vantzs/corrosion-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

feat: Implement full auth pipeline — login, register, JWT, bootstrap

Browse Source 
Backend auth flow is now functional:
- services/auth.rs: Argon2id password hashing, JWT access/refresh tokens
- services/encryption.rs: AES-256-GCM encrypt/decrypt, hex token generation
- api/auth.rs: Login, register, refresh, logout, /me endpoints
- middleware/auth.rs: JWT Bearer token extractor (FromRequestParts)
- db/users.rs + licenses.rs: Full CRUD with runtime queries (no compile-time DB)
- main.rs: Bootstrap admin user on first run via ADMIN_EMAIL/ADMIN_PASSWORD env vars
- NATS connection now optional for dev (graceful fallback)
- Added hex and http crates to Cargo.toml

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell
2026-02-14 21:49:37 -05:00
parent 9217f77998
commit 5668675b6a
10 changed files with 671 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
backend/src/db/users.rs
View File

@@ -1,30 +1,96 @@
use sqlx::PgPool;
use uuid::Uuid;
use anyhow::Result;
use chrono::{DateTime, Utc};
use serde::Serialize;
// TODO: Define User struct (id, email, password_hash, display_name, avatar_url, created_at, updated_at, last_login_at)
/// User record from the database
#[derive(Debug, Clone, sqlx::FromRow, Serialize)]
pub struct UserRow {
pub id: Uuid,
pub email: String,
pub username: String,
#[serde(skip_serializing)]
pub password_hash: String,
#[serde(skip_serializing)]
pub totp_secret: Option<String>,
pub totp_enabled: bool,
#[serde(skip_serializing)]
pub backup_codes: Option<Vec<String>>,
pub email_verified: bool,
pub created_at: DateTime<Utc>,
pub last_login_at: Option<DateTime<Utc>>,
}
/// Create a new user record.
pub async fn create_user(pool: &PgPool, email: &str, password_hash: &str, display_name: &str) -> Result<Uuid> {
todo!()
/// Create a new user record. Returns the new user's UUID.
pub async fn create_user(
pool: &PgPool,
email: &str,
username: &str,
password_hash: &str,
) -> Result<Uuid> {
let row: (Uuid,) = sqlx::query_as(
"INSERT INTO users (email, username, password_hash) VALUES ($1, $2, $3) RETURNING id",
)
.bind(email)
.bind(username)
.bind(password_hash)
.fetch_one(pool)
.await?;
Ok(row.0)
}
/// Fetch a user by their primary key.
pub async fn get_user_by_id(pool: &PgPool, user_id: Uuid) -> Result<()> {
todo!()
pub async fn get_user_by_id(pool: &PgPool, user_id: Uuid) -> Result<Option<UserRow>> {
let user = sqlx::query_as::<_, UserRow>(
"SELECT id, email, username, password_hash, totp_secret, totp_enabled, \
backup_codes, email_verified, created_at, last_login_at \
FROM users WHERE id = $1",
)
.bind(user_id)
.fetch_optional(pool)
.await?;
Ok(user)
}
/// Fetch a user by email address (for login lookups).
pub async fn get_user_by_email(pool: &PgPool, email: &str) -> Result<()> {
todo!()
pub async fn get_user_by_email(pool: &PgPool, email: &str) -> Result<Option<UserRow>> {
let user = sqlx::query_as::<_, UserRow>(
"SELECT id, email, username, password_hash, totp_secret, totp_enabled, \
backup_codes, email_verified, created_at, last_login_at \
FROM users WHERE email = $1",
)
.bind(email)
.fetch_optional(pool)
.await?;
Ok(user)
}
/// Update mutable user profile fields.
pub async fn update_user(pool: &PgPool, user_id: Uuid, display_name: Option<&str>, avatar_url: Option<&str>) -> Result<()> {
todo!()
pub async fn update_user(
pool: &PgPool,
user_id: Uuid,
display_name: Option<&str>,
_avatar_url: Option<&str>,
) -> Result<()> {
if let Some(name) = display_name {
sqlx::query("UPDATE users SET username = $1 WHERE id = $2")
.bind(name)
.bind(user_id)
.execute(pool)
.await?;
}
Ok(())
}
/// Bump the last_login_at timestamp for a user.
pub async fn update_last_login(pool: &PgPool, user_id: Uuid) -> Result<()> {
todo!()
sqlx::query("UPDATE users SET last_login_at = NOW() WHERE id = $1")
.bind(user_id)
.execute(pool)
.await?;
Ok(())
}