use std::net::IpAddr; use crate::actors::users_actor::UsersSyncBackend; use crate::data::entity_manager::EntityManager; use crate::data::user::{FactorID, GeneralSettings, GrantedClients, TwoFactor, User, UserID}; use crate::utils::err::{new_error, Res}; use crate::utils::time::time; impl EntityManager { /// Update user information fn update_user(&mut self, id: &UserID, update: F) -> Res where F: FnOnce(User) -> User, { let user = match self.find_by_user_id(id)? { None => return new_error(format!("Failed to find user {id:?}")), Some(user) => user, }; if let Err(e) = self.replace_entries(|u| u.uid.eq(id), &update(user)) { log::error!("Failed to update user information! {:?}", e); return Err(e); } Ok(()) } } fn hash_password>(pwd: P) -> Res { Ok(bcrypt::hash(pwd, bcrypt::DEFAULT_COST)?) } fn verify_password>(pwd: P, hash: &str) -> bool { match bcrypt::verify(pwd, hash) { Ok(r) => r, Err(e) => { log::warn!("Failed to verify password! {:?}", e); false } } } impl UsersSyncBackend for EntityManager { fn find_by_username_or_email(&self, u: &str) -> Res> { for entry in self.iter() { if entry.username.eq(u) || entry.email.eq(u) { return Ok(Some(entry.clone())); } } Ok(None) } fn find_by_user_id(&self, id: &UserID) -> Res> { for entry in self.iter() { if entry.uid.eq(id) { return Ok(Some(entry.clone())); } } Ok(None) } fn get_entire_users_list(&self) -> Res> { Ok(self.cloned()) } fn create_user_account(&mut self, settings: GeneralSettings) -> Res { let mut user = User { uid: UserID(uuid::Uuid::new_v4().to_string()), ..Default::default() }; user.update_general_settings(settings); self.insert(user.clone())?; Ok(user.uid) } fn set_general_user_settings(&mut self, settings: GeneralSettings) -> Res { self.update_user(&settings.uid.clone(), |mut user| { user.update_general_settings(settings); user }) } fn change_user_password(&mut self, id: &UserID, password: &str, temporary: bool) -> Res { let new_hash = hash_password(password)?; self.update_user(id, |mut user| { user.password = new_hash; user.need_reset_password = temporary; user.two_factor_exemption_after_successful_login = Default::default(); user }) } fn verify_user_password(&self, user: &UserID, password: &str) -> Res { Ok(self .find_by_user_id(user)? .map(|u| verify_password(password, &u.password)) .unwrap_or(false)) } fn add_2fa_factor(&mut self, id: &UserID, factor: TwoFactor) -> Res { self.update_user(id, |mut user| { user.two_factor.push(factor); user }) } fn remove_2fa_factor(&mut self, id: &UserID, factor_id: FactorID) -> Res { self.update_user(id, |mut user| { user.two_factor.retain(|f| f.id != factor_id); user }) } fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> Res { self.update_user(id, |mut user| { user.last_successful_2fa.insert(ip, time()); // Remove outdated successful attempts user.remove_outdated_successful_2fa_attempts(); user }) } fn clear_2fa_login_history(&mut self, id: &UserID) -> Res { self.update_user(id, |mut user| { user.last_successful_2fa = Default::default(); user }) } fn delete_account(&mut self, id: &UserID) -> Res { let user = match self.find_by_user_id(id)? { None => { return new_error(format!( "Could not delete account {id:?} because it was not found!" )); } Some(s) => s, }; self.remove(&user) } fn set_granted_2fa_clients(&mut self, id: &UserID, clients: GrantedClients) -> Res { self.update_user(id, |mut user| { user.authorized_clients = clients.to_user(); user }) } }