Raven/osirose-new
SHA256
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 6 Releases Wiki Activity

- chore: ran cargo fix on the codebase

Browse Source
This commit is contained in:
raven
2025-03-07 21:03:15 -05:00
parent 3b789d0fd4
commit b6f2d3f456
59 changed files with 1324 additions and 523 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
auth-service/src/database_client.rs
View File

@@ -1,4 +1,7 @@
use crate::database::{user_service_client::UserServiceClient, CreateUserRequest, CreateUserResponse, GetUserByEmailRequest, GetUserByUsernameRequest, GetUserRequest, GetUserResponse};
use crate::database::{
user_service_client::UserServiceClient, CreateUserRequest, CreateUserResponse,
GetUserByEmailRequest, GetUserByUsernameRequest, GetUserRequest, GetUserResponse,
};
use async_trait::async_trait;
use chrono::{DateTime, Utc};
use std::error::Error;
@@ -7,14 +10,43 @@ use tonic::transport::Channel;
#[async_trait]
pub trait DatabaseClientTrait: Sized {
async fn connect(endpoint: &str) -> Result<Self, Box<dyn std::error::Error>>;
async fn get_user_by_userid(&mut self, user_id: i32) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn get_user_by_username(&mut self, user_id: &str) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn get_user_by_email(&mut self, email: &str) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn create_user(&mut self, username: &str, email: &str, password: &str) -> Result<CreateUserResponse, Box<dyn std::error::Error>>;
async fn store_password_reset(&mut self, email: &str, reset_token: &str, expires_at: DateTime<Utc>) -> Result<(), Box<dyn std::error::Error>>;
async fn get_password_reset(&self, reset_token: &str) -> Result<Option<PasswordReset>, Box<dyn std::error::Error>>;
async fn delete_password_reset(&self, reset_token: &str) -> Result<(), Box<dyn std::error::Error>>;
async fn update_user_password(&self, email: &str, hashed_password: &str) -> Result<(), Box<dyn std::error::Error>>;
async fn get_user_by_userid(
&mut self,
user_id: i32,
) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn get_user_by_username(
&mut self,
user_id: &str,
) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn get_user_by_email(
&mut self,
email: &str,
) -> Result<GetUserResponse, Box<dyn std::error::Error>>;
async fn create_user(
&mut self,
username: &str,
email: &str,
password: &str,
) -> Result<CreateUserResponse, Box<dyn std::error::Error>>;
async fn store_password_reset(
&mut self,
email: &str,
reset_token: &str,
expires_at: DateTime<Utc>,
) -> Result<(), Box<dyn std::error::Error>>;
async fn get_password_reset(
&self,
reset_token: &str,
) -> Result<Option<PasswordReset>, Box<dyn std::error::Error>>;
async fn delete_password_reset(
&self,
reset_token: &str,
) -> Result<(), Box<dyn std::error::Error>>;
async fn update_user_password(
&self,
email: &str,
hashed_password: &str,
) -> Result<(), Box<dyn std::error::Error>>;
}
#[derive(Clone)]
pub struct DatabaseClient {
@@ -39,9 +71,7 @@ impl DatabaseClientTrait for DatabaseClient {
&mut self,
user_id: i32,
) -> Result<GetUserResponse, Box<dyn std::error::Error>> {
let request = tonic::Request::new(GetUserRequest {
user_id,
});
let request = tonic::Request::new(GetUserRequest { user_id });
let response = self.client.get_user(request).await?;
Ok(response.into_inner())
}
@@ -65,7 +95,12 @@ impl DatabaseClientTrait for DatabaseClient {
Ok(response.into_inner())
}
async fn create_user(&mut self, username: &str, email: &str, password: &str) -> Result<CreateUserResponse, Box<dyn Error>> {
async fn create_user(
&mut self,
username: &str,
email: &str,
password: &str,
) -> Result<CreateUserResponse, Box<dyn Error>> {
let request = tonic::Request::new(CreateUserRequest {
username: username.to_string(),
email: email.to_string(),
@@ -105,5 +140,4 @@ impl DatabaseClientTrait for DatabaseClient {
) -> Result<(), Box<dyn std::error::Error>> {
Ok(())
}
}

