From 2799540193abdc6c01d288cbae672152bdbc9646 Mon Sep 17 00:00:00 2001 From: Shrish Deshpande Date: Thu, 14 Dec 2023 08:10:55 +0530 Subject: [PATCH] Did some testing and fixing --- Sources/App/Controllers/AuthController.swift | 14 ++++++++------ .../App/Migrations/002_CreateRegisteredUser.swift | 2 +- Sources/App/Migrations/003_CreateUserAuth.swift | 2 +- Sources/App/Models/RegisteredUser.swift | 2 +- Sources/App/configure.swift | 4 ++-- 5 files changed, 13 insertions(+), 11 deletions(-) diff --git a/Sources/App/Controllers/AuthController.swift b/Sources/App/Controllers/AuthController.swift index 7e0b15c..a33c0fe 100644 --- a/Sources/App/Controllers/AuthController.swift +++ b/Sources/App/Controllers/AuthController.swift @@ -67,7 +67,7 @@ struct AuthController: RouteCollection { expiration: .init(value: .init(timeIntervalSinceNow: 600)), id: try user.requireID(), email: user.email, - state: [UInt8].random(count: 4).base64 + state: [UInt8].random(count: 32).base64 ) } @@ -91,7 +91,7 @@ struct AuthController: RouteCollection { throw Abort(.internalServerError, reason: "Failed to send email: \(error.localizedDescription)") } - return SignupCodeResponseBody(success: result, state: "") + return SignupCodeResponseBody(success: result, state: try req.jwt.sign(payload)) } func verifySignupCode(req: Request) async throws -> AuthResponseBody { @@ -108,17 +108,19 @@ struct AuthController: RouteCollection { } let payload = try req.jwt.verify(as: SignupStatePayload.self) - let storedCode = try await req.redis.get(RedisKey(stringLiteral: payload.state), asJSON: String.self) + let storedCode = try await req.redis.get(RedisKey(stringLiteral: payload.state), asJSON: Int.self) - if args.code != storedCode { - throw Abort(.badRequest, reason: "Invalid confirmation code provided") + if storedCode == nil { + throw Abort(.badRequest, reason: "No confirmation code present") + } else if storedCode != Int(args.code) { + throw Abort(.unauthorized, reason: "Invalid confirmation code") } let user = try await Resolver.instance.getUser(request: req, arguments: .init(id: payload.id, email: payload.email)).get() let registeredUser = try RegisteredUser(user: user) try await registeredUser.save(on: req.db) - throw Abort(.notImplemented) + throw Abort(.notImplemented, reason: "Signup is complete but password is not") } func methodNotAllowed(req: Request) async throws -> AuthResponseBody { diff --git a/Sources/App/Migrations/002_CreateRegisteredUser.swift b/Sources/App/Migrations/002_CreateRegisteredUser.swift index 21c8402..07bb232 100644 --- a/Sources/App/Migrations/002_CreateRegisteredUser.swift +++ b/Sources/App/Migrations/002_CreateRegisteredUser.swift @@ -21,7 +21,7 @@ struct CreateRegisteredUser: Migration { .field("date_registered", .datetime, .required) .field("bio", .string) .field("intake_year", .int, .required) - .field("reg_no", .int, .identifier(auto: true)) + .field("reg_no", .int, .custom("GENERATED ALWAYS AS IDENTITY")) .unique(on: "id") .unique(on: "email") .create() diff --git a/Sources/App/Migrations/003_CreateUserAuth.swift b/Sources/App/Migrations/003_CreateUserAuth.swift index 03d4b55..a1aa764 100644 --- a/Sources/App/Migrations/003_CreateUserAuth.swift +++ b/Sources/App/Migrations/003_CreateUserAuth.swift @@ -18,6 +18,6 @@ struct CreateUserAuth: Migration { } func revert(on database: Database) -> EventLoopFuture { - return database.schema("users").delete() + return database.schema("userAuth").delete() } } diff --git a/Sources/App/Models/RegisteredUser.swift b/Sources/App/Models/RegisteredUser.swift index 44e332c..bda2f5f 100644 --- a/Sources/App/Models/RegisteredUser.swift +++ b/Sources/App/Models/RegisteredUser.swift @@ -49,7 +49,7 @@ final class RegisteredUser: Model, Content { init() { } - init(id: String, name: String, phone: String, email: String, personalEmail: String? = nil, branch: String, gender: String, pronouns: String? = nil, bio: String? = nil, intakeYear: Int, regNo: Int = -1) { + init(id: String, name: String, phone: String, email: String, personalEmail: String? = nil, branch: String, gender: String, pronouns: String? = nil, bio: String? = nil, intakeYear: Int, regNo: Int? = nil) { self.id = id self.name = name self.phone = phone diff --git a/Sources/App/configure.swift b/Sources/App/configure.swift index f25ca7e..820c7b7 100644 --- a/Sources/App/configure.swift +++ b/Sources/App/configure.swift @@ -16,7 +16,7 @@ struct AppConfig { static let smtpHost = Environment.get("EMAIL_SMTP") ?? "smtp.mail.me.com" static let smtpPassword = Environment.get("EMAIL_PASSWORD") ?? "NotMyEmailPassword" static let smtpPort = Environment.get("SMTP_PORT").flatMap(Int.init(_:)) ?? 587 - static let redisHost = Environment.get("REDIS_HOST") ?? "localhost" + static let redisHost = Environment.get("REDIS_HOST") ?? "127.0.0.1" static let signupCodeExpireTime = Environment.get("SIGNUP_CODE_EXPIRE_TIME").flatMap(Int.init(_:)) ?? 600 static let jwtSigningKey = Environment.get("JWT_SIGNING_KEY") ?? "secret" } @@ -47,7 +47,7 @@ public func configure(_ app: Application) async throws { app.migrations.add(CreateUser()) app.migrations.add(CreateRegisteredUser()) - app.migrations.add(CreateUserAuth()) + // app.migrations.add(CreateUserAuth()) app.jwt.signers.use(.hs256(key: AppConfig.jwtSigningKey))