matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-08-09 04:22:45 +03:00
Code Activity

handlers: extract the PgRepository from the request

Browse Source 
Also fix a bunch of clippy errors & doctests
This commit is contained in:
Quentin Gliech
2023-01-18 18:21:45 +01:00
parent 9005931e2a
commit 876bc9fcb3
29 changed files with 79 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates/data-model/src/tokens.rs
View File

@@ -190,8 +190,8 @@ impl TokenType {
/// use rand::thread_rng;
/// use mas_data_model::TokenType::{AccessToken, RefreshToken};
///
/// AccessToken.generate(thread_rng());
/// RefreshToken.generate(thread_rng());
/// AccessToken.generate(&mut thread_rng());
/// RefreshToken.generate(&mut thread_rng());
/// ```
pub fn generate(self, rng: &mut (impl RngCore + ?Sized)) -> String {
let random_part: String = rng

27
crates/handlers/src/app_state.rs
View File

@@ -17,16 +17,20 @@ use std::{convert::Infallible, sync::Arc};
use axum::{
async_trait,
extract::{FromRef, FromRequestParts},
response::IntoResponse,
};
use hyper::StatusCode;
use mas_axum_utils::http_client_factory::HttpClientFactory;
use mas_email::Mailer;
use mas_keystore::{Encrypter, Keystore};
use mas_policy::PolicyFactory;
use mas_router::UrlBuilder;
use mas_storage::{BoxClock, BoxRng, SystemClock};
use mas_storage_pg::PgRepository;
use mas_templates::Templates;
use rand::SeedableRng;
use sqlx::PgPool;
use thiserror::Error;
use crate::{passwords::PasswordManager, MatrixHomeserver};
@@ -140,3 +144,26 @@ impl FromRequestParts<AppState> for BoxRng {
Ok(Box::new(rng))
}
}
#[derive(Debug, Error)]
#[error(transparent)]
pub struct RepositoryError(#[from] mas_storage_pg::DatabaseError);
impl IntoResponse for RepositoryError {
fn into_response(self) -> axum::response::Response {
(StatusCode::INTERNAL_SERVER_ERROR, self.0.to_string()).into_response()
}
}
#[async_trait]
impl FromRequestParts<AppState> for PgRepository {
type Rejection = RepositoryError;
async fn from_request_parts(
_parts: &mut axum::http::request::Parts,
state: &AppState,
) -> Result<Self, Self::Rejection> {
let repo = PgRepository::from_pool(&state.pool).await?;
Ok(repo)
}
}

4
crates/handlers/src/compat/login.rs
View File

@@ -28,7 +28,6 @@ use mas_storage_pg::PgRepository;
use rand::{CryptoRng, RngCore};
use serde::{Deserialize, Serialize};
use serde_with::{serde_as, skip_serializing_none, DurationMilliSeconds};
use sqlx::PgPool;
use thiserror::Error;
use zeroize::Zeroizing;
@@ -197,11 +196,10 @@ pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(password_manager): State<PasswordManager>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(homeserver): State<MatrixHomeserver>,
Json(input): Json<RequestBody>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session, user) = match input.credentials {
Credentials::Password {
identifier: Identifier::User { user },

9
crates/handlers/src/compat/login_sso_complete.rs
View File

@@ -36,7 +36,6 @@ use mas_storage::{
use mas_storage_pg::PgRepository;
use mas_templates::{CompatSsoContext, ErrorContext, TemplateContext, Templates};
use serde::{Deserialize, Serialize};
use sqlx::PgPool;
use ulid::Ulid;
#[derive(Serialize)]
@@ -56,14 +55,12 @@ pub struct Params {
pub async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(templates): State<Templates>,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(id): Path<Ulid>,
Query(params): Query<Params>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
@@ -120,15 +117,13 @@ pub async fn get(
pub async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(templates): State<Templates>,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(id): Path<Ulid>,
Query(params): Query<Params>,
Form(form): Form<ProtectedForm<()>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
cookie_jar.verify_form(&clock, form)?;

