AppFlowy/backend/src/user_service/auth.rs

use crate::{
    entities::{token::Token, user::UserTable},
    user_service::{hash_password, verify_password},
};
use actix_identity::Identity;
use anyhow::Context;
use chrono::Utc;
use flowy_net::{
    errors::{ErrorCode, ServerError},
    response::FlowyResponse,
};
use flowy_user::{
    entities::{parser::UserName, SignInResponse, SignUpResponse},
    prelude::parser::{UserEmail, UserPassword},
    protobuf::{SignInParams, SignUpParams},
};
use sqlx::{PgPool, Postgres, Transaction};

pub async fn sign_in(
    pool: &PgPool,
    params: SignInParams,
    id: Identity,
) -> Result<FlowyResponse, ServerError> {
    let email =
        UserEmail::parse(params.email).map_err(|e| ServerError::params_invalid().context(e))?;
    let password = UserPassword::parse(params.password)
        .map_err(|e| ServerError::params_invalid().context(e))?;

    let mut transaction = pool
        .begin()
        .await
        .context("Failed to acquire a Postgres connection to sign in")?;

    let user = read_user(&mut transaction, &email.0).await?;
    transaction
        .commit()
        .await
        .context("Failed to commit SQL transaction to sign in.")?;

    match verify_password(&password.0, &user.password) {
        Ok(true) => {
            let token = Token::create_token(&user)?;
            let data = SignInResponse {
                uid: user.id.to_string(),
                name: user.name,
                email: user.email,
                token: token.into(),
            };
            id.remember(data.token.clone());
            FlowyResponse::success().data(data)
        },
        _ => Err(ServerError::password_not_match()),
    }
}

pub async fn register_user(
    pool: &PgPool,
    params: SignUpParams,
) -> Result<FlowyResponse, ServerError> {
    let name =
        UserName::parse(params.name).map_err(|e| ServerError::params_invalid().context(e))?;
    let email =
        UserEmail::parse(params.email).map_err(|e| ServerError::params_invalid().context(e))?;
    let password = UserPassword::parse(params.password)
        .map_err(|e| ServerError::params_invalid().context(e))?;

    let mut transaction = pool
        .begin()
        .await
        .context("Failed to acquire a Postgres connection to register user")?;

    let _ = is_email_exist(&mut transaction, email.as_ref()).await?;
    let data = insert_user(
        &mut transaction,
        name.as_ref(),
        email.as_ref(),
        password.as_ref(),
    )
    .await
    .context("Failed to insert user")?;

    transaction
        .commit()
        .await
        .context("Failed to commit SQL transaction to register user.")?;

    FlowyResponse::success().data(data)
}

async fn is_email_exist(
    transaction: &mut Transaction<'_, Postgres>,
    email: &str,
) -> Result<(), ServerError> {
    let result = sqlx::query(r#"SELECT email FROM user_table WHERE email = $1"#)
        .bind(email)
        .fetch_optional(transaction)
        .await
        .map_err(|err| ServerError::internal().context(err))?;

    match result {
        Some(_) => Err(ServerError {
            code: ErrorCode::EmailAlreadyExists,
            msg: format!("{} already exists", email),
        }),
        None => Ok(()),
    }
}

async fn read_user(
    transaction: &mut Transaction<'_, Postgres>,
    email: &str,
) -> Result<UserTable, ServerError> {
    let user = sqlx::query_as::<Postgres, UserTable>("SELECT * FROM user_table WHERE email = $1")
        .bind(email)
        .fetch_one(transaction)
        .await
        .map_err(|err| ServerError::internal().context(err))?;

    Ok(user)
}

async fn insert_user(
    transaction: &mut Transaction<'_, Postgres>,
    name: &str,
    email: &str,
    password: &str,
) -> Result<SignUpResponse, ServerError> {
    let uuid = uuid::Uuid::new_v4();
    let password = hash_password(password)?;
    let _ = sqlx::query!(
        r#"
            INSERT INTO user_table (id, email, name, create_time, password)
            VALUES ($1, $2, $3, $4, $5)
        "#,
        uuid,
        email,
        name,
        Utc::now(),
        password,
    )
    .execute(transaction)
    .await
    .map_err(|e| ServerError::internal().context(e))?;

    let data = SignUpResponse {
        uid: uuid.to_string(),
        name: name.to_string(),
        email: email.to_string(),
    };

    Ok(data)
}
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`use crate::{`
workspace crud 2021-08-24 21:38:53 +08:00			`entities::{token::Token, user::UserTable},`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`user_service::{hash_password, verify_password},`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`};`
			`use actix_identity::Identity;`
			`use anyhow::Context;`
			`use chrono::Utc;`
			`use flowy_net::{`
app crud & test 2021-08-25 17:34:20 +08:00			`errors::{ErrorCode, ServerError},`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`response::FlowyResponse,`
			`};`
			`use flowy_user::{`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`entities::{parser::UserName, SignInResponse, SignUpResponse},`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`prelude::parser::{UserEmail, UserPassword},`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`protobuf::{SignInParams, SignUpParams},`
			`};`
read belongings 2021-08-26 10:19:50 +08:00			`use sqlx::{PgPool, Postgres, Transaction};`
save user password with bcrypt 2021-08-23 18:39:10 +08:00
			`pub async fn sign_in(`
			`pool: &PgPool,`
			`params: SignInParams,`
			`id: Identity,`
			`) -> Result<FlowyResponse, ServerError> {`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`let email =`
			`UserEmail::parse(params.email).map_err(\|e\| ServerError::params_invalid().context(e))?;`
			`let password = UserPassword::parse(params.password)`
			`.map_err(\|e\| ServerError::params_invalid().context(e))?;`

