comunicapiv3/src/helpers/account_helper.rs

use crate::constants::database_tables_names::{USER_ACCESS_TOKENS_TABLE, USERS_TABLE};
use crate::data::api_client::APIClient;
use crate::data::error::{ExecError, ResultBoxError};
use crate::data::new_account::NewAccount;
use crate::data::user::UserID;
use crate::data::user_token::UserAccessToken;
use crate::helpers::{database, user_helper};
use crate::helpers::database::{DeleteQuery, InsertQuery, QueryInfo};
use crate::utils::crypt_utils::{crypt_pass, rand_str};
use crate::utils::date_utils::{mysql_date, time};

/// Account helper
///
/// @author Pierre Hubert

/// Create a new account
pub fn create(new_account: &NewAccount) -> ResultBoxError {
    database::InsertQuery::new(USERS_TABLE)
        .add_str("nom", &new_account.first_name)
        .add_str("prenom", &new_account.last_name)
        .add_str("date_creation", &mysql_date())
        .add_str("mail", &new_account.email)
        .add_str("password", &crypt_pass(&new_account.password)?)
        .insert_drop_result()
}

/// Attempt to sign-in user
///
/// In this version of the api, we consider that there is only one login token required
/// This is why I returns just a simple string, the token created for the user in case of success
pub fn login_user(email: &str, password: &str, client: &APIClient) -> ResultBoxError<String> {
    let user = user_helper::find_user_by_email(email)?;

    // Validate user password
    let password = crypt_pass(password)?;
    if !user.password.eq(&password) {
        return Err(ExecError::boxed_new("The user gave an invalid password!"));
    }

    // Check if we already have a login token for this user
    if let Ok(token) = get_client_tokens(&user.id, client) {
        return Ok(token.token);
    }


    // Create new login tokens
    let new_token = UserAccessToken {
        user_id: user.id.clone(),
        client_id: client.id,
        token: rand_str(150),
    };

    // Save it
    database::insert(
        InsertQuery::new(USER_ACCESS_TOKENS_TABLE)
            .add_user_id("user_id", &new_token.user_id)
            .add_u32("service_id", client.id)
            .add_str("token1", &new_token.token)
            .add_str("token2", "dummy_data")
    )?;

    Ok(new_token.token)
}

/// Get user login tokens
fn get_client_tokens(user_id: &UserID, client: &APIClient) -> ResultBoxError<UserAccessToken> {
    database::query_row(
        QueryInfo::new(USER_ACCESS_TOKENS_TABLE)
            .cond_user_id("user_id", user_id)
            .cond_u32("service_id", client.id),
        |res| {
            Ok(UserAccessToken {
                user_id: res.get_user_id("user_id")?,
                client_id: res.get_int64("service_id")? as u32,
                token: res.get_str("token1")?,
            })
        },
    )
}

/// Find a user ID based on login token
pub fn get_user_by_login_token(token: &str, client: &APIClient) -> ResultBoxError<UserID> {
    database::query_row(
        QueryInfo::new(USER_ACCESS_TOKENS_TABLE)
            .cond_u32("service_id", client.id)
            .cond("token1", token)
            .add_field("user_id"),
        |res| res.get_user_id("user_id"),
    )
}

/// Check out whether an email address exists or not
pub fn exists_mail(mail: &str) -> ResultBoxError<bool> {
    database::QueryInfo::new(USERS_TABLE)
        .cond("mail", mail)
        .exec_count()
        .map(|r| r > 0)
}

/// Destroy a given user login tokens
pub fn destroy_login_tokens(id: &UserID, client: &APIClient) -> ResultBoxError<()> {
    database::delete(DeleteQuery::new(USER_ACCESS_TOKENS_TABLE)
        .cond_u32("service_id", client.id)
        .cond_user_id("user_id", id)
    )?;

    Ok(())
}

/// Destroy all login tokens of a user
pub fn destroy_all_user_tokens(id: &UserID) -> ResultBoxError {
    database::DeleteQuery::new(USER_ACCESS_TOKENS_TABLE)
        .cond_user_id("user_id", id)
        .exec()
}

/// Generate a new password reset token
pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String> {
    let token = rand_str(255);

    database::UpdateInfo::new(USERS_TABLE)
        .cond_user_id("ID", user_id)
        .set_str("password_reset_token", &token)
        .set_u64("password_reset_token_time_create", time())
        .exec()?;

    Ok(token)
}

/// Check out whether a virtual directory is taken by a user or not
pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {
    let found_user = user_helper::find_user_by_virtual_directory(dir);

    match (found_user, user_id) {

        // A user was found, but we did not specify a user
        (Ok(_), None) => Ok(false),

