auth: Allow HTTP basic auth for users This can be used soon to push data as a user from the terminal where the cookie isn't set like in the browser.

Oct 12, 2021, 11:48 AM

CMY6YHG36OX27OCWAENW2FQ3AKBR52XY3OBLKG5RY3D62UZ4BGUQC

Dependencies

[2] JJQ4LMUM dependecy: Remove future No longer required, so cleaning it up right now.
[3] SZIYDOFD refactor: Move User guard to the model The User model didn't have the FromRequest 'constructor' for the guard. This felt off. Now some Request knowledge leaks to the model, but still it seems better.
[4] KFVJ3KMW frontend: Introduce navigation bar Minor changes to the front-end mostly, to allow users to register, sign in, and sign out. The sign out route is changed to a GET endpoint, as links in HTML cannot DELETE.
[5] 5UNA2DEA routes: Register and authenticate users Allow users to sign up, and sign in/sign out. The routes are added, though the design of the pages is very bare bones still, it's hard to go through the full flow to demo. On the server side: Passwords are stored encrypted in the database with salts. This uses the PG encrypt tooling to prevent against bugs and maintainance costs on this project. When a user is signed in, the user ID is set in a private cookie. Rocket has Guards for routes, which has not been implemented yet for this project.
[6] Z63HIZPS testing: Move tests to specific directory Tests I didn't really write until today, as I mostly didn't really know how to set it up. This is now partially mitigated, just by forcing myself to do it. There's a few problems still in the code; the database is shared with the dev application for instance. Though as a start I'll take it.
[7] FS2NWBVN pijul: Start of push/pull work This change includes one API endpoint, .pijul. It allows for getting a channels remote ID. A lot of plumbing around repositories is added too, from init to opening pristine and actions like it.
[8] K4JNAJOF database: Connect to postgres on Rocket boot As database I've chosen PostgreSQL, as my personal experience has been good with it. This change allows Rocket to connect to the database on booting the server. It depends on the DATABASE_URL being set, and for now circumvents the Rocket config helpers as it seemed faster to be up and running this way.
[9] W3M3C7CC Initial commit This change includes a very small hello world application server written in Rust using Rocket.rs. Managing dependencies is done with Nix as that works well between Linux and Mac for me.
[*] TWIZ7QV4 db: Add interface to add a project Right now a project has a name, and an owner which is hardcoded to 1. This is because basically I'm speedrunning to implement push/pull of Pijul and then revisit to add depth to features and tests. Model code is now split into files properly too.

Change contents

edit in tests/controller_test.rs at line 1

[4.61]

[4.62]

mod common;
replacement in tests/controller_test.rs at line 6

[4.134]→[4.134:179](∅→∅),[4.179]→[2.0:74](∅→∅)

use rocket::local::asynchronous::Client;
let client = Client::tracked(nidobyte::rocket()).await.expect("foo");

[4.134]

[4.277]

let client = common::testing_client().await;
edit in src/models/users.rs at line 73

[3.503]

[3.503]

if let Some(user) = user_from_basic_auth(db, &*request).await {
return Outcome::Success(user);
}
// Try getting the user from the cookie
edit in src/models/users.rs at line 92

[3.868]

[3.868]

async fn user_from_basic_auth(db: &State<Database>, req: &Request<'_>) -> Option<User> {
use rocket_basicauth::BasicAuth;

info!("trying basic auth");
let credentials = match BasicAuth::from_request(req).await {
Outcome::Success(ba) => ba,
_ => return None,
};
info!("extracted basic auth");

match User::authenticate(db, credentials.username, credentials.password).await {
Ok(some) => some,
_ => None,
}
}
replacement in src/lib.rs at line 10

[4.993]→[4.993:1007](∅→∅)

mod database;

[4.993]

[4.1007]

pub mod database;
replacement in src/lib.rs at line 14

[4.1038]→[4.1038:1050](∅→∅)

mod models;

[4.1038]

[4.1050]

pub mod models;
replacement in src/database/mod.rs at line 8

[4.2900]→[4.2900:2941](∅→∅)

pub(crate) type Database = sqlx::PgPool;

[4.2900]

[4.2941]

pub type Database = sqlx::PgPool;
edit in Cargo.toml at line 17

[4.9910]

[4.9910]

rocket-basicauth = "2.1"
http-auth-basic = "0.3.1" # Only used for testing at this time
edit in Cargo.lock at line 197

[4.2828]

[4.2828]

version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff"

[[package]]
name = "base64"
replacement in Cargo.lock at line 420

[4.13416]→[4.13416:13427](∅→∅)

"base64",

[4.13416]

[4.13427]

"base64 0.13.0",
edit in Cargo.lock at line 1125

[4.11163]

[4.11163]

]

[[package]]
name = "http-auth-basic"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c692c953703936fa684b33084ce21ad4248769b5052079bbd89afe6b354a5762"
dependencies = [
"base64 0.12.3",
edit in Cargo.lock at line 1581

[4.14495]

[11.4612]

"http-auth-basic",
edit in Cargo.lock at line 1586

[4.15478]

[4.20311]

"rocket-basicauth",
replacement in Cargo.lock at line 1891

[4.23635]→[4.23635:23646](∅→∅)

"base64",

[4.23635]

[4.23646]

"base64 0.13.0",
edit in Cargo.lock at line 2188

[4.21848]

[4.21848]

]

[[package]]
name = "rocket-basicauth"
version = "2.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "79128c0f55b7bc6785c13816d71af4baee156bd615b09468800edaaa7da56a08"
dependencies = [
"base64 0.13.0",
"log",
"rocket",
replacement in Cargo.lock at line 2309

[4.11316]→[4.11316:11327](∅→∅)

"base64",

[4.11316]

[4.11327]

"base64 0.13.0",
replacement in Cargo.lock at line 2605

[4.13090]→[4.13090:13101](∅→∅)

"base64",

[4.13090]

[4.13101]

"base64 0.13.0",