From 77abf8811a2f988f4f514f98e63bed8332e2b039 Mon Sep 17 00:00:00 2001 From: Sphereso Date: Fri, 5 Jul 2024 21:24:32 +0200 Subject: [PATCH] backend: jwt token --- crates/backend/src/auth.rs | 26 ++++++++++++++++++++++++++ crates/backend/src/controller/auth.rs | 10 +++++----- crates/backend/src/main.rs | 9 ++++++++- 3 files changed, 39 insertions(+), 6 deletions(-) create mode 100644 crates/backend/src/auth.rs diff --git a/crates/backend/src/auth.rs b/crates/backend/src/auth.rs new file mode 100644 index 0000000..35129ee --- /dev/null +++ b/crates/backend/src/auth.rs @@ -0,0 +1,26 @@ +use jsonwebtoken::{EncodingKey, Header, Validation}; +use migration::token; +use serde::{Deserialize, Serialize}; +use uuid::Uuid; + +#[derive(Deserialize, Serialize)] +struct Claims { + sub: Uuid, + name: String, +} + +pub fn create_jwt( + user: entity::user::Model, + key: &EncodingKey, +) -> Result { + let claims = Claims { + sub: user.id, + name: user.name, + }; + jsonwebtoken::encode(&Header::default(), &claims, key) +} + +pub fn verify(token: &str) { + let validation = Validation::new(jsonwebtoken::Algorithm::HS256); + // jsonwebtoken::decode(token, , validation) +} diff --git a/crates/backend/src/controller/auth.rs b/crates/backend/src/controller/auth.rs index de0e326..8ec2d10 100644 --- a/crates/backend/src/controller/auth.rs +++ b/crates/backend/src/controller/auth.rs @@ -1,14 +1,12 @@ use actix_web::{ error::{ErrorBadRequest, ErrorInternalServerError}, - web, Responder, + web, HttpResponse, Responder, }; use argon2::{Argon2, PasswordHash, PasswordVerifier}; use sea_orm::{ColumnTrait, EntityTrait, QueryFilter}; use serde::Deserialize; -use crate::AppState; - -use super::user::UserWithoutPassword; +use crate::{auth::create_jwt, AppState}; #[derive(Deserialize)] pub struct LoginRequest { @@ -24,6 +22,7 @@ impl AuthController { login: web::Json, ) -> actix_web::Result { let db = &state.db; + let jwt_secret = &state.secret; let login = login.into_inner(); let user = entity::user::Entity::find() @@ -39,6 +38,7 @@ impl AuthController { .verify_password(login.password.as_bytes(), &parsed_hash) .map_err(ErrorBadRequest)?; - Ok(web::Json(UserWithoutPassword::from(user))) + let jwt = create_jwt(user, jwt_secret).map_err(ErrorInternalServerError)?; + Ok(HttpResponse::Ok().body(jwt)) } } diff --git a/crates/backend/src/main.rs b/crates/backend/src/main.rs index b779476..313ca8e 100644 --- a/crates/backend/src/main.rs +++ b/crates/backend/src/main.rs @@ -1,15 +1,18 @@ use actix_web::{web, App, HttpServer}; +use jsonwebtoken::EncodingKey; use migration::MigratorTrait; use sea_orm::{Database, DatabaseConnection}; use std::env; use routes::config; +mod auth; mod controller; mod routes; #[derive(Clone)] struct AppState { db: DatabaseConnection, + secret: EncodingKey, } #[actix_web::main] @@ -20,6 +23,7 @@ async fn main() -> std::io::Result<()> { dotenvy::dotenv().ok(); let db_url = env::var("DATABASE_URL").expect("DATABASE_URL must be set"); + let jwt_secret = env::var("TOKEN_SECRET").expect("TOKEN_SECRET must be set"); let conn = Database::connect(&db_url) .await @@ -31,7 +35,10 @@ async fn main() -> std::io::Result<()> { .expect("Running migrations failed"); println!("Finished running migrations"); - let state = AppState { db: conn }; + let state = AppState { + db: conn, + secret: EncodingKey::from_secret(jwt_secret.as_bytes()), + }; println!("Listening for connections..."); HttpServer::new(move || {