X-Git-Url: http://git.euphorik.ch/?p=recipes.git;a=blobdiff_plain;f=backend%2Fsrc%2Fdb.rs;fp=backend%2Fsrc%2Fdb.rs;h=e38aae7f2715174855c435c992ae7201d5eb8d7e;hp=bae57d00b71784f10f80022f56bfcab336563df8;hb=b6235fb76ce82f96503cda83eebe8106320b2a0d;hpb=45d4867cb37ce8d7007c4d98de70d81d0b705b92

diff --git a/backend/src/db.rs b/backend/src/db.rs
index bae57d0..e38aae7 100644
--- a/backend/src/db.rs
+++ b/backend/src/db.rs
@@ -7,7 +7,7 @@ use r2d2::Pool;
 use r2d2_sqlite::SqliteConnectionManager;
 use rand::distributions::{Alphanumeric, DistString};
 
-use crate::consts;
+use crate::{consts, user};
 use crate::hash::{hash, verify_password};
 use crate::model;
 use crate::user::*;
@@ -67,7 +67,8 @@ pub enum ValidationResult {
 #[derive(Debug)]
 pub enum SignInResult {
     UserNotFound,
-    PasswordsDontMatch,
+    WrongPassword,
+    AccountNotValidated,
     Ok(String, i32), // Returns token and user id.
 }
 
@@ -197,8 +198,8 @@ impl Connection {
 
     pub fn get_recipe(&self, id: i32) -> Result<model::Recipe> {
         let con = self.pool.get()?;
-        con.query_row("SELECT [id], [title] FROM [Recipe] WHERE [id] = ?1", [id], |row| {
-            Ok(model::Recipe::new(row.get(0)?, row.get(1)?))
+        con.query_row("SELECT [id], [title], [description] FROM [Recipe] WHERE [id] = ?1", [id], |row| {
+            Ok(model::Recipe::new(row.get("id")?, row.get("title")?, row.get("description")?))
         }).map_err(DBError::from)
     }
 
@@ -213,6 +214,15 @@ impl Connection {
         }).map_err(DBError::from)
     }
 
+    pub fn load_user(&self, user_id: i32) -> Result<User> {
+        let con = self.pool.get()?;
+        con.query_row("SELECT [email] FROM [User] WHERE [id] = ?1", [user_id], |r| {
+            Ok(User {
+                email: r.get("email")?,
+            })
+        }).map_err(DBError::from)
+    }
+
     ///
     pub fn sign_up(&self, email: &str, password: &str) -> Result<SignUpResult> {
         self.sign_up_with_given_time(email, password, Utc::now())
@@ -268,19 +278,21 @@ impl Connection {
         Ok(ValidationResult::Ok(token, user_id))
     }
 
-    pub fn sign_in(&self, password: &str, email: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
+    pub fn sign_in(&self, email: &str, password: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
         let mut con = self.pool.get()?;
         let tx = con.transaction()?;
-        match tx.query_row("SELECT [id], [password] FROM [User] WHERE [email] = ?1", [email], |r| {
-            Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?))
+        match tx.query_row("SELECT [id], [password], [validation_token] FROM [User] WHERE [email] = ?1", [email], |r| {
+            Ok((r.get::<&str, i32>("id")?, r.get::<&str, String>("password")?, r.get::<&str, Option<String>>("validation_token")?))
         }).optional()? {
-            Some((id, stored_password)) => {
-                if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {
+            Some((id, stored_password, validation_token)) => {
+                if validation_token.is_some() {
+                    Ok(SignInResult::AccountNotValidated)
+                } else if verify_password(password, &stored_password).map_err(DBError::from_dyn_error)? {
                     let token = Connection::create_login_token(&tx, id, ip, user_agent)?;
                     tx.commit()?;
                     Ok(SignInResult::Ok(token, id))
                 } else {
-                    Ok(SignInResult::PasswordsDontMatch)
+                    Ok(SignInResult::WrongPassword)
                 }
             },
             None => {
@@ -387,6 +399,26 @@ mod tests {
         Ok(())
     }
 
+    #[test]
+    fn sign_up_and_sign_in_without_validation() -> Result<()> {
+        let connection = Connection::new_in_memory()?;
+
+        let email = "paul@test.org";
+        let password = "12345";
+
+        match connection.sign_up(email, password)? {
+            SignUpResult::UserCreatedWaitingForValidation(_) => (), // Nominal case.
+            other => panic!("{:?}", other),
+        }
+
+        match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
+            SignInResult::AccountNotValidated => (), // Nominal case.
+            other => panic!("{:?}", other),
+        }
+
+        Ok(())
+    }
+
     #[test]
     fn sign_up_to_an_unvalidated_already_existing_user() -> Result<()> {
         let connection = Connection::new_in_memory()?;
@@ -475,7 +507,7 @@ mod tests {
         };
 
         // Sign in.
-        match connection.sign_in(password, email, "127.0.0.1", "Mozilla/5.0")? {
+        match connection.sign_in(email, password, "127.0.0.1", "Mozilla/5.0")? {
             SignInResult::Ok(_, _) => (), // Nominal case.
             other => panic!("{:?}", other),
         }
@@ -554,7 +586,7 @@ mod tests {
 
         // Sign in.
         let (authentication_token_2, user_id_2) =
-            match connection.sign_in(password, email, "192.168.1.1", "Chrome")? {
+            match connection.sign_in(email, password, "192.168.1.1", "Chrome")? {
                 SignInResult::Ok(token, user_id) => (token, user_id),
                 other => panic!("{:?}", other),
             };