From 1a8211c13dd7d9dd0259038a1b57ca8998f43862 Mon Sep 17 00:00:00 2001
From: Pierre Hubert <pierre.git@communiquons.org>
Date: Mon, 5 Jun 2023 19:11:28 +0200
Subject: [PATCH] Refactor users_service

---
 .../src/controllers/auth_controller.rs        | 10 ++--
 .../src/controllers/user_controller.rs        |  6 +--
 geneit_backend/src/services/users_service.rs  | 49 +++++++------------
 3 files changed, 25 insertions(+), 40 deletions(-)

diff --git a/geneit_backend/src/controllers/auth_controller.rs b/geneit_backend/src/controllers/auth_controller.rs
index 0455147..804d436 100644
--- a/geneit_backend/src/controllers/auth_controller.rs
+++ b/geneit_backend/src/controllers/auth_controller.rs
@@ -147,7 +147,7 @@ pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBod
         return Ok(HttpResponse::TooManyRequests().finish());
     }
 
-    let user = match users_service::get_by_pwd_reset_token(&req.token).await {
+    let mut user = match users_service::get_by_pwd_reset_token(&req.token).await {
         Ok(t) => t,
         Err(e) => {
             rate_limiter_service::record_action(
@@ -168,10 +168,10 @@ pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBod
     }
 
     // Validate account, if required
-    users_service::validate_account(&user).await?;
+    users_service::validate_account(&mut user).await?;
 
     // Change user password
-    users_service::change_password(&user, &req.password).await?;
+    users_service::change_password(&mut user, &req.password).await?;
 
     Ok(HttpResponse::Accepted().finish())
 }
@@ -298,10 +298,10 @@ pub async fn finish_openid_login(
         users_service::create_account(&name, &mail).await?;
     }
 
-    let user = users_service::get_by_mail(&mail).await?;
+    let mut user = users_service::get_by_mail(&mail).await?;
 
     // OpenID auth is enough to validate accounts
-    users_service::validate_account(&user).await?;
+    users_service::validate_account(&mut user).await?;
 
     finish_login(&user).await
 }
diff --git a/geneit_backend/src/controllers/user_controller.rs b/geneit_backend/src/controllers/user_controller.rs
index be44b66..3d57511 100644
--- a/geneit_backend/src/controllers/user_controller.rs
+++ b/geneit_backend/src/controllers/user_controller.rs
@@ -49,7 +49,7 @@ pub async fn update_profile(token: LoginToken, profile: Json<ProfileUpdateQuery>
 
     let mut user = users_service::get_by_id(token.user_id).await?;
     user.name = profile.0.name;
-    users_service::update_account(user).await?;
+    users_service::update_account(&user).await?;
 
     Ok(HttpResponse::Accepted().finish())
 }
@@ -83,7 +83,7 @@ pub async fn replace_password(
         return Ok(HttpResponse::BadRequest().json("Nouveau mot de passe invalide!"));
     }
 
-    let user = users_service::get_by_id(token.user_id).await?;
+    let mut user = users_service::get_by_id(token.user_id).await?;
     if !user.check_password(&q.old_password) {
         rate_limiter_service::record_action(
             remote_ip.0,
@@ -93,7 +93,7 @@ pub async fn replace_password(
         return Ok(HttpResponse::BadRequest().json("Ancien mot de passe invalide !"));
     }
 
-    users_service::change_password(&user, &q.new_password).await?;
+    users_service::change_password(&mut user, &q.new_password).await?;
 
     Ok(HttpResponse::Accepted().finish())
 }
diff --git a/geneit_backend/src/services/users_service.rs b/geneit_backend/src/services/users_service.rs
index 3c89572..cb90830 100644
--- a/geneit_backend/src/services/users_service.rs
+++ b/geneit_backend/src/services/users_service.rs
@@ -81,16 +81,7 @@ pub async fn request_reset_password(user: &mut User) -> anyhow::Result<()> {
         user.reset_password_token = Some(rand_str(149));
         user.time_gen_reset_token = time() as i64;
 
-        db_connection::execute(|conn| {
-            Ok(
-                diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
-                    .set((
-                        users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
-                        users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
-                    ))
-                    .execute(conn)?,
-            )
-        })?;
+        update_account(user).await?;
     }
 
     // Send mail
@@ -129,7 +120,7 @@ pub async fn delete_not_validated_accounts() -> anyhow::Result<()> {
 }
 
 /// Mark account as validated
-pub async fn validate_account(user: &User) -> anyhow::Result<()> {
+pub async fn validate_account(user: &mut User) -> anyhow::Result<()> {
     if user.time_activate > 0 {
         log::debug!(
             "Did not activate account {} because it is already activated!",
@@ -138,13 +129,9 @@ pub async fn validate_account(user: &User) -> anyhow::Result<()> {
         return Ok(());
     }
 
-    db_connection::execute(|conn| {
-        Ok(
-            diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
-                .set((users::dsl::time_activate.eq(time() as i64),))
-                .execute(conn)?,
-        )
-    })?;
+    user.time_activate = time() as i64;
+
+    update_account(user).await?;
 
     mail_service::send_mail(
         &user.email,
@@ -160,15 +147,19 @@ pub async fn validate_account(user: &User) -> anyhow::Result<()> {
 }
 
 /// Update account information
-pub async fn update_account(user: User) -> anyhow::Result<()> {
+pub async fn update_account(user: &User) -> anyhow::Result<()> {
     db_connection::execute(|conn| {
         Ok(
             diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
                 .set((
-                    users::dsl::name.eq(user.name),
+                    users::dsl::name.eq(user.name.clone()),
                     users::dsl::admin.eq(user.admin),
                     users::dsl::active.eq(user.active),
-                    users::dsl::email.eq(user.email),
+                    users::dsl::email.eq(user.email.clone()),
+                    users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
+                    users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
+                    users::dsl::time_activate.eq(time() as i64),
+                    users::dsl::password.eq(user.password.clone()),
                 ))
                 .execute(conn)?,
         )
@@ -178,19 +169,13 @@ pub async fn update_account(user: User) -> anyhow::Result<()> {
 }
 
 /// Change user paswsord
-pub async fn change_password(user: &User, new_password: &str) -> anyhow::Result<()> {
+pub async fn change_password(user: &mut User, new_password: &str) -> anyhow::Result<()> {
     let hash = bcrypt::hash(new_password, DEFAULT_COST)?;
 
-    db_connection::execute(|conn| {
-        Ok(
-            diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
-                .set((
-                    users::dsl::password.eq(hash),
-                    users::dsl::reset_password_token.eq(None::<String>),
-                ))
-                .execute(conn)?,
-        )
-    })?;
+    user.reset_password_token = None;
+    user.password = Some(hash);
+
+    update_account(user).await?;
 
     Ok(())
 }