Implement password authentication

2023-05-31 15:17:00 +02:00
parent 5ed74260a8
commit 652541cd59
6 changed files with 133 additions and 1 deletions
--- a/geneit_backend/src/services/login_token_service.rs
+++ b/geneit_backend/src/services/login_token_service.rs
@ -0,0 +1,58 @@
+//! # User tokens management
+
+use crate::connections::redis_connection;
+use crate::models::{User, UserID};
+use crate::utils::string_utils;
+use crate::utils::time_utils::time;
+use std::time::Duration;
+
+#[derive(serde::Serialize, serde::Deserialize, Debug, Clone)]
+struct LoginToken {
+    expire: u64,
+    hb: u64,
+    user_id: UserID,
+}
+
+impl LoginToken {
+    pub fn new(user: &User) -> (String, Self) {
+        let key = format!("tok-{}-{}", user.id().0, string_utils::rand_str(40));
+
+        (
+            key,
+            Self {
+                expire: time() + 3600 * 24,
+                hb: time(),
+                user_id: user.id(),
+            },
+        )
+    }
+
+    pub fn is_valid(&self) -> bool {
+        self.expire > time() && self.hb + 3600 > time()
+    }
+
+    pub fn refresh_hb(&self) -> Option<Self> {
+        if self.hb + 60 * 5 < time() {
+            let mut new = self.clone();
+            new.hb = time();
+            Some(new)
+        } else {
+            None
+        }
+    }
+
+    pub fn lifetime(&self) -> Duration {
+        Duration::from_secs(if self.expire <= time() {
+            0
+        } else {
+            self.expire - time()
+        })
+    }
+}
+
+/// Generate a new login token
+pub async fn gen_new_token(user: &User) -> anyhow::Result<String> {
+    let (key, token) = LoginToken::new(user);
+    redis_connection::set_value(&key, &token, token.lifetime()).await?;
+    Ok(key)
+}
--- a/geneit_backend/src/services/mod.rs
+++ b/geneit_backend/src/services/mod.rs
@ -1,5 +1,6 @@
 //! # Backend services

+pub mod login_token_service;
 pub mod mail_service;
 pub mod rate_limiter_service;
 pub mod users_service;
--- a/geneit_backend/src/services/rate_limiter_service.rs
+++ b/geneit_backend/src/services/rate_limiter_service.rs
@ -8,6 +8,7 @@ pub enum RatedAction {
    CreateAccount,
    CheckResetPasswordTokenFailed,
    RequestNewPasswordResetLink,
+    FailedPasswordLogin,
 }

 impl RatedAction {
@ -16,6 +17,7 @@ impl RatedAction {
            RatedAction::CreateAccount => "create-account",
            RatedAction::CheckResetPasswordTokenFailed => "check-reset-password-token",
            RatedAction::RequestNewPasswordResetLink => "req-pwd-reset-lnk",
+            RatedAction::FailedPasswordLogin => "failed-login",
        }
    }

@ -24,6 +26,7 @@ impl RatedAction {
            RatedAction::CreateAccount => 5,
            RatedAction::CheckResetPasswordTokenFailed => 100,
            RatedAction::RequestNewPasswordResetLink => 5,
+            RatedAction::FailedPasswordLogin => 15,
        }
    }