2017-09-17 17:52:41 +02:00
|
|
|
module calendarwebapp.authenticator;
|
|
|
|
|
2017-10-27 18:58:46 +02:00
|
|
|
import calendarwebapp.passhash : PasswordHasher;
|
|
|
|
|
2017-09-17 17:52:41 +02:00
|
|
|
import poodinis;
|
|
|
|
|
2017-10-27 17:09:55 +02:00
|
|
|
import std.range : InputRange;
|
2017-10-26 20:08:16 +02:00
|
|
|
import std.typecons : nullable, Nullable;
|
|
|
|
|
2017-10-27 17:09:55 +02:00
|
|
|
import vibe.data.bson;
|
2017-09-17 17:52:41 +02:00
|
|
|
import vibe.db.mongo.collection : MongoCollection;
|
|
|
|
|
|
|
|
interface Authenticator
|
|
|
|
{
|
2017-10-26 20:08:16 +02:00
|
|
|
Nullable!AuthInfo checkUser(string username, string password) @safe;
|
2017-10-27 17:09:55 +02:00
|
|
|
void addUser(AuthInfo authInfo) @safe;
|
|
|
|
InputRange!AuthInfo getAllUsers() @safe;
|
|
|
|
void removeUser(BsonObjectID id) @safe;
|
2017-09-17 17:52:41 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
class MongoDBAuthenticator(Collection = MongoCollection) : Authenticator
|
|
|
|
{
|
|
|
|
private:
|
|
|
|
@Value("users")
|
|
|
|
Collection users;
|
2017-10-27 18:58:46 +02:00
|
|
|
@Autowire PasswordHasher passwordHasher;
|
2017-09-17 17:52:41 +02:00
|
|
|
|
|
|
|
public:
|
2017-10-26 20:08:16 +02:00
|
|
|
Nullable!AuthInfo checkUser(string username, string password) @safe
|
2017-09-17 17:52:41 +02:00
|
|
|
{
|
2017-10-15 16:43:39 +02:00
|
|
|
import botan.passhash.bcrypt : checkBcrypt;
|
|
|
|
|
|
|
|
auto result = users.findOne(["username" : username]);
|
2017-10-27 18:58:46 +02:00
|
|
|
/* checkHash should be called using vibe.core.concurrency.async to
|
2017-10-15 16:43:39 +02:00
|
|
|
avoid blocking, but https://github.com/vibe-d/vibe.d/issues/1521 is
|
|
|
|
blocking this */
|
2017-10-26 20:08:16 +02:00
|
|
|
if (result != Bson(null))
|
|
|
|
{
|
|
|
|
auto authInfo = result.deserializeBson!AuthInfo;
|
2017-10-27 18:58:46 +02:00
|
|
|
if (passwordHasher.checkHash(password, authInfo.passwordHash))
|
2017-10-26 20:08:16 +02:00
|
|
|
{
|
|
|
|
return authInfo.nullable;
|
|
|
|
}
|
|
|
|
}
|
2017-10-27 17:09:55 +02:00
|
|
|
return Nullable!AuthInfo.init;
|
|
|
|
}
|
|
|
|
|
|
|
|
void addUser(AuthInfo authInfo) @safe
|
|
|
|
{
|
|
|
|
if (!authInfo.id.valid)
|
|
|
|
authInfo.id = BsonObjectID.generate;
|
|
|
|
|
|
|
|
users.insert(authInfo.serializeToBson);
|
|
|
|
}
|
|
|
|
|
|
|
|
InputRange!AuthInfo getAllUsers() @safe
|
|
|
|
{
|
|
|
|
import std.algorithm : map;
|
|
|
|
import std.range : inputRangeObject;
|
|
|
|
|
|
|
|
return users.find().map!(deserializeBson!AuthInfo).inputRangeObject;
|
|
|
|
}
|
|
|
|
|
|
|
|
void removeUser(BsonObjectID id) @safe
|
|
|
|
{
|
|
|
|
users.remove(["_id" : id]);
|
2017-09-17 17:52:41 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-27 18:03:55 +02:00
|
|
|
enum Privilege
|
2017-10-26 20:08:16 +02:00
|
|
|
{
|
2017-10-27 18:03:55 +02:00
|
|
|
None,
|
2017-10-26 20:08:16 +02:00
|
|
|
User,
|
|
|
|
Admin
|
|
|
|
}
|
|
|
|
|
2017-09-17 17:52:41 +02:00
|
|
|
struct AuthInfo
|
|
|
|
{
|
2017-10-26 20:08:16 +02:00
|
|
|
import vibe.data.serialization : name;
|
|
|
|
|
|
|
|
@name("_id") BsonObjectID id;
|
|
|
|
string username;
|
|
|
|
string passwordHash;
|
2017-10-27 18:03:55 +02:00
|
|
|
Privilege privilege;
|
2017-10-26 20:08:16 +02:00
|
|
|
|
2017-10-27 15:13:02 +02:00
|
|
|
mixin(generateAuthMethods);
|
2017-10-26 20:08:16 +02:00
|
|
|
|
2017-10-27 15:13:02 +02:00
|
|
|
private:
|
|
|
|
static string generateAuthMethods() pure @safe
|
2017-10-26 20:08:16 +02:00
|
|
|
{
|
2017-10-27 15:13:02 +02:00
|
|
|
import std.conv : to;
|
|
|
|
import std.format : format;
|
|
|
|
import std.traits : EnumMembers;
|
|
|
|
|
|
|
|
string ret;
|
2017-10-27 18:03:55 +02:00
|
|
|
foreach (member; EnumMembers!Privilege)
|
2017-10-27 15:13:02 +02:00
|
|
|
{
|
|
|
|
ret ~= q{
|
|
|
|
bool is%s() const pure @safe nothrow
|
|
|
|
{
|
2017-10-27 18:03:55 +02:00
|
|
|
return privilege == Privilege.%s;
|
2017-10-27 15:13:02 +02:00
|
|
|
}
|
|
|
|
}.format(member.to!string, member.to!string);
|
|
|
|
}
|
|
|
|
return ret;
|
2017-10-26 20:08:16 +02:00
|
|
|
}
|
2017-09-17 17:52:41 +02:00
|
|
|
}
|