4
crates/handlers/src/compat/login_sso_redirect.rs
View File

@@ -24,7 +24,6 @@ use mas_storage_pg::PgRepository;
use rand::distributions::{Alphanumeric, DistString};
use serde::Deserialize;
use serde_with::serde;
use sqlx::PgPool;
use thiserror::Error;
use url::Url;
@@ -60,7 +59,7 @@ impl IntoResponse for RouteError {
pub async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(url_builder): State<UrlBuilder>,
Query(params): Query<Params>,
) -> Result<impl IntoResponse, RouteError> {
@@ -79,7 +78,6 @@ pub async fn get(
}
let token = Alphanumeric.sample_string(&mut rng, 32);
let mut repo = PgRepository::from_pool(&pool).await?;
let login = repo
.compat_sso_login()
.add(&mut rng, &clock, token, redirect_url)

7
crates/handlers/src/compat/logout.rs
View File

@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use axum::{extract::State, response::IntoResponse, Json, TypedHeader};
use axum::{response::IntoResponse, Json, TypedHeader};
use headers::{authorization::Bearer, Authorization};
use hyper::StatusCode;
use mas_data_model::TokenType;
@@ -21,7 +21,6 @@ use mas_storage::{
BoxClock, Clock, Repository,
};
use mas_storage_pg::PgRepository;
use sqlx::PgPool;
use thiserror::Error;
use super::MatrixError;
@@ -69,11 +68,9 @@ impl IntoResponse for RouteError {
pub(crate) async fn post(
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
maybe_authorization: Option<TypedHeader<Authorization<Bearer>>>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let TypedHeader(authorization) = maybe_authorization.ok_or(RouteError::MissingAuthorization)?;
let token = authorization.token();

7
crates/handlers/src/compat/refresh.rs
View File

@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use axum::{extract::State, response::IntoResponse, Json};
use axum::{response::IntoResponse, Json};
use chrono::Duration;
use hyper::StatusCode;
use mas_data_model::{TokenFormatError, TokenType};
@@ -23,7 +23,6 @@ use mas_storage::{
use mas_storage_pg::PgRepository;
use serde::{Deserialize, Serialize};
use serde_with::{serde_as, DurationMilliSeconds};
use sqlx::PgPool;
use thiserror::Error;
use super::MatrixError;
@@ -90,11 +89,9 @@ pub struct ResponseBody {
pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
Json(input): Json<RequestBody>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let token_type = TokenType::check(&input.refresh_token)?;
if token_type != TokenType::CompatRefreshToken {

14
crates/handlers/src/lib.rs
View File

@@ -21,7 +21,10 @@
)]
#![warn(clippy::pedantic)]
#![allow(
clippy::unused_async // Some axum handlers need that
// Some axum handlers need that
clippy::unused_async,
// Because of how axum handlers work, we sometime have take many arguments
clippy::too_many_arguments,
)]
use std::{convert::Infallible, sync::Arc, time::Duration};
@@ -41,6 +44,7 @@ use mas_keystore::{Encrypter, Keystore};
use mas_policy::PolicyFactory;
use mas_router::{Route, UrlBuilder};
use mas_storage::{BoxClock, BoxRng};
use mas_storage_pg::PgRepository;
use mas_templates::{ErrorContext, Templates};
use passwords::PasswordManager;
use sqlx::PgPool;
@@ -154,7 +158,7 @@ where
Keystore: FromRef<S>,
UrlBuilder: FromRef<S>,
Arc<PolicyFactory>: FromRef<S>,
PgPool: FromRef<S>,
PgRepository: FromRequestParts<S>,
Encrypter: FromRef<S>,
HttpClientFactory: FromRef<S>,
BoxClock: FromRequestParts<S>,
@@ -209,7 +213,7 @@ where
<B as HttpBody>::Error: std::error::Error + Send + Sync,
S: Clone + Send + Sync + 'static,
UrlBuilder: FromRef<S>,
PgPool: FromRef<S>,
PgRepository: FromRequestParts<S>,
MatrixHomeserver: FromRef<S>,
PasswordManager: FromRef<S>,
BoxClock: FromRequestParts<S>,
@@ -254,7 +258,7 @@ where
S: Clone + Send + Sync + 'static,
UrlBuilder: FromRef<S>,
Arc<PolicyFactory>: FromRef<S>,
PgPool: FromRef<S>,
PgRepository: FromRequestParts<S>,
Encrypter: FromRef<S>,
Templates: FromRef<S>,
Mailer: FromRef<S>,
@@ -358,7 +362,7 @@ where
}
#[cfg(test)]
async fn test_state(pool: PgPool) -> Result<AppState, anyhow::Error> {
async fn test_state(pool: sqlx::PgPool) -> Result<AppState, anyhow::Error> {
use mas_email::MailTransport;
use crate::passwords::Hasher;

