+\r
+ pub fn sign_in(&self, password: &str, email: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {\r
+ let mut con = self.pool.get()?;\r
+ let tx = con.transaction()?;\r
+ match tx.query_row("SELECT [id], [password] FROM [User] WHERE [email] = ?1", [email], |r| {\r
+ Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?))\r
+ }).optional()? {\r
+ Some((id, stored_password)) => {\r
+ if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {\r
+ let token = Connection::create_login_token(&tx, id, ip, user_agent)?;\r
+ tx.commit()?;\r
+ Ok(SignInResult::Ok(token, id))\r
+ } else {\r
+ Ok(SignInResult::PasswordsDontMatch)\r
+ }\r
+ },\r
+ None => {\r
+ Ok(SignInResult::UserNotFound)\r
+ },\r
+ }\r
+ }\r
+\r
+ pub fn authentication(&self, token: &str, ip: &str, user_agent: &str) -> Result<AuthenticationResult> {\r
+ let mut con = self.pool.get()?;\r
+ let tx = con.transaction()?;\r
+ match tx.query_row("SELECT [id], [user_id] FROM [UserLoginToken] WHERE [token] = ?1", [token], |r| {\r
+ Ok((r.get::<&str, i32>("id")?, r.get::<&str, i32>("user_id")?))\r
+ }).optional()? {\r
+ Some((login_id, user_id)) => {\r
+ tx.execute("UPDATE [UserLoginToken] SET [last_login_datetime] = ?2, [ip] = ?3, [user_agent] = ?4 WHERE [id] = ?1", params![login_id, Utc::now(), ip, user_agent])?;\r
+ tx.commit()?;\r
+ Ok(AuthenticationResult::Ok(user_id))\r
+ },\r
+ None =>\r
+ Ok(AuthenticationResult::NotValidToken)\r
+ }\r
+ }\r
+\r
+ pub fn sign_out(&self, token: &str) -> Result<()> {\r
+ let mut con = self.pool.get()?;\r
+ let tx = con.transaction()?;\r
+ match tx.query_row("SELECT [id] FROM [UserLoginToken] WHERE [token] = ?1", [token], |r| {\r
+ Ok(r.get::<&str, i32>("id")?)\r
+ }).optional()? {\r
+ Some(login_id) => {\r
+ tx.execute("DELETE FROM [UserLoginToken] WHERE [id] = ?1", params![login_id])?;\r
+ tx.commit()?\r
+ },\r
+ None => (),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ /// Execute a given SQL file.\r
+ pub fn execute_file<P: AsRef<Path> + fmt::Display>(&self, file: P) -> Result<()> {\r
+ let con = self.pool.get()?;\r
+ let sql = load_sql_file(file)?;\r
+ con.execute_batch(&sql).map_err(DBError::from)\r
+ }\r
+\r
+ /// Execute any SQL statement.\r
+ /// Mainly used for testing.\r
+ pub fn execute_sql<P: Params>(&self, sql: &str, params: P) -> Result<usize> {\r
+ let con = self.pool.get()?;\r
+ con.execute(sql, params).map_err(DBError::from)\r
+ }\r
+\r
+ // Return the token.\r
+ fn create_login_token(tx: &rusqlite::Transaction, user_id: i32, ip: &str, user_agent: &str) -> Result<String> {\r
+ let token = generate_token();\r
+ tx.execute("INSERT INTO [UserLoginToken] ([user_id], [last_login_datetime], [token], [ip], [user_agent]) VALUES (?1, ?2, ?3, ?4, ?5)", params![user_id, Utc::now(), token, ip, user_agent])?;\r
+ Ok(token)\r
+ }\r
+}\r
+\r
+fn load_sql_file<P: AsRef<Path> + fmt::Display>(sql_file: P) -> Result<String> {\r
+ let mut file = File::open(&sql_file).map_err(|err| DBError::Other(format!("Cannot open SQL file ({}): {}", &sql_file, err.to_string())))?;\r
+ let mut sql = String::new();\r
+ file.read_to_string(&mut sql).map_err(|err| DBError::Other(format!("Cannot read SQL file ({}) : {}", &sql_file, err.to_string())))?;\r
+ Ok(sql)\r
+}\r
+\r
+fn generate_token() -> String {\r
+ Alphanumeric.sample_string(&mut rand::thread_rng(), 24)\r
+}\r
+\r
+#[cfg(test)]\r
+mod tests {\r
+ use super::*;\r
+\r
+ #[test]\r
+ fn sign_up() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ match connection.sign_up("paul@test.org", "12345")? {\r
+ SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_to_an_already_existing_user() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ connection.execute_sql("\r
+ INSERT INTO [User] ([id], [email], [name], [password], [creation_datetime], [validation_token])\r
+ VALUES (\r
+ 1,\r
+ 'paul@test.org',\r
+ 'paul',\r
+ '$argon2id$v=19$m=4096,t=3,p=1$1vtXcacYjUHZxMrN6b2Xng$wW8Z59MIoMcsIljnjHmxn3EBcc5ymEySZPUVXHlRxcY',\r
+ 0,\r
+ NULL\r
+ );", [])?;\r
+ match connection.sign_up("paul@test.org", "12345")? {\r
+ SignUpResult::UserAlreadyExists => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_to_an_unvalidated_already_existing_user() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ let token = generate_token();\r
+ connection.execute_sql("\r
+ INSERT INTO [User] ([id], [email], [name], [password], [creation_datetime], [validation_token])\r
+ VALUES (\r
+ 1,\r
+ 'paul@test.org',\r
+ 'paul',\r
+ '$argon2id$v=19$m=4096,t=3,p=1$1vtXcacYjUHZxMrN6b2Xng$wW8Z59MIoMcsIljnjHmxn3EBcc5ymEySZPUVXHlRxcY',\r
+ 0,\r
+ :token\r
+ );", named_params! { ":token": token })?;\r
+ match connection.sign_up("paul@test.org", "12345")? {\r
+ SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_at_time() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ let validation_token =\r
+ match connection.sign_up("paul@test.org", "12345")? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+ match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {\r
+ ValidationResult::Ok(_, _) => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_too_late() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ let validation_token =\r
+ match connection.sign_up_with_given_time("paul@test.org", "12345", Utc::now() - Duration::days(1))? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+ match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {\r
+ ValidationResult::ValidationExpired => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_with_bad_token() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+ let _validation_token =\r
+ match connection.sign_up("paul@test.org", "12345")? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+ let random_token = generate_token();\r
+ match connection.validation(&random_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {\r
+ ValidationResult::UnknownUser => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_then_sign_in() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+\r
+ let email = "paul@test.org";\r
+ let password = "12345";\r
+\r
+ // Sign up.\r
+ let validation_token =\r
+ match connection.sign_up(email, password)? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Validation.\r
+ match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0")? {\r
+ ValidationResult::Ok(_, _) => (),\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Sign in.\r
+ match connection.sign_in(password, email, "127.0.0.1", "Mozilla/5.0")? {\r
+ SignInResult::Ok(_, _) => (), // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ }\r
+\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_then_authentication() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+\r
+ let email = "paul@test.org";\r
+ let password = "12345";\r
+\r
+ // Sign up.\r
+ let validation_token =\r
+ match connection.sign_up(email, password)? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Validation.\r
+ let (authentication_token, user_id) = match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla")? {\r
+ ValidationResult::Ok(token, user_id) => (token, user_id),\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Check user login information.\r
+ let user_login_info_1 = connection.get_user_login_info(&authentication_token)?;\r
+ assert_eq!(user_login_info_1.ip, "127.0.0.1");\r
+ assert_eq!(user_login_info_1.user_agent, "Mozilla");\r
+\r
+ // Authentication.\r
+ let _user_id =\r
+ match connection.authentication(&authentication_token, "192.168.1.1", "Chrome")? {\r
+ AuthenticationResult::Ok(user_id) => user_id, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Check user login information.\r
+ let user_login_info_2 = connection.get_user_login_info(&authentication_token)?;\r
+ assert_eq!(user_login_info_2.ip, "192.168.1.1");\r
+ assert_eq!(user_login_info_2.user_agent, "Chrome");\r
+\r
+ Ok(())\r
+ }\r
+\r
+ #[test]\r
+ fn sign_up_then_send_validation_then_sign_out_then_sign_in() -> Result<()> {\r
+ let connection = Connection::new_in_memory()?;\r
+\r
+ let email = "paul@test.org";\r
+ let password = "12345";\r
+\r
+ // Sign up.\r
+ let validation_token =\r
+ match connection.sign_up(email, password)? {\r
+ SignUpResult::UserCreatedWaitingForValidation(token) => token, // Nominal case.\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Validation.\r
+ let (authentication_token_1, user_id_1) =\r
+ match connection.validation(&validation_token, Duration::hours(1), "127.0.0.1", "Mozilla")? {\r
+ ValidationResult::Ok(token, user_id) => (token, user_id),\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ // Check user login information.\r
+ let user_login_info_1 = connection.get_user_login_info(&authentication_token_1)?;\r
+ assert_eq!(user_login_info_1.ip, "127.0.0.1");\r
+ assert_eq!(user_login_info_1.user_agent, "Mozilla");\r
+\r
+ // Sign out.\r
+ connection.sign_out(&authentication_token_1)?;\r
+\r
+ // Sign in.\r
+ let (authentication_token_2, user_id_2) =\r
+ match connection.sign_in(password, email, "192.168.1.1", "Chrome")? {\r
+ SignInResult::Ok(token, user_id) => (token, user_id),\r
+ other => panic!("{:?}", other),\r
+ };\r
+\r
+ assert_eq!(user_id_1, user_id_2);\r
+ assert_ne!(authentication_token_1, authentication_token_2);\r
+\r
+ // Check user login information.\r
+ let user_login_info_2 = connection.get_user_login_info(&authentication_token_2)?;\r
+\r
+ assert_eq!(user_login_info_2.ip, "192.168.1.1");\r
+ assert_eq!(user_login_info_2.user_agent, "Chrome");\r
+\r
+ Ok(())\r
+ }\r
+}\r