -> Result<Redirect> { ) -> Result<Redirect> {
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;
let refresh_token = let refresh_token = refresh_tokens::RefreshToken::get_one(&mut transaction, &refresh_token.0)
refresh_tokens::RefreshToken::get_one(transaction.deref_mut(), &refresh_token.0) .await?
.await? .ok_or_else(|| Error::not_found("Unknown refresh token"))?;
.ok_or_else(|| Error::not_found("Unknown refresh token"))?;
// Delete cookies // Delete cookies
cookie_jar.remove(JWT_COOKIE_NAME); cookie_jar.remove(Cookie::named(JWT_COOKIE_NAME));
cookie_jar.remove(REFRESH_TOKEN_COOKIE_NAME); cookie_jar.remove(Cookie::named(REFRESH_TOKEN_COOKIE_NAME));
// If refresh token has already been used // If refresh token has already been used
if refresh_token.has_been_used() { if refresh_token.has_been_used() {
// Revoke all refresh tokens for user // Revoke all refresh tokens for user
refresh_tokens::RefreshToken::revoke_all_for_user( refresh_tokens::RefreshToken::revoke_all_for_user(&mut transaction, refresh_token.user())
transaction.deref_mut(), .await?;
refresh_token.user(),
)
.await?;
transaction.commit().await?; transaction.commit().await?;
@ -45,7 +41,7 @@ pub async fn request_logout(
} }
// Revoke token // Revoke token
refresh_token.revoke(transaction.deref_mut()).await?; refresh_token.revoke(&mut transaction).await?;
transaction.commit().await?; transaction.commit().await?;

Some files were not shown because too many files have changed in this diff Show more