5
crates/handlers/src/oauth2/authorization/complete.rs
View File

@@ -32,7 +32,6 @@ use mas_storage::{
use mas_storage_pg::PgRepository;
use mas_templates::Templates;
use oauth2_types::requests::{AccessTokenResponse, AuthorizationResponse};
use sqlx::PgPool;
use thiserror::Error;
use ulid::Ulid;
@@ -82,12 +81,10 @@ pub(crate) async fn get(
clock: BoxClock,
State(policy_factory): State<Arc<PolicyFactory>>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(grant_id): Path<Ulid>,
) -> Result<Response, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let maybe_session = session_info.load_session(&mut repo).await?;

5
crates/handlers/src/oauth2/authorization/mod.rs
View File

@@ -39,7 +39,6 @@ use oauth2_types::{
};
use rand::{distributions::Alphanumeric, Rng};
use serde::Deserialize;
use sqlx::PgPool;
use thiserror::Error;
use self::{callback::CallbackDestination, complete::GrantCompletionError};
@@ -136,12 +135,10 @@ pub(crate) async fn get(
clock: BoxClock,
State(policy_factory): State<Arc<PolicyFactory>>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(params): Form<Params>,
) -> Result<Response, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
// First, figure out what client it is
let client = repo
.oauth2_client()

9
crates/handlers/src/oauth2/consent.rs
View File

@@ -34,7 +34,6 @@ use mas_storage::{
};
use mas_storage_pg::PgRepository;
use mas_templates::{ConsentContext, PolicyViolationContext, TemplateContext, Templates};
use sqlx::PgPool;
use thiserror::Error;
use ulid::Ulid;
@@ -78,12 +77,10 @@ pub(crate) async fn get(
clock: BoxClock,
State(policy_factory): State<Arc<PolicyFactory>>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(grant_id): Path<Ulid>,
) -> Result<Response, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let maybe_session = session_info.load_session(&mut repo).await?;
@@ -133,13 +130,11 @@ pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(policy_factory): State<Arc<PolicyFactory>>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(grant_id): Path<Ulid>,
Form(form): Form<ProtectedForm<()>>,
) -> Result<Response, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
cookie_jar.verify_form(&clock, form)?;
let (session_info, cookie_jar) = cookie_jar.session_info();

5
crates/handlers/src/oauth2/introspection.rs
View File

@@ -33,7 +33,6 @@ use oauth2_types::{
requests::{IntrospectionRequest, IntrospectionResponse},
scope::ScopeToken,
};
use sqlx::PgPool;
use thiserror::Error;
use crate::impl_from_error_for_route;
@@ -126,12 +125,10 @@ const API_SCOPE: ScopeToken = ScopeToken::from_static("urn:matrix:org.matrix.msc
pub(crate) async fn post(
clock: BoxClock,
State(http_client_factory): State<HttpClientFactory>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(encrypter): State<Encrypter>,
client_authorization: ClientAuthorization<IntrospectionRequest>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let client = client_authorization
.credentials
.fetch(&mut repo)