102
auth-service/src/grpc.rs
View File

@@ -1,14 +1,18 @@
use std::sync::Arc;
use crate::auth::auth_service_server::AuthService;
use crate::auth::{LoginRequest, LoginResponse, PasswordResetRequest, PasswordResetResponse, RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse, ValidateTokenRequest, ValidateTokenResponse, ValidateSessionRequest, ValidateSessionResponse, LogoutRequest};
use crate::common::{Empty};
use crate::auth::{
LoginRequest, LoginResponse, LogoutRequest, PasswordResetRequest, PasswordResetResponse,
RegisterRequest, RegisterResponse, ResetPasswordRequest, ResetPasswordResponse,
ValidateSessionRequest, ValidateSessionResponse, ValidateTokenRequest, ValidateTokenResponse,
};
use crate::common::Empty;
use crate::database_client::{DatabaseClient, DatabaseClientTrait};
use crate::session::session_service_client::SessionServiceClient;
use crate::session::{CreateSessionRequest, GetSessionRequest, DeleteSessionRequest};
use crate::jwt::{generate_token, validate_token};
use crate::session::session_service_client::SessionServiceClient;
use crate::session::{CreateSessionRequest, DeleteSessionRequest, GetSessionRequest};
use crate::users::{hash_password, verify_user};
use chrono::{Duration, Utc};
use rand::Rng;
use std::sync::Arc;
use tonic::{Request, Response, Status};
use tracing::{debug, error, info, warn};
@@ -27,11 +31,19 @@ impl AuthService for MyAuthService {
info!("Login attempt for username: {}", req.username);
if let Some(user) = verify_user(self.db_client.as_ref().clone(), &req.username, &req.password).await {
if let Some(user) = verify_user(
self.db_client.as_ref().clone(),
&req.username,
&req.password,
)
.await
{
let user_id = user.user_id.to_string();
let session_id = uuid::Uuid::new_v4().to_string();
let response = self
.session_client.as_ref().clone()
.session_client
.as_ref()
.clone()
.create_session(CreateSessionRequest {
session_id: session_id.clone(),
user_id: user.user_id,
@@ -40,7 +52,7 @@ impl AuthService for MyAuthService {
ip_address: req.ip_address.to_string(),
})
.await;
let session = match response {
Ok(session) => session,
Err(_) => return Err(Status::internal("Session creation failed")),
@@ -49,26 +61,29 @@ impl AuthService for MyAuthService {
let token = generate_token(&user_id, &&session_id.clone(), user.roles)
.map_err(|_| Status::internal("Token generation failed"))?;
info!("Login successful for username: {}", req.username);
Ok(Response::new(LoginResponse { token, user_id, session_id }))
Ok(Response::new(LoginResponse {
token,
user_id,
session_id,
}))
} else {
warn!("Invalid login attempt for username: {}", req.username);
Err(Status::unauthenticated("Invalid credentials"))
}
}
async fn logout(
&self,
request: Request<LogoutRequest>,
) -> Result<Response<Empty>, Status> {
async fn logout(&self, request: Request<LogoutRequest>) -> Result<Response<Empty>, Status> {
let req = request.into_inner();
self.session_client.as_ref().clone()
self.session_client
.as_ref()
.clone()
.delete_session(DeleteSessionRequest {
session_id: req.session_id.clone(),
})
.await?;
Ok(Response::new(Empty {}))
}
@@ -81,7 +96,9 @@ impl AuthService for MyAuthService {
match validate_token(&req.token) {
Ok(user_data) => {
let response = self
.session_client.as_ref().clone()
.session_client
.as_ref()
.clone()
.get_session(GetSessionRequest {
session_id: user_data.1.clone(),
})
@@ -104,8 +121,7 @@ impl AuthService for MyAuthService {
}))
}
}
},
}
Err(_) => Ok(Response::new(ValidateTokenResponse {
valid: false,
user_id: "".to_string(),
@@ -120,7 +136,9 @@ impl AuthService for MyAuthService {
) -> Result<Response<ValidateSessionResponse>, Status> {
let req = request.into_inner();
let response = self
.session_client.as_ref().clone()
.session_client
.as_ref()
.clone()
.get_session(GetSessionRequest {
session_id: req.session_id,
})
@@ -144,7 +162,9 @@ impl AuthService for MyAuthService {
) -> Result<Response<ValidateSessionResponse>, Status> {
let req = request.into_inner();
let response = self
.session_client.as_ref().clone()
.session_client
.as_ref()
.clone()
.refresh_session(GetSessionRequest {
session_id: req.session_id,
})
@@ -172,7 +192,11 @@ impl AuthService for MyAuthService {
let hashed_password = hash_password(&req.password);
// Create user in the database
let result = self.db_client.as_ref().clone().create_user(&req.username, &req.email, &hashed_password)
let result = self
.db_client
.as_ref()
.clone()
.create_user(&req.username, &req.email, &hashed_password)
.await;
match result {
@@ -193,7 +217,12 @@ impl AuthService for MyAuthService {
) -> Result<Response<PasswordResetResponse>, Status> {
let email = request.into_inner().email;
let user = self.db_client.as_ref().clone().get_user_by_email(&email).await;
let user = self
.db_client
.as_ref()
.clone()
.get_user_by_email(&email)
.await;
// Check if the email exists
if user.ok().is_some() {
@@ -203,12 +232,14 @@ impl AuthService for MyAuthService {
.take(32)
.map(char::from)
.collect();
// Set token expiration (e.g., 1 hour)
let expires_at = Utc::now() + Duration::hours(1);
// Store the reset token in the database
self.db_client.as_ref().clone()
self.db_client
.as_ref()
.clone()
.store_password_reset(&email, &reset_token, expires_at)
.await
.map_err(|e| Status::internal(format!("Database error: {}", e)))?;
@@ -238,27 +269,32 @@ impl AuthService for MyAuthService {
let req = request.into_inner();
// Validate the reset token
if let Some(password_reset) = self.db_client.clone().get_password_reset(&req.reset_token).await
.map_err(|e| Status::internal(format!("Database error: {}", e)))? {
if let Some(password_reset) = self
.db_client
.clone()
.get_password_reset(&req.reset_token)
.await
.map_err(|e| Status::internal(format!("Database error: {}", e)))?
{
if password_reset.expires_at < Utc::now() {
return Err(Status::unauthenticated("Token expired"));
}
// Hash the new password
let hashed_password = hash_password(&req.new_password);
// Update the user's password
self.db_client
.update_user_password(&password_reset.email, &hashed_password)
.await
.map_err(|e| Status::internal(format!("Database error: {}", e)))?;
// Delete the reset token
self.db_client
.delete_password_reset(&req.reset_token)
.await
.map_err(|e| Status::internal(format!("Database error: {}", e)))?;
Ok(Response::new(ResetPasswordResponse {
message: "Password successfully reset".to_string(),
}))