        // A user was found, and we specified a user ID, we check if the IDs are the same
        (Ok(user), Some(id)) => Ok(user.id == id),

        // No user was found, virtual directory is considered as available
        (Err(_), _) => Ok(true)
    }
}

/// Update the last activity of a user
pub fn update_last_activity(user_id: &UserID) -> ResultBoxError {
    database::UpdateInfo::new(USERS_TABLE)
        .cond_user_id("ID", user_id)
        .set_u64("last_activity", time())
        .exec()
}
Update last activity of the user 2020-06-29 15:53:39 +02:00			`use crate::constants::database_tables_names::{USER_ACCESS_TOKENS_TABLE, USERS_TABLE};`
Ready to implement password check 2020-05-23 19:17:48 +02:00			`use crate::data::api_client::APIClient;`
Can login user 2020-05-24 16:35:54 +02:00			`use crate::data::error::{ExecError, ResultBoxError};`
Can create new accounts 2020-07-13 13:35:25 +02:00			`use crate::data::new_account::NewAccount;`
Can login user 2020-05-24 16:35:54 +02:00			`use crate::data::user::UserID;`
			`use crate::data::user_token::UserAccessToken;`
			`use crate::helpers::{database, user_helper};`
Collect new group settings 2020-06-26 08:58:00 +02:00			`use crate::helpers::database::{DeleteQuery, InsertQuery, QueryInfo};`
Can login user 2020-05-24 16:35:54 +02:00			`use crate::utils::crypt_utils::{crypt_pass, rand_str};`
Can create new accounts 2020-07-13 13:35:25 +02:00			`use crate::utils::date_utils::{mysql_date, time};`
Ready to implement password check 2020-05-23 19:17:48 +02:00
			`/// Account helper`
			`///`
			`/// @author Pierre Hubert`

Can create new accounts 2020-07-13 13:35:25 +02:00			`/// Create a new account`
			`pub fn create(new_account: &NewAccount) -> ResultBoxError {`
			`database::InsertQuery::new(USERS_TABLE)`
			`.add_str("nom", &new_account.first_name)`
			`.add_str("prenom", &new_account.last_name)`
			`.add_str("date_creation", &mysql_date())`
			`.add_str("mail", &new_account.email)`
			`.add_str("password", &crypt_pass(&new_account.password)?)`
			`.insert_drop_result()`
			`}`

Ready to implement password check 2020-05-23 19:17:48 +02:00			`/// Attempt to sign-in user`
			`///`
			`/// In this version of the api, we consider that there is only one login token required`
			`/// This is why I returns just a simple string, the token created for the user in case of success`
			`pub fn login_user(email: &str, password: &str, client: &APIClient) -> ResultBoxError<String> {`
			`let user = user_helper::find_user_by_email(email)?;`

Can login user 2020-05-24 16:35:54 +02:00			`// Validate user password`
			`let password = crypt_pass(password)?;`
			`if !user.password.eq(&password) {`
			`return Err(ExecError::boxed_new("The user gave an invalid password!"));`
			`}`
Ready to implement password check 2020-05-23 19:17:48 +02:00
Can login user 2020-05-24 16:35:54 +02:00			`// Check if we already have a login token for this user`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`if let Ok(token) = get_client_tokens(&user.id, client) {`
Can login user 2020-05-24 16:35:54 +02:00			`return Ok(token.token);`
			`}`
Ready to implement password check 2020-05-23 19:17:48 +02:00
Can login user 2020-05-24 16:35:54 +02:00
			`// Create new login tokens`
			`let new_token = UserAccessToken {`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`user_id: user.id.clone(),`
Can login user 2020-05-24 16:35:54 +02:00			`client_id: client.id,`
Can get current user ID 2020-05-24 17:57:47 +02:00			`token: rand_str(150),`
Can login user 2020-05-24 16:35:54 +02:00			`};`

			`// Save it`
			`database::insert(`
			`InsertQuery::new(USER_ACCESS_TOKENS_TABLE)`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`.add_user_id("user_id", &new_token.user_id)`
Can login user 2020-05-24 16:35:54 +02:00			`.add_u32("service_id", client.id)`
			`.add_str("token1", &new_token.token)`
			`.add_str("token2", "dummy_data")`
			`)?;`

