BasicOIDC/src/data/users_file_entity.rs

153 lines
4.4 KiB
Rust
Raw Normal View History

use std::net::IpAddr;
use crate::actors::users_actor::UsersSyncBackend;
use crate::data::entity_manager::EntityManager;
use crate::data::user::{FactorID, GeneralSettings, GrantedClients, TwoFactor, User, UserID};
use crate::utils::err::{new_error, Res};
use crate::utils::time::time;
impl EntityManager<User> {
/// Update user information
fn update_user<F>(&mut self, id: &UserID, update: F) -> Res
where
F: FnOnce(User) -> User,
{
let user = match self.find_by_user_id(id)? {
2023-02-02 09:22:15 +00:00
None => return new_error(format!("Failed to find user {id:?}")),
Some(user) => user,
};
if let Err(e) = self.replace_entries(|u| u.uid.eq(id), &update(user)) {
log::error!("Failed to update user information! {:?}", e);
return Err(e);
}
Ok(())
}
}
fn hash_password<P: AsRef<[u8]>>(pwd: P) -> Res<String> {
Ok(bcrypt::hash(pwd, bcrypt::DEFAULT_COST)?)
}
fn verify_password<P: AsRef<[u8]>>(pwd: P, hash: &str) -> bool {
match bcrypt::verify(pwd, hash) {
Ok(r) => r,
Err(e) => {
log::warn!("Failed to verify password! {:?}", e);
false
}
}
}
impl UsersSyncBackend for EntityManager<User> {
fn find_by_username_or_email(&self, u: &str) -> Res<Option<User>> {
for entry in self.iter() {
if entry.username.eq(u) || entry.email.eq(u) {
return Ok(Some(entry.clone()));
}
}
Ok(None)
}
fn find_by_user_id(&self, id: &UserID) -> Res<Option<User>> {
for entry in self.iter() {
if entry.uid.eq(id) {
return Ok(Some(entry.clone()));
}
}
Ok(None)
}
fn get_entire_users_list(&self) -> Res<Vec<User>> {
Ok(self.cloned())
}
fn create_user_account(&mut self, settings: GeneralSettings) -> Res<UserID> {
let mut user = User {
uid: UserID(uuid::Uuid::new_v4().to_string()),
..Default::default()
};
user.update_general_settings(settings);
self.insert(user.clone())?;
Ok(user.uid)
}
fn set_general_user_settings(&mut self, settings: GeneralSettings) -> Res {
self.update_user(&settings.uid.clone(), |mut user| {
user.update_general_settings(settings);
user
})
}
fn change_user_password(&mut self, id: &UserID, password: &str, temporary: bool) -> Res {
let new_hash = hash_password(password)?;
self.update_user(id, |mut user| {
user.password = new_hash;
user.need_reset_password = temporary;
user.two_factor_exemption_after_successful_login = Default::default();
user
})
}
fn verify_user_password(&self, user: &UserID, password: &str) -> Res<bool> {
Ok(self
.find_by_user_id(user)?
.map(|u| verify_password(password, &u.password))
.unwrap_or(false))
}
fn add_2fa_factor(&mut self, id: &UserID, factor: TwoFactor) -> Res {
self.update_user(id, |mut user| {
user.two_factor.push(factor);
user
})
}
fn remove_2fa_factor(&mut self, id: &UserID, factor_id: FactorID) -> Res {
self.update_user(id, |mut user| {
user.two_factor.retain(|f| f.id != factor_id);
user
})
}
fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> Res {
self.update_user(id, |mut user| {
user.last_successful_2fa.insert(ip, time());
// Remove outdated successful attempts
user.remove_outdated_successful_2fa_attempts();
user
})
}
fn clear_2fa_login_history(&mut self, id: &UserID) -> Res {
self.update_user(id, |mut user| {
user.last_successful_2fa = Default::default();
user
})
}
fn delete_account(&mut self, id: &UserID) -> Res {
let user = match self.find_by_user_id(id)? {
None => {
return new_error(format!(
2023-02-02 09:22:15 +00:00
"Could not delete account {id:?} because it was not found!"
));
}
Some(s) => s,
};
self.remove(&user)
}
fn set_granted_2fa_clients(&mut self, id: &UserID, clients: GrantedClients) -> Res {
self.update_user(id, |mut user| {
user.authorized_clients = clients.to_user();
user
})
}
}