16
auth-service/src/jwt.rs
View File

@@ -4,13 +4,17 @@ use std::env;
#[derive(Debug, Serialize, Deserialize)]
struct Claims {
sub: String, // Subject (user ID)
sub: String, // Subject (user ID)
session_id: String, // Session ID
roles: Vec<String>, // Roles/permissions
exp: usize, // Expiration time
exp: usize, // Expiration time
}
pub fn generate_token(user_id: &str, session_id: &str, roles: Vec<String>) -> Result<String, jsonwebtoken::errors::Error> {
pub fn generate_token(
user_id: &str,
session_id: &str,
roles: Vec<String>,
) -> Result<String, jsonwebtoken::errors::Error> {
let secret = env::var("JWT_SECRET").expect("JWT_SECRET must be set");
let expiration = chrono::Utc::now()
.checked_add_signed(chrono::Duration::days(1))
@@ -24,7 +28,11 @@ pub fn generate_token(user_id: &str, session_id: &str, roles: Vec<String>) -> Re
exp: expiration,
};
encode(&Header::default(), &claims, &EncodingKey::from_secret(secret.as_ref()))
encode(
&Header::default(),
&claims,
&EncodingKey::from_secret(secret.as_ref()),
)
}
pub fn validate_token(token: &str) -> Result<(String, String), jsonwebtoken::errors::Error> {

4
auth-service/src/lib.rs
View File

@@ -1,6 +1,6 @@
pub mod database_client;
pub mod grpc;
pub mod jwt;
pub mod database_client;
pub mod users;
@@ -20,4 +20,4 @@ pub mod session {
}
#[cfg(test)]
pub mod mocks;
pub mod mocks;