5
crates/handlers/src/oauth2/registration.rs
View File

@@ -28,7 +28,6 @@ use oauth2_types::{
},
};
use rand::distributions::{Alphanumeric, DistString};
use sqlx::PgPool;
use thiserror::Error;
use tracing::info;
@@ -109,7 +108,7 @@ impl IntoResponse for RouteError {
pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(policy_factory): State<Arc<PolicyFactory>>,
State(encrypter): State<Encrypter>,
Json(body): Json<ClientMetadata>,
@@ -125,8 +124,6 @@ pub(crate) async fn post(
return Err(RouteError::PolicyDenied(res.violations));
}
let mut repo = PgRepository::from_pool(&pool).await?;
let (client_secret, encrypted_client_secret) = match metadata.token_endpoint_auth_method {
Some(
OAuthClientAuthenticationMethod::ClientSecretJwt

5
crates/handlers/src/oauth2/token.rs
View File

@@ -50,7 +50,6 @@ use oauth2_types::{
};
use serde::Serialize;
use serde_with::{serde_as, skip_serializing_none};
use sqlx::PgPool;
use thiserror::Error;
use tracing::debug;
use url::Url;
@@ -164,12 +163,10 @@ pub(crate) async fn post(
State(http_client_factory): State<HttpClientFactory>,
State(key_store): State<Keystore>,
State(url_builder): State<UrlBuilder>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(encrypter): State<Encrypter>,
client_authorization: ClientAuthorization<AccessTokenRequest>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let client = client_authorization
.credentials
.fetch(&mut repo)

5
crates/handlers/src/oauth2/userinfo.rs
View File

@@ -37,7 +37,6 @@ use mas_storage_pg::PgRepository;
use oauth2_types::scope;
use serde::Serialize;
use serde_with::skip_serializing_none;
use sqlx::PgPool;
use thiserror::Error;
use crate::impl_from_error_for_route;
@@ -101,12 +100,10 @@ pub async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(url_builder): State<UrlBuilder>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(key_store): State<Keystore>,
user_authorization: UserAuthorization,
) -> Result<Response, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let session = user_authorization.protected(&mut repo, &clock).await?;
let browser_session = repo

5
crates/handlers/src/upstream_oauth2/authorize.rs
View File

@@ -27,7 +27,6 @@ use mas_storage::{
BoxClock, BoxRng, Repository,
};
use mas_storage_pg::PgRepository;
use sqlx::PgPool;
use thiserror::Error;
use ulid::Ulid;
@@ -61,14 +60,12 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(http_client_factory): State<HttpClientFactory>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(url_builder): State<UrlBuilder>,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(provider_id): Path<Ulid>,
Query(query): Query<OptionalPostAuthAction>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let provider = repo
.upstream_oauth_provider()
.lookup(provider_id)

5
crates/handlers/src/upstream_oauth2/callback.rs
View File

@@ -35,7 +35,6 @@ use mas_storage::{
use mas_storage_pg::PgRepository;
use oauth2_types::errors::ClientErrorCode;
use serde::Deserialize;
use sqlx::PgPool;
use thiserror::Error;
use ulid::Ulid;
@@ -124,7 +123,7 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(http_client_factory): State<HttpClientFactory>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(url_builder): State<UrlBuilder>,
State(encrypter): State<Encrypter>,
State(keystore): State<Keystore>,
@@ -132,8 +131,6 @@ pub(crate) async fn get(
Path(provider_id): Path<Ulid>,
Query(params): Query<QueryParams>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let provider = repo
.upstream_oauth_provider()
.lookup(provider_id)

7
crates/handlers/src/upstream_oauth2/link.rs
View File

@@ -35,7 +35,6 @@ use mas_templates::{
UpstreamSuggestLink,
};
use serde::Deserialize;
use sqlx::PgPool;
use thiserror::Error;
use ulid::Ulid;
@@ -96,12 +95,11 @@ pub(crate) enum FormData {
pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(templates): State<Templates>,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(link_id): Path<Ulid>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let sessions_cookie = UpstreamSessionsCookie::load(&cookie_jar);
let (session_id, _post_auth_action) = sessions_cookie
.lookup_link(link_id)
@@ -213,12 +211,11 @@ pub(crate) async fn get(
pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Path(link_id): Path<Ulid>,
Form(form): Form<ProtectedForm<FormData>>,
) -> Result<impl IntoResponse, RouteError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let sessions_cookie = UpstreamSessionsCookie::load(&cookie_jar);

