vantzs/corrosion-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

feat: Implement full auth pipeline — login, register, JWT, bootstrap

Browse Source 
Backend auth flow is now functional:
- services/auth.rs: Argon2id password hashing, JWT access/refresh tokens
- services/encryption.rs: AES-256-GCM encrypt/decrypt, hex token generation
- api/auth.rs: Login, register, refresh, logout, /me endpoints
- middleware/auth.rs: JWT Bearer token extractor (FromRequestParts)
- db/users.rs + licenses.rs: Full CRUD with runtime queries (no compile-time DB)
- main.rs: Bootstrap admin user on first run via ADMIN_EMAIL/ADMIN_PASSWORD env vars
- NATS connection now optional for dev (graceful fallback)
- Added hex and http crates to Cargo.toml

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell
2026-02-14 21:49:37 -05:00
parent 9217f77998
commit 5668675b6a
10 changed files with 671 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
backend/src/db/licenses.rs
View File

@@ -1,35 +1,103 @@
use sqlx::PgPool;
use uuid::Uuid;
use anyhow::Result;
use chrono::{DateTime, Utc};
use serde::Serialize;
// TODO: Define License struct (id, user_id, license_key, status, tier, modules, max_servers, activated_at, expires_at, created_at)
/// Create a new license record.
pub async fn create_license(pool: &PgPool, user_id: Uuid, license_key: &str, tier: &str) -> Result<Uuid> {
todo!()
/// License record from the database
#[derive(Debug, Clone, sqlx::FromRow, Serialize)]
pub struct LicenseRow {
pub id: Uuid,
pub license_key: String,
pub status: String,
pub owner_user_id: Uuid,
pub server_name: Option<String>,
pub subdomain: Option<String>,
pub custom_domain: Option<String>,
pub modules_enabled: Option<Vec<String>>,
pub webstore_active: bool,
pub webstore_subscription_id: Option<String>,
pub created_at: DateTime<Utc>,
pub expires_at: Option<DateTime<Utc>>,
}
/// Look up a license by its key string (used during activation).
pub async fn get_license_by_key(pool: &PgPool, license_key: &str) -> Result<()> {
todo!()
/// Create a new license.
pub async fn create_license(
pool: &PgPool,
license_key: &str,
owner_user_id: Uuid,
) -> Result<Uuid> {
let row: (Uuid,) = sqlx::query_as(
"INSERT INTO licenses (license_key, owner_user_id) VALUES ($1, $2) RETURNING id",
)
.bind(license_key)
.bind(owner_user_id)
.fetch_one(pool)
.await?;
Ok(row.0)
}
/// Fetch a license by its primary key.
pub async fn get_license_by_id(pool: &PgPool, license_id: Uuid) -> Result<()> {
todo!()
/// Fetch a license by its key string.
pub async fn get_license_by_key(pool: &PgPool, key: &str) -> Result<Option<LicenseRow>> {
let license = sqlx::query_as::<_, LicenseRow>(
"SELECT id, license_key, status, owner_user_id, server_name, subdomain, \
custom_domain, modules_enabled, webstore_active, webstore_subscription_id, \
created_at, expires_at \
FROM licenses WHERE license_key = $1",
)
.bind(key)
.fetch_optional(pool)
.await?;
Ok(license)
}
/// Fetch all licenses belonging to a user.
pub async fn get_license_by_user(pool: &PgPool, user_id: Uuid) -> Result<()> {
todo!()
/// Fetch a license by UUID.
pub async fn get_license_by_id(pool: &PgPool, id: Uuid) -> Result<Option<LicenseRow>> {
let license = sqlx::query_as::<_, LicenseRow>(
"SELECT id, license_key, status, owner_user_id, server_name, subdomain, \
custom_domain, modules_enabled, webstore_active, webstore_subscription_id, \
created_at, expires_at \
FROM licenses WHERE id = $1",
)
.bind(id)
.fetch_optional(pool)
.await?;
Ok(license)
}
/// Mark a license as activated and record the activation timestamp.
/// Fetch a license by owner user ID.
pub async fn get_license_by_user(pool: &PgPool, user_id: Uuid) -> Result<Option<LicenseRow>> {
let license = sqlx::query_as::<_, LicenseRow>(
"SELECT id, license_key, status, owner_user_id, server_name, subdomain, \
custom_domain, modules_enabled, webstore_active, webstore_subscription_id, \
created_at, expires_at \
FROM licenses WHERE owner_user_id = $1",
)
.bind(user_id)
.fetch_optional(pool)
.await?;
Ok(license)
}
/// Activate a license (set status to 'active').
pub async fn activate_license(pool: &PgPool, license_id: Uuid) -> Result<()> {
todo!()
sqlx::query("UPDATE licenses SET status = 'active' WHERE id = $1")
.bind(license_id)
.execute(pool)
.await?;
Ok(())
}
/// Update the status of a license (active, suspended, expired, revoked).
/// Update license status.
pub async fn update_license_status(pool: &PgPool, license_id: Uuid, status: &str) -> Result<()> {
todo!()
sqlx::query("UPDATE licenses SET status = $1 WHERE id = $2")
.bind(status)
.bind(license_id)
.execute(pool)
.await?;
Ok(())
}