38
auth-service/src/main.rs
View File

@@ -1,14 +1,13 @@
use auth_service::auth::auth_service_server::AuthServiceServer;
use auth_service::database_client::DatabaseClient;
use auth_service::database_client::DatabaseClientTrait;
use auth_service::session::session_service_client::SessionServiceClient;
use auth_service::grpc::MyAuthService;
use auth_service::session::session_service_client::SessionServiceClient;
use dotenv::dotenv;
use std::collections::HashMap;
use std::env;
use std::str::FromStr;
use std::sync::Arc;
use tokio::{select, signal};
use tonic::transport::Server;
use tracing::{info, Level};
use utils::consul_registration;
@@ -20,7 +19,10 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
dotenv().ok();
tracing_subscriber::fmt()
.with_max_level(Level::from_str(&env::var("LOG_LEVEL").unwrap_or_else(|_| "info".to_string())).unwrap_or_else(|_| Level::INFO))
.with_max_level(
Level::from_str(&env::var("LOG_LEVEL").unwrap_or_else(|_| "info".to_string()))
.unwrap_or_else(|_| Level::INFO),
)
.init();
// Set the gRPC server address
@@ -41,7 +43,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
let service_id = consul_registration::get_or_generate_service_id(env!("CARGO_PKG_NAME"));
let version = env!("CARGO_PKG_VERSION").to_string();
let tags = vec![version];
let mut meta = HashMap::new();
let meta = HashMap::new();
consul_registration::register_service(
&consul_url,
service_id.as_str(),
@@ -52,36 +54,46 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
meta,
&health_check_url,
)
.await?;
.await?;
// Start health-check endpoint
consul_registration::start_health_check(addr.as_str()).await?;
let db_address = db_nodes.get(0).unwrap();
let db_url = format!("http://{}:{}", db_address.ServiceAddress, db_address.ServicePort);
let db_url = format!(
"http://{}:{}",
db_address.ServiceAddress, db_address.ServicePort
);
let db_client = Arc::new(DatabaseClient::connect(&db_url).await?);
let session_address = session_nodes.get(0).unwrap();
let session_address = format!("http://{}:{}", session_address.ServiceAddress, session_address.ServicePort);
let session_address = format!(
"http://{}:{}",
session_address.ServiceAddress, session_address.ServicePort
);
let session_client = Arc::new(SessionServiceClient::connect(session_address).await?);
let full_addr = format!("{}:{}", &addr, port);
let address = full_addr.parse().expect("Invalid address");
let auth_service = MyAuthService {
db_client,
session_client
session_client,
};
println!("Authentication Service running on {}", addr);
// Start the gRPC server
tokio::spawn(Server::builder()
.add_service(AuthServiceServer::new(auth_service))
.serve(address));
tokio::spawn(
Server::builder()
.add_service(AuthServiceServer::new(auth_service))
.serve(address),
);
utils::signal_handler::wait_for_signal().await;
consul_registration::deregister_service(&consul_url, service_id.as_str()).await.expect("");
consul_registration::deregister_service(&consul_url, service_id.as_str())
.await
.expect("");
info!("service {} deregistered", service_name);
Ok(())
}

2
auth-service/src/mocks/database_client_mock.rs
View File

@@ -27,4 +27,4 @@ impl Clone for MockDatabaseClient {
fn clone(&self) -> Self {
MockDatabaseClient::new() // Create a new mock instance
}
}
}

25
auth-service/src/users.rs
View File

@@ -1,27 +1,32 @@
use crate::database_client::DatabaseClientTrait;
use crate::database::GetUserResponse;
use crate::database_client::DatabaseClientTrait;
use argon2::{
password_hash::{
rand_core::OsRng,
PasswordHash, PasswordHasher, PasswordVerifier, SaltString
},
Argon2
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
Argon2,
};
pub fn hash_password(password: &str) -> String {
let salt = SaltString::generate(&mut OsRng);
let argon2 = Argon2::default();
argon2.hash_password(password.as_ref(), &salt).unwrap().to_string()
argon2
.hash_password(password.as_ref(), &salt)
.unwrap()
.to_string()
}
pub fn verify_password(password: &str, hash: &str) -> bool {
let parsed_hash = PasswordHash::new(&hash).unwrap();
Argon2::default().verify_password(password.as_bytes(), &parsed_hash).is_ok()
Argon2::default()
.verify_password(password.as_bytes(), &parsed_hash)
.is_ok()
}
pub async fn verify_user<T: DatabaseClientTrait>(mut db_client: T,
username: &str, password: &str) -> Option<GetUserResponse> {
pub async fn verify_user<T: DatabaseClientTrait>(
mut db_client: T,
username: &str,
password: &str,
) -> Option<GetUserResponse> {
let user = db_client.get_user_by_username(username).await.ok()?;
if verify_password(password, &user.hashed_password) {