			`Ok(new_token.token)`
			`}`

			`/// Get user login tokens`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`fn get_client_tokens(user_id: &UserID, client: &APIClient) -> ResultBoxError<UserAccessToken> {`
Can login user 2020-05-24 16:35:54 +02:00			`database::query_row(`
			`QueryInfo::new(USER_ACCESS_TOKENS_TABLE)`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`.cond_user_id("user_id", user_id)`
Simplify future database requests 2020-05-24 16:39:48 +02:00			`.cond_u32("service_id", client.id),`
Can login user 2020-05-24 16:35:54 +02:00			`\|res\| {`
			`Ok(UserAccessToken {`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`user_id: res.get_user_id("user_id")?,`
Can login user 2020-05-24 16:35:54 +02:00			`client_id: res.get_int64("service_id")? as u32,`
			`token: res.get_str("token1")?,`
			`})`
			`},`
			`)`
Can get current user ID 2020-05-24 17:57:47 +02:00			`}`

			`/// Find a user ID based on login token`
			`pub fn get_user_by_login_token(token: &str, client: &APIClient) -> ResultBoxError<UserID> {`
			`database::query_row(`
			`QueryInfo::new(USER_ACCESS_TOKENS_TABLE)`
			`.cond_u32("service_id", client.id)`
Optimize request 2020-05-24 18:02:19 +02:00			`.cond("token1", token)`
			`.add_field("user_id"),`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`\|res\| res.get_user_id("user_id"),`
Can get current user ID 2020-05-24 17:57:47 +02:00			`)`
Can sign out user 2020-05-24 19:19:07 +02:00			`}`

Can check if an email address exists or not 2020-07-13 13:00:02 +02:00			`/// Check out whether an email address exists or not`
			`pub fn exists_mail(mail: &str) -> ResultBoxError<bool> {`
			`database::QueryInfo::new(USERS_TABLE)`
			`.cond("mail", mail)`
			`.exec_count()`
			`.map(\|r\| r > 0)`
			`}`

Can sign out user 2020-05-24 19:19:07 +02:00			`/// Destroy a given user login tokens`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`pub fn destroy_login_tokens(id: &UserID, client: &APIClient) -> ResultBoxError<()> {`
Can sign out user 2020-05-24 19:19:07 +02:00			`database::delete(DeleteQuery::new(USER_ACCESS_TOKENS_TABLE)`
			`.cond_u32("service_id", client.id)`
Upgrade UserID to a structure 2020-06-25 10:08:34 +02:00			`.cond_user_id("user_id", id)`
Can sign out user 2020-05-24 19:19:07 +02:00			`)?;`

			`Ok(())`
Collect new group settings 2020-06-26 08:58:00 +02:00			`}`

Can disconnect a user from all its devices 2020-07-13 11:56:49 +02:00			`/// Destroy all login tokens of a user`
			`pub fn destroy_all_user_tokens(id: &UserID) -> ResultBoxError {`
			`database::DeleteQuery::new(USER_ACCESS_TOKENS_TABLE)`
			`.cond_user_id("user_id", id)`
			`.exec()`
			`}`

Can generate a reset token if password is valid 2020-07-13 14:20:28 +02:00			`/// Generate a new password reset token`
			`pub fn generate_password_reset_token(user_id: &UserID) -> ResultBoxError<String> {`
			`let token = rand_str(255);`

			`database::UpdateInfo::new(USERS_TABLE)`
			`.cond_user_id("ID", user_id)`
			`.set_str("password_reset_token", &token)`
			`.set_u64("password_reset_token_time_create", time())`
			`.exec()?;`

			`Ok(token)`
			`}`

Collect new group settings 2020-06-26 08:58:00 +02:00			`/// Check out whether a virtual directory is taken by a user or not`
			`pub fn check_user_directory_availability(dir: &str, user_id: Option<UserID>) -> ResultBoxError<bool> {`
			`let found_user = user_helper::find_user_by_virtual_directory(dir);`

			`match (found_user, user_id) {`

			`// A user was found, but we did not specify a user`
			`(Ok(_), None) => Ok(false),`

			`// A user was found, and we specified a user ID, we check if the IDs are the same`
			`(Ok(user), Some(id)) => Ok(user.id == id),`

			`// No user was found, virtual directory is considered as available`
			`(Err(_), _) => Ok(true)`
			`}`
Update last activity of the user 2020-06-29 15:53:39 +02:00			`}`

			`/// Update the last activity of a user`
			`pub fn update_last_activity(user_id: &UserID) -> ResultBoxError {`
			`database::UpdateInfo::new(USERS_TABLE)`
			`.cond_user_id("ID", user_id)`
			`.set_u64("last_activity", time())`
			`.exec()`
Ready to implement password check 2020-05-23 19:17:48 +02:00			`}`