9
crates/handlers/src/views/account/emails/add.rs
View File

@@ -28,7 +28,6 @@ use mas_storage::{user::UserEmailRepository, BoxClock, BoxRng, Repository};
use mas_storage_pg::PgRepository;
use mas_templates::{EmailAddContext, TemplateContext, Templates};
use serde::Deserialize;
use sqlx::PgPool;
use super::start_email_verification;
use crate::views::shared::OptionalPostAuthAction;
@@ -42,11 +41,9 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -71,14 +68,12 @@ pub(crate) async fn get(
pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(mailer): State<Mailer>,
cookie_jar: PrivateCookieJar<Encrypter>,
Query(query): Query<OptionalPostAuthAction>,
Form(form): Form<ProtectedForm<EmailForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (session_info, cookie_jar) = cookie_jar.session_info();

9
crates/handlers/src/views/account/emails/mod.rs
View File

@@ -33,7 +33,6 @@ use mas_storage_pg::PgRepository;
use mas_templates::{AccountEmailsContext, EmailVerificationContext, TemplateContext, Templates};
use rand::{distributions::Uniform, Rng};
use serde::Deserialize;
use sqlx::PgPool;
use tracing::info;
pub mod add;
@@ -52,11 +51,9 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let maybe_session = session_info.load_session(&mut repo).await?;
@@ -127,13 +124,11 @@ pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
State(mailer): State<Mailer>,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<ManagementForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let maybe_session = session_info.load_session(&mut repo).await?;

9
crates/handlers/src/views/account/emails/verify.rs
View File

@@ -28,7 +28,6 @@ use mas_storage::{user::UserEmailRepository, BoxClock, BoxRng, Repository};
use mas_storage_pg::PgRepository;
use mas_templates::{EmailVerificationPageContext, TemplateContext, Templates};
use serde::Deserialize;
use sqlx::PgPool;
use ulid::Ulid;
use crate::views::shared::OptionalPostAuthAction;
@@ -42,13 +41,11 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
Path(id): Path<Ulid>,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -85,14 +82,12 @@ pub(crate) async fn get(
pub(crate) async fn post(
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Query(query): Query<OptionalPostAuthAction>,
Path(id): Path<Ulid>,
Form(form): Form<ProtectedForm<CodeForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (session_info, cookie_jar) = cookie_jar.session_info();

5
crates/handlers/src/views/account/mod.rs
View File

@@ -29,17 +29,14 @@ use mas_storage::{
};
use mas_storage_pg::PgRepository;
use mas_templates::{AccountContext, TemplateContext, Templates};
use sqlx::PgPool;
pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();

9
crates/handlers/src/views/account/password.rs
View File

@@ -33,7 +33,6 @@ use mas_storage_pg::PgRepository;
use mas_templates::{EmptyContext, TemplateContext, Templates};
use rand::Rng;
use serde::Deserialize;
use sqlx::PgPool;
use zeroize::Zeroizing;
use crate::passwords::PasswordManager;
@@ -49,11 +48,9 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (session_info, cookie_jar) = cookie_jar.session_info();
let maybe_session = session_info.load_session(&mut repo).await?;
@@ -89,12 +86,10 @@ pub(crate) async fn post(
clock: BoxClock,
State(password_manager): State<PasswordManager>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<ChangeForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (session_info, cookie_jar) = cookie_jar.session_info();

5
crates/handlers/src/views/index.rs
View File

@@ -23,18 +23,15 @@ use mas_router::UrlBuilder;
use mas_storage::{BoxClock, BoxRng};
use mas_storage_pg::PgRepository;
use mas_templates::{IndexContext, TemplateContext, Templates};
use sqlx::PgPool;
pub async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(url_builder): State<UrlBuilder>,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<impl IntoResponse, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
let session = session_info.load_session(&mut repo).await?;

