calendar-webapp/source/calendarwebapp/authenticator.d

module calendarwebapp.authenticator;

import poodinis;

import std.typecons : nullable, Nullable;

import vibe.data.bson : Bson, BsonObjectID, deserializeBson;
import vibe.db.mongo.collection : MongoCollection;

interface Authenticator
{
    Nullable!AuthInfo checkUser(string username, string password) @safe;
}

class MongoDBAuthenticator(Collection = MongoCollection) : Authenticator
{
private:
    @Value("users")
    Collection users;

public:
    Nullable!AuthInfo checkUser(string username, string password) @safe
    {
        import botan.passhash.bcrypt : checkBcrypt;

        auto result = users.findOne(["username" : username]);
        /* checkBcrypt should be called using vibe.core.concurrency.async to
           avoid blocking, but https://github.com/vibe-d/vibe.d/issues/1521 is
           blocking this */
        if (result != Bson(null))
        {
            auto authInfo = result.deserializeBson!AuthInfo;
            if ((()@trusted => checkBcrypt(password, authInfo.passwordHash))())
            {
                return authInfo.nullable;
            }
        }
        return Nullable!AuthInfo();
    }
}

enum Role
{
    User,
    Admin
}

struct AuthInfo
{
    import vibe.data.serialization : name;

    @name("_id") BsonObjectID id;
    string username;
    string passwordHash;
    Role role;

    mixin(generateAuthMethods);

private:
    static string generateAuthMethods() pure @safe
    {
        import std.conv : to;
        import std.format : format;
        import std.traits : EnumMembers;

        string ret;
        foreach (member; EnumMembers!Role)
        {
            ret ~= q{
                bool is%s() const pure @safe nothrow
                {
                    return role == Role.%s;
                }
            }.format(member.to!string, member.to!string);
        }
        return ret;
    }

}
initial addition of unittests 2017-09-17 17:52:41 +02:00			`module calendarwebapp.authenticator;`

			`import poodinis;`

Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`import std.typecons : nullable, Nullable;`

			`import vibe.data.bson : Bson, BsonObjectID, deserializeBson;`
initial addition of unittests 2017-09-17 17:52:41 +02:00			`import vibe.db.mongo.collection : MongoCollection;`

			`interface Authenticator`
			`{`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`Nullable!AuthInfo checkUser(string username, string password) @safe;`
initial addition of unittests 2017-09-17 17:52:41 +02:00			`}`

			`class MongoDBAuthenticator(Collection = MongoCollection) : Authenticator`
			`{`
			`private:`
			`@Value("users")`
			`Collection users;`

			`public:`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`Nullable!AuthInfo checkUser(string username, string password) @safe`
initial addition of unittests 2017-09-17 17:52:41 +02:00			`{`
Store passwords as salted hashes using bcrypt 2017-10-15 16:43:39 +02:00			`import botan.passhash.bcrypt : checkBcrypt;`

			`auto result = users.findOne(["username" : username]);`
			`/* checkBcrypt should be called using vibe.core.concurrency.async to`
			`avoid blocking, but https://github.com/vibe-d/vibe.d/issues/1521 is`
			`blocking this */`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`if (result != Bson(null))`
			`{`
			`auto authInfo = result.deserializeBson!AuthInfo;`
			`if ((()@trusted => checkBcrypt(password, authInfo.passwordHash))())`
			`{`
			`return authInfo.nullable;`
			`}`
			`}`
			`return Nullable!AuthInfo();`
initial addition of unittests 2017-09-17 17:52:41 +02:00			`}`
			`}`

Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`enum Role`
			`{`
			`User,`
			`Admin`
			`}`

initial addition of unittests 2017-09-17 17:52:41 +02:00			`struct AuthInfo`
			`{`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`import vibe.data.serialization : name;`

			`@name("_id") BsonObjectID id;`
			`string username;`
			`string passwordHash;`
			`Role role;`

Automatically generate methods for checking if a user has certain privileges. Once static foreach is supported by ldc, this can be done even more elegant without the use of a helper function. 2017-10-27 15:13:02 +02:00			`mixin(generateAuthMethods);`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00
Automatically generate methods for checking if a user has certain privileges. Once static foreach is supported by ldc, this can be done even more elegant without the use of a helper function. 2017-10-27 15:13:02 +02:00			`private:`
			`static string generateAuthMethods() pure @safe`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`{`
Automatically generate methods for checking if a user has certain privileges. Once static foreach is supported by ldc, this can be done even more elegant without the use of a helper function. 2017-10-27 15:13:02 +02:00			`import std.conv : to;`
			`import std.format : format;`
			`import std.traits : EnumMembers;`

			`string ret;`
			`foreach (member; EnumMembers!Role)`
			`{`
			`ret ~= q{`
			`bool is%s() const pure @safe nothrow`
			`{`
			`return role == Role.%s;`
			`}`
			`}.format(member.to!string, member.to!string);`
			`}`
			`return ret;`
Initial work for support for different user roles. 2017-10-26 20:08:16 +02:00			`}`
Automatically generate methods for checking if a user has certain privileges. Once static foreach is supported by ldc, this can be done even more elegant without the use of a helper function. 2017-10-27 15:13:02 +02:00
initial addition of unittests 2017-09-17 17:52:41 +02:00			`}`