Did some testing and fixing

ProjectKula · Dec 14, 2023 · 2799540 · 2799540
1 parent 537b40f
commit 2799540
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 11 deletions.
diff --git a/Sources/App/Controllers/AuthController.swift b/Sources/App/Controllers/AuthController.swift
@@ -67,7 +67,7 @@ struct AuthController: RouteCollection {
                 expiration: .init(value: .init(timeIntervalSinceNow: 600)),
                 id: try user.requireID(),
                 email: user.email,
-                state: [UInt8].random(count: 4).base64
+                state: [UInt8].random(count: 32).base64
             )
         }
 
@@ -91,7 +91,7 @@ struct AuthController: RouteCollection {
             throw Abort(.internalServerError, reason: "Failed to send email: \(error.localizedDescription)")
         }
 
-        return SignupCodeResponseBody(success: result, state: "")
+        return SignupCodeResponseBody(success: result, state: try req.jwt.sign(payload))
     }
 
     func verifySignupCode(req: Request) async throws -> AuthResponseBody {
@@ -108,17 +108,19 @@ struct AuthController: RouteCollection {
         }
 
         let payload = try req.jwt.verify(as: SignupStatePayload.self)
-        let storedCode = try await req.redis.get(RedisKey(stringLiteral: payload.state), asJSON: String.self)
+        let storedCode = try await req.redis.get(RedisKey(stringLiteral: payload.state), asJSON: Int.self)
 
-        if args.code != storedCode {
-            throw Abort(.badRequest, reason: "Invalid confirmation code provided")
+        if storedCode == nil {
+            throw Abort(.badRequest, reason: "No confirmation code present")
+        } else if storedCode != Int(args.code) {
+            throw Abort(.unauthorized, reason: "Invalid confirmation code")
         }
 
         let user = try await Resolver.instance.getUser(request: req, arguments: .init(id: payload.id, email: payload.email)).get()
         let registeredUser = try RegisteredUser(user: user)
         try await registeredUser.save(on: req.db)
 
-        throw Abort(.notImplemented)
+        throw Abort(.notImplemented, reason: "Signup is complete but password is not")
     }
 
     func methodNotAllowed(req: Request) async throws -> AuthResponseBody {

diff --git a/Sources/App/Migrations/002_CreateRegisteredUser.swift b/Sources/App/Migrations/002_CreateRegisteredUser.swift
@@ -21,7 +21,7 @@ struct CreateRegisteredUser: Migration {
             .field("date_registered", .datetime, .required)
             .field("bio", .string)
             .field("intake_year", .int, .required)
-            .field("reg_no", .int, .identifier(auto: true))
+            .field("reg_no", .int, .custom("GENERATED ALWAYS AS IDENTITY"))
             .unique(on: "id")
             .unique(on: "email")
             .create()

diff --git a/Sources/App/Migrations/003_CreateUserAuth.swift b/Sources/App/Migrations/003_CreateUserAuth.swift
@@ -18,6 +18,6 @@ struct CreateUserAuth: Migration {
     }
 
     func revert(on database: Database) -> EventLoopFuture<Void> {
-        return database.schema("users").delete()
+        return database.schema("userAuth").delete()
     }
 }
diff --git a/Sources/App/Models/RegisteredUser.swift b/Sources/App/Models/RegisteredUser.swift
@@ -49,7 +49,7 @@ final class RegisteredUser: Model, Content {
 
     init() { }
 
-    init(id: String, name: String, phone: String, email: String, personalEmail: String? = nil, branch: String, gender: String, pronouns: String? = nil, bio: String? = nil, intakeYear: Int, regNo: Int = -1) {
+    init(id: String, name: String, phone: String, email: String, personalEmail: String? = nil, branch: String, gender: String, pronouns: String? = nil, bio: String? = nil, intakeYear: Int, regNo: Int? = nil) {
         self.id = id
         self.name = name
         self.phone = phone

diff --git a/Sources/App/configure.swift b/Sources/App/configure.swift
@@ -16,7 +16,7 @@ struct AppConfig {
     static let smtpHost = Environment.get("EMAIL_SMTP") ?? "smtp.mail.me.com"
     static let smtpPassword = Environment.get("EMAIL_PASSWORD") ?? "NotMyEmailPassword"
     static let smtpPort = Environment.get("SMTP_PORT").flatMap(Int.init(_:)) ?? 587
-    static let redisHost = Environment.get("REDIS_HOST") ?? "localhost"
+    static let redisHost = Environment.get("REDIS_HOST") ?? "127.0.0.1"
     static let signupCodeExpireTime = Environment.get("SIGNUP_CODE_EXPIRE_TIME").flatMap(Int.init(_:)) ?? 600
     static let jwtSigningKey = Environment.get("JWT_SIGNING_KEY") ?? "secret"
 }
@@ -47,7 +47,7 @@ public func configure(_ app: Application) async throws {
 
     app.migrations.add(CreateUser())
     app.migrations.add(CreateRegisteredUser())
-    app.migrations.add(CreateUserAuth())
+    // app.migrations.add(CreateUserAuth())
 
     app.jwt.signers.use(.hs256(key: AppConfig.jwtSigningKey))