88
backend/src/db/users.rs
View File

@@ -1,30 +1,96 @@
use sqlx::PgPool;
use uuid::Uuid;
use anyhow::Result;
use chrono::{DateTime, Utc};
use serde::Serialize;
// TODO: Define User struct (id, email, password_hash, display_name, avatar_url, created_at, updated_at, last_login_at)
/// User record from the database
#[derive(Debug, Clone, sqlx::FromRow, Serialize)]
pub struct UserRow {
pub id: Uuid,
pub email: String,
pub username: String,
#[serde(skip_serializing)]
pub password_hash: String,
#[serde(skip_serializing)]
pub totp_secret: Option<String>,
pub totp_enabled: bool,
#[serde(skip_serializing)]
pub backup_codes: Option<Vec<String>>,
pub email_verified: bool,
pub created_at: DateTime<Utc>,
pub last_login_at: Option<DateTime<Utc>>,
}
/// Create a new user record.
pub async fn create_user(pool: &PgPool, email: &str, password_hash: &str, display_name: &str) -> Result<Uuid> {
todo!()
/// Create a new user record. Returns the new user's UUID.
pub async fn create_user(
pool: &PgPool,
email: &str,
username: &str,
password_hash: &str,
) -> Result<Uuid> {
let row: (Uuid,) = sqlx::query_as(
"INSERT INTO users (email, username, password_hash) VALUES ($1, $2, $3) RETURNING id",
)
.bind(email)
.bind(username)
.bind(password_hash)
.fetch_one(pool)
.await?;
Ok(row.0)
}
/// Fetch a user by their primary key.
pub async fn get_user_by_id(pool: &PgPool, user_id: Uuid) -> Result<()> {
todo!()
pub async fn get_user_by_id(pool: &PgPool, user_id: Uuid) -> Result<Option<UserRow>> {
let user = sqlx::query_as::<_, UserRow>(
"SELECT id, email, username, password_hash, totp_secret, totp_enabled, \
backup_codes, email_verified, created_at, last_login_at \
FROM users WHERE id = $1",
)
.bind(user_id)
.fetch_optional(pool)
.await?;
Ok(user)
}
/// Fetch a user by email address (for login lookups).
pub async fn get_user_by_email(pool: &PgPool, email: &str) -> Result<()> {
todo!()
pub async fn get_user_by_email(pool: &PgPool, email: &str) -> Result<Option<UserRow>> {
let user = sqlx::query_as::<_, UserRow>(
"SELECT id, email, username, password_hash, totp_secret, totp_enabled, \
backup_codes, email_verified, created_at, last_login_at \
FROM users WHERE email = $1",
)
.bind(email)
.fetch_optional(pool)
.await?;
Ok(user)
}
/// Update mutable user profile fields.
pub async fn update_user(pool: &PgPool, user_id: Uuid, display_name: Option<&str>, avatar_url: Option<&str>) -> Result<()> {
todo!()
pub async fn update_user(
pool: &PgPool,
user_id: Uuid,
display_name: Option<&str>,
_avatar_url: Option<&str>,
) -> Result<()> {
if let Some(name) = display_name {
sqlx::query("UPDATE users SET username = $1 WHERE id = $2")
.bind(name)
.bind(user_id)
.execute(pool)
.await?;
}
Ok(())
}
/// Bump the last_login_at timestamp for a user.
pub async fn update_last_login(pool: &PgPool, user_id: Uuid) -> Result<()> {
todo!()
sqlx::query("UPDATE users SET last_login_at = NOW() WHERE id = $1")
.bind(user_id)
.execute(pool)
.await?;
Ok(())
}