Refactor users_service

This commit is contained in:
Pierre HUBERT 2023-06-05 19:11:28 +02:00
parent 27910a03a8
commit 1a8211c13d
3 changed files with 25 additions and 40 deletions

View File

@ -147,7 +147,7 @@ pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBod
return Ok(HttpResponse::TooManyRequests().finish()); return Ok(HttpResponse::TooManyRequests().finish());
} }
let user = match users_service::get_by_pwd_reset_token(&req.token).await { let mut user = match users_service::get_by_pwd_reset_token(&req.token).await {
Ok(t) => t, Ok(t) => t,
Err(e) => { Err(e) => {
rate_limiter_service::record_action( rate_limiter_service::record_action(
@ -168,10 +168,10 @@ pub async fn reset_password(remote_ip: RemoteIP, req: web::Json<ResetPasswordBod
} }
// Validate account, if required // Validate account, if required
users_service::validate_account(&user).await?; users_service::validate_account(&mut user).await?;
// Change user password // Change user password
users_service::change_password(&user, &req.password).await?; users_service::change_password(&mut user, &req.password).await?;
Ok(HttpResponse::Accepted().finish()) Ok(HttpResponse::Accepted().finish())
} }
@ -298,10 +298,10 @@ pub async fn finish_openid_login(
users_service::create_account(&name, &mail).await?; users_service::create_account(&name, &mail).await?;
} }
let user = users_service::get_by_mail(&mail).await?; let mut user = users_service::get_by_mail(&mail).await?;
// OpenID auth is enough to validate accounts // OpenID auth is enough to validate accounts
users_service::validate_account(&user).await?; users_service::validate_account(&mut user).await?;
finish_login(&user).await finish_login(&user).await
} }

View File

@ -49,7 +49,7 @@ pub async fn update_profile(token: LoginToken, profile: Json<ProfileUpdateQuery>
let mut user = users_service::get_by_id(token.user_id).await?; let mut user = users_service::get_by_id(token.user_id).await?;
user.name = profile.0.name; user.name = profile.0.name;
users_service::update_account(user).await?; users_service::update_account(&user).await?;
Ok(HttpResponse::Accepted().finish()) Ok(HttpResponse::Accepted().finish())
} }
@ -83,7 +83,7 @@ pub async fn replace_password(
return Ok(HttpResponse::BadRequest().json("Nouveau mot de passe invalide!")); return Ok(HttpResponse::BadRequest().json("Nouveau mot de passe invalide!"));
} }
let user = users_service::get_by_id(token.user_id).await?; let mut user = users_service::get_by_id(token.user_id).await?;
if !user.check_password(&q.old_password) { if !user.check_password(&q.old_password) {
rate_limiter_service::record_action( rate_limiter_service::record_action(
remote_ip.0, remote_ip.0,
@ -93,7 +93,7 @@ pub async fn replace_password(
return Ok(HttpResponse::BadRequest().json("Ancien mot de passe invalide !")); return Ok(HttpResponse::BadRequest().json("Ancien mot de passe invalide !"));
} }
users_service::change_password(&user, &q.new_password).await?; users_service::change_password(&mut user, &q.new_password).await?;
Ok(HttpResponse::Accepted().finish()) Ok(HttpResponse::Accepted().finish())
} }

View File

@ -81,16 +81,7 @@ pub async fn request_reset_password(user: &mut User) -> anyhow::Result<()> {
user.reset_password_token = Some(rand_str(149)); user.reset_password_token = Some(rand_str(149));
user.time_gen_reset_token = time() as i64; user.time_gen_reset_token = time() as i64;
db_connection::execute(|conn| { update_account(user).await?;
Ok(
diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
.set((
users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
))
.execute(conn)?,
)
})?;
} }
// Send mail // Send mail
@ -129,7 +120,7 @@ pub async fn delete_not_validated_accounts() -> anyhow::Result<()> {
} }
/// Mark account as validated /// Mark account as validated
pub async fn validate_account(user: &User) -> anyhow::Result<()> { pub async fn validate_account(user: &mut User) -> anyhow::Result<()> {
if user.time_activate > 0 { if user.time_activate > 0 {
log::debug!( log::debug!(
"Did not activate account {} because it is already activated!", "Did not activate account {} because it is already activated!",
@ -138,13 +129,9 @@ pub async fn validate_account(user: &User) -> anyhow::Result<()> {
return Ok(()); return Ok(());
} }
db_connection::execute(|conn| { user.time_activate = time() as i64;
Ok(
diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id))) update_account(user).await?;
.set((users::dsl::time_activate.eq(time() as i64),))
.execute(conn)?,
)
})?;
mail_service::send_mail( mail_service::send_mail(
&user.email, &user.email,
@ -160,15 +147,19 @@ pub async fn validate_account(user: &User) -> anyhow::Result<()> {
} }
/// Update account information /// Update account information
pub async fn update_account(user: User) -> anyhow::Result<()> { pub async fn update_account(user: &User) -> anyhow::Result<()> {
db_connection::execute(|conn| { db_connection::execute(|conn| {
Ok( Ok(
diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id))) diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
.set(( .set((
users::dsl::name.eq(user.name), users::dsl::name.eq(user.name.clone()),
users::dsl::admin.eq(user.admin), users::dsl::admin.eq(user.admin),
users::dsl::active.eq(user.active), users::dsl::active.eq(user.active),
users::dsl::email.eq(user.email), users::dsl::email.eq(user.email.clone()),
users::dsl::time_gen_reset_token.eq(user.time_gen_reset_token),
users::dsl::reset_password_token.eq(user.reset_password_token.clone()),
users::dsl::time_activate.eq(time() as i64),
users::dsl::password.eq(user.password.clone()),
)) ))
.execute(conn)?, .execute(conn)?,
) )
@ -178,19 +169,13 @@ pub async fn update_account(user: User) -> anyhow::Result<()> {
} }
/// Change user paswsord /// Change user paswsord
pub async fn change_password(user: &User, new_password: &str) -> anyhow::Result<()> { pub async fn change_password(user: &mut User, new_password: &str) -> anyhow::Result<()> {
let hash = bcrypt::hash(new_password, DEFAULT_COST)?; let hash = bcrypt::hash(new_password, DEFAULT_COST)?;
db_connection::execute(|conn| { user.reset_password_token = None;
Ok( user.password = Some(hash);
diesel::update(users::dsl::users.filter(users::dsl::id.eq(user.id)))
.set(( update_account(user).await?;
users::dsl::password.eq(hash),
users::dsl::reset_password_token.eq(None::<String>),
))
.execute(conn)?,
)
})?;
Ok(()) Ok(())
} }