crates/db_schema/src/impls/password_reset_request.rs

   1 use crate::{
   2   newtypes::LocalUserId,
   3   schema::password_reset_request::dsl::{
   4     local_user_id,
   5     password_reset_request,
   6     published,
   7     token_encrypted,
   8   },
   9   source::password_reset_request::{PasswordResetRequest, PasswordResetRequestForm},
  10   traits::Crud,
  11   utils::{get_conn, DbPool},
  12 };
  13 use diesel::{
  14   dsl::{insert_into, now, IntervalDsl},
  15   result::Error,
  16   ExpressionMethods,
  17   QueryDsl,
  18 };
  19 use diesel_async::RunQueryDsl;
  20 use sha2::{Digest, Sha256};
  21
  22 #[async_trait]
  23 impl Crud for PasswordResetRequest {
  24   type InsertForm = PasswordResetRequestForm;
  25   type UpdateForm = PasswordResetRequestForm;
  26   type IdType = i32;
  27
  28   async fn create(pool: &mut DbPool<'_>, form: &PasswordResetRequestForm) -> Result<Self, Error> {
  29     let conn = &mut get_conn(pool).await?;
  30     insert_into(password_reset_request)
  31       .values(form)
  32       .get_result::<Self>(conn)
  33       .await
  34   }
  35   async fn update(
  36     pool: &mut DbPool<'_>,
  37     password_reset_request_id: i32,
  38     form: &PasswordResetRequestForm,
  39   ) -> Result<Self, Error> {
  40     let conn = &mut get_conn(pool).await?;
  41     diesel::update(password_reset_request.find(password_reset_request_id))
  42       .set(form)
  43       .get_result::<Self>(conn)
  44       .await
  45   }
  46 }
  47
  48 impl PasswordResetRequest {
  49   pub async fn create_token(
  50     pool: &mut DbPool<'_>,
  51     from_local_user_id: LocalUserId,
  52     token: &str,
  53   ) -> Result<PasswordResetRequest, Error> {
  54     let mut hasher = Sha256::new();
  55     hasher.update(token);
  56     let token_hash: String = bytes_to_hex(hasher.finalize().to_vec());
  57
  58     let form = PasswordResetRequestForm {
  59       local_user_id: from_local_user_id,
  60       token_encrypted: token_hash,
  61     };
  62
  63     Self::create(pool, &form).await
  64   }
  65   pub async fn read_from_token(
  66     pool: &mut DbPool<'_>,
  67     token: &str,
  68   ) -> Result<PasswordResetRequest, Error> {
  69     let conn = &mut get_conn(pool).await?;
  70     let mut hasher = Sha256::new();
  71     hasher.update(token);
  72     let token_hash: String = bytes_to_hex(hasher.finalize().to_vec());
  73     password_reset_request
  74       .filter(token_encrypted.eq(token_hash))
  75       .filter(published.gt(now - 1.days()))
  76       .first::<Self>(conn)
  77       .await
  78   }
  79
  80   pub async fn get_recent_password_resets_count(
  81     pool: &mut DbPool<'_>,
  82     user_id: LocalUserId,
  83   ) -> Result<i64, Error> {
  84     let conn = &mut get_conn(pool).await?;
  85     password_reset_request
  86       .filter(local_user_id.eq(user_id))
  87       .filter(published.gt(now - 1.days()))
  88       .count()
  89       .get_result(conn)
  90       .await
  91   }
  92 }
  93
  94 fn bytes_to_hex(bytes: Vec<u8>) -> String {
  95   let mut str = String::new();
  96   for byte in bytes {
  97     str = format!("{str}{byte:02x}");
  98   }
  99   str
 100 }
 101
 102 #[cfg(test)]
 103 mod tests {
 104   #![allow(clippy::unwrap_used)]
 105   #![allow(clippy::indexing_slicing)]
 106
 107   use crate::{
 108     source::{
 109       instance::Instance,
 110       local_user::{LocalUser, LocalUserInsertForm},
 111       password_reset_request::PasswordResetRequest,
 112       person::{Person, PersonInsertForm},
 113     },
 114     traits::Crud,
 115     utils::build_db_pool_for_tests,
 116   };
 117   use serial_test::serial;
 118
 119   #[tokio::test]
 120   #[serial]
 121   async fn test_crud() {
 122     let pool = &build_db_pool_for_tests().await;
 123     let pool = &mut pool.into();
 124
 125     let inserted_instance = Instance::read_or_create(pool, "my_domain.tld".to_string())
 126       .await
 127       .unwrap();
 128
 129     let new_person = PersonInsertForm::builder()
 130       .name("thommy prw".into())
 131       .public_key("pubkey".to_string())
 132       .instance_id(inserted_instance.id)
 133       .build();
 134
 135     let inserted_person = Person::create(pool, &new_person).await.unwrap();
 136
 137     let new_local_user = LocalUserInsertForm::builder()
 138       .person_id(inserted_person.id)
 139       .password_encrypted("pass".to_string())
 140       .build();
 141
 142     let inserted_local_user = LocalUser::create(pool, &new_local_user).await.unwrap();
 143
 144     let token = "nope";
 145     let token_encrypted_ = "ca3704aa0b06f5954c79ee837faa152d84d6b2d42838f0637a15eda8337dbdce";
 146
 147     let inserted_password_reset_request =
 148       PasswordResetRequest::create_token(pool, inserted_local_user.id, token)
 149         .await
 150         .unwrap();
 151
 152     let expected_password_reset_request = PasswordResetRequest {
 153       id: inserted_password_reset_request.id,
 154       local_user_id: inserted_local_user.id,
 155       token_encrypted: token_encrypted_.to_string(),
 156       published: inserted_password_reset_request.published,
 157     };
 158
 159     let read_password_reset_request = PasswordResetRequest::read_from_token(pool, token)
 160       .await
 161       .unwrap();
 162     let num_deleted = Person::delete(pool, inserted_person.id).await.unwrap();
 163     Instance::delete(pool, inserted_instance.id).await.unwrap();
 164
 165     assert_eq!(expected_password_reset_request, read_password_reset_request);
 166     assert_eq!(
 167       expected_password_reset_request,
 168       inserted_password_reset_request
 169     );
 170     assert_eq!(1, num_deleted);
 171   }
 172 }