9
crates/handlers/src/views/login.rs
View File

@@ -34,7 +34,6 @@ use mas_templates::{
};
use rand::{CryptoRng, Rng};
use serde::{Deserialize, Serialize};
use sqlx::PgPool;
use zeroize::Zeroizing;
use super::shared::OptionalPostAuthAction;
@@ -54,12 +53,10 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -88,13 +85,11 @@ pub(crate) async fn post(
clock: BoxClock,
State(password_manager): State<PasswordManager>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<LoginForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);

10
crates/handlers/src/views/logout.rs
View File

@@ -12,10 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
use axum::{
extract::{Form, State},
response::IntoResponse,
};
use axum::{extract::Form, response::IntoResponse};
use axum_extra::extract::PrivateCookieJar;
use mas_axum_utils::{
csrf::{CsrfExt, ProtectedForm},
@@ -25,16 +22,13 @@ use mas_keystore::Encrypter;
use mas_router::{PostAuthAction, Route};
use mas_storage::{user::BrowserSessionRepository, BoxClock, Repository};
use mas_storage_pg::PgRepository;
use sqlx::PgPool;
pub(crate) async fn post(
clock: BoxClock,
State(pool): State<PgPool>,
mut repo: PgRepository,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<Option<PostAuthAction>>>,
) -> Result<impl IntoResponse, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (session_info, mut cookie_jar) = cookie_jar.session_info();

9
crates/handlers/src/views/reauth.rs
View File

@@ -31,7 +31,6 @@ use mas_storage::{
use mas_storage_pg::PgRepository;
use mas_templates::{ReauthContext, TemplateContext, Templates};
use serde::Deserialize;
use sqlx::PgPool;
use zeroize::Zeroizing;
use super::shared::OptionalPostAuthAction;
@@ -46,12 +45,10 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -84,13 +81,11 @@ pub(crate) async fn post(
mut rng: BoxRng,
clock: BoxClock,
State(password_manager): State<PasswordManager>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<ReauthForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (session_info, cookie_jar) = cookie_jar.session_info();

9
crates/handlers/src/views/register.rs
View File

@@ -42,7 +42,6 @@ use mas_templates::{
};
use rand::{distributions::Uniform, Rng};
use serde::{Deserialize, Serialize};
use sqlx::PgPool;
use zeroize::Zeroizing;
use super::shared::OptionalPostAuthAction;
@@ -64,12 +63,10 @@ pub(crate) async fn get(
mut rng: BoxRng,
clock: BoxClock,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
let (session_info, cookie_jar) = cookie_jar.session_info();
@@ -100,13 +97,11 @@ pub(crate) async fn post(
State(mailer): State<Mailer>,
State(policy_factory): State<Arc<PolicyFactory>>,
State(templates): State<Templates>,
State(pool): State<PgPool>,
mut repo: PgRepository,
Query(query): Query<OptionalPostAuthAction>,
cookie_jar: PrivateCookieJar<Encrypter>,
Form(form): Form<ProtectedForm<RegisterForm>>,
) -> Result<Response, FancyError> {
let mut repo = PgRepository::from_pool(&pool).await?;
let form = cookie_jar.verify_form(&clock, form)?;
let (csrf_token, cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);

6
crates/storage-pg/src/user/tests.rs
View File

@@ -90,7 +90,7 @@ async fn test_user_email_repo(pool: PgPool) {
// The user email should not exist yet
assert!(repo
.user_email()
.find(&user, &EMAIL)
.find(&user, EMAIL)
.await
.unwrap()
.is_none());
@@ -111,7 +111,7 @@ async fn test_user_email_repo(pool: PgPool) {
assert!(repo
.user_email()
.find(&user, &EMAIL)
.find(&user, EMAIL)
.await
.unwrap()
.is_some());
@@ -181,7 +181,7 @@ async fn test_user_email_repo(pool: PgPool) {
// Reload the user_email
let user_email = repo
.user_email()
.find(&user, &EMAIL)
.find(&user, EMAIL)
.await
.unwrap()
.expect("user email was not found");