save user password with bcrypt 2021-08-23 18:39:10 +08:00			`let mut transaction = pool`
			`.begin()`
			`.await`
			`.context("Failed to acquire a Postgres connection to sign in")?;`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00
			`let user = read_user(&mut transaction, &email.0).await?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`transaction`
			`.commit()`
			`.await`
			`.context("Failed to commit SQL transaction to sign in.")?;`

check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`match verify_password(&password.0, &user.password) {`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`Ok(true) => {`
			`let token = Token::create_token(&user)?;`
			`let data = SignInResponse {`
			`uid: user.id.to_string(),`
			`name: user.name,`
			`email: user.email,`
			`token: token.into(),`
			`};`
			`id.remember(data.token.clone());`
workspace crud 2021-08-24 21:38:53 +08:00			`FlowyResponse::success().data(data)`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`},`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`_ => Err(ServerError::password_not_match()),`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`}`
			`}`

			`pub async fn register_user(`
			`pool: &PgPool,`
			`params: SignUpParams,`
			`) -> Result<FlowyResponse, ServerError> {`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`let name =`
			`UserName::parse(params.name).map_err(\|e\| ServerError::params_invalid().context(e))?;`
			`let email =`
			`UserEmail::parse(params.email).map_err(\|e\| ServerError::params_invalid().context(e))?;`
			`let password = UserPassword::parse(params.password)`
			`.map_err(\|e\| ServerError::params_invalid().context(e))?;`

save user password with bcrypt 2021-08-23 18:39:10 +08:00			`let mut transaction = pool`
			`.begin()`
			`.await`
			`.context("Failed to acquire a Postgres connection to register user")?;`

add workspace/app/view router 2021-08-24 13:10:53 +08:00			`let _ = is_email_exist(&mut transaction, email.as_ref()).await?;`
			`let data = insert_user(`
			`&mut transaction,`
			`name.as_ref(),`
			`email.as_ref(),`
			`password.as_ref(),`
			`)`
			`.await`
			`.context("Failed to insert user")?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00
			`transaction`
			`.commit()`
			`.await`
			`.context("Failed to commit SQL transaction to register user.")?;`

workspace crud 2021-08-24 21:38:53 +08:00			`FlowyResponse::success().data(data)`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`}`

			`async fn is_email_exist(`
			`transaction: &mut Transaction<'_, Postgres>,`
			`email: &str,`
			`) -> Result<(), ServerError> {`
			`let result = sqlx::query(r#"SELECT email FROM user_table WHERE email = $1"#)`
			`.bind(email)`
			`.fetch_optional(transaction)`
			`.await`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`.map_err(\|err\| ServerError::internal().context(err))?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00
			`match result {`
			`Some(_) => Err(ServerError {`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`code: ErrorCode::EmailAlreadyExists,`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`msg: format!("{} already exists", email),`
			`}),`
			`None => Ok(()),`
			`}`
			`}`

			`async fn read_user(`
			`transaction: &mut Transaction<'_, Postgres>,`
			`email: &str,`
workspace crud 2021-08-24 21:38:53 +08:00			`) -> Result<UserTable, ServerError> {`
			`let user = sqlx::query_as::<Postgres, UserTable>("SELECT * FROM user_table WHERE email = $1")`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`.bind(email)`
			`.fetch_one(transaction)`
			`.await`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`.map_err(\|err\| ServerError::internal().context(err))?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00
			`Ok(user)`
			`}`

			`async fn insert_user(`
			`transaction: &mut Transaction<'_, Postgres>,`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`name: &str,`
			`email: &str,`
			`password: &str,`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`) -> Result<SignUpResponse, ServerError> {`
			`let uuid = uuid::Uuid::new_v4();`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`let password = hash_password(password)?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`let _ = sqlx::query!(`
			`r#"`
			`INSERT INTO user_table (id, email, name, create_time, password)`
			`VALUES ($1, $2, $3, $4, $5)`
			`"#,`
			`uuid,`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`email,`
			`name,`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`Utc::now(),`
test server api: register user and sign in 2021-08-23 22:10:36 +08:00			`password,`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`)`
			`.execute(transaction)`
			`.await`
check params using flowy-user entities 2021-08-23 23:02:42 +08:00			`.map_err(\|e\| ServerError::internal().context(e))?;`
save user password with bcrypt 2021-08-23 18:39:10 +08:00
			`let data = SignUpResponse {`
			`uid: uuid.to_string(),`
add workspace/app/view router 2021-08-24 13:10:53 +08:00			`name: name.to_string(),`
			`email: email.to_string(),`
save user password with bcrypt 2021-08-23 18:39:10 +08:00			`};`

			`Ok(data)`
			`}`