Arrelin/family_budget
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'dependencies update' (#11) from feature/deps-update into master
All checks were successful
Build and Publish Images / build-and-push (push) Successful in 2m21s
Details

Browse Source 
Reviewed-on: http://192.168.31.100:3847/Arrelin/family_budget/pulls/11
This commit was merged in pull request #11.
This commit is contained in:
Arrelin
2026-01-24 15:06:33 +00:00
parent 8d98a7d24c 83ce6dac8a
commit a9481676c1
3 changed files with 43 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
backend/Cargo.toml
View File

@@ -4,24 +4,24 @@ version = "0.1.0"
edition = "2024" edition = "2024"
[dependencies] [dependencies]
tokio = { version = "1.48.0", features = ["full"] } tokio = { version = "1.49.0", features = ["full"] }
sea-orm = { version = "1.0", features = ["sqlx-postgres", "runtime-tokio-rustls", "macros"] } sea-orm = { version = "1.1.19", features = ["sqlx-postgres", "runtime-tokio-rustls", "macros"] }
sea-orm-migration = { version = "1.0", default-features = false, features = ["sqlx-postgres", "runtime-tokio-rustls"] } sea-orm-migration = { version = "1.1.19", default-features = false, features = ["sqlx-postgres", "runtime-tokio-rustls"] }
dotenvy = "0.15.7" dotenvy = "0.15.7"
axum = { version = "0.7", features = ["json"] } axum = { version = "0.8.8", features = ["json"] }
tower-http = { version = "0.5", features = ["cors"] } tower-http = { version = "0.6.8", features = ["cors"] }
chrono = { version = "0.4.42", features = ["serde"] } chrono = { version = "0.4.42", features = ["serde"] }
serde = { version = "1.0.228", features = ["derive"] } serde = { version = "1.0.228", features = ["derive"] }
serde_json = "1.0" serde_json = "1.0"
utoipa = { version = "5.4.0", features = ["axum_extras", "chrono", "decimal_float"] } utoipa = { version = "5.4.0", features = ["axum_extras", "chrono", "decimal_float"] }
utoipa-swagger-ui = { version = "8.0", features = ["axum"] } utoipa-swagger-ui = { version = "9.0.2", features = ["axum"] }
axum-login = "0.15" axum-login = "0.18.0"
tower-sessions = "0.12" tower-sessions = "0.14.0"
tower-sessions-sqlx-store = { version = "0.12", features = ["postgres"] } tower-sessions-sqlx-store = { version = "0.15.0", features = ["postgres"] }
argon2 = "0.5" argon2 = "0.5"
async-trait = "0.1" async-trait = "0.1"
thiserror = "2.0" thiserror = "2.0"
time = "0.3" time = "0.3"
oauth2 = { version = "5.0.0", features = ["reqwest"] } oauth2 = { version = "5.0.0", features = ["reqwest"] }
reqwest = { version = "0.12.28", features = ["json"] } reqwest = { version = "0.13.1", features = ["json"] }
rand = "0.8" rand = "0.9.2"

51
backend/src/auth.rs
View File

@@ -40,43 +40,52 @@ pub struct Credentials {
pub password: String, pub password: String,
} }
#[async_trait::async_trait]
impl AuthnBackend for AuthBackend { impl AuthnBackend for AuthBackend {
type User = user::Model; type User = user::Model;
type Credentials = Credentials; type Credentials = Credentials;
type Error = Error; type Error = Error;
async fn authenticate( fn authenticate(
&self, &self,
creds: Self::Credentials, creds: Self::Credentials,
) -> Result<Option<Self::User>, Self::Error> { ) -> impl Future<Output = Result<Option<Self::User>, Self::Error>> + Send {
let user = User::find() let db = self.db.clone();
.filter(user::Column::Username.eq(&creds.username)) async move {
.one(&self.db) let user = User::find()
.await?; .filter(user::Column::Username.eq(&creds.username))
.one(&db)
.await?;
if let Some(user) = user { if let Some(user) = user {
let password_hash = user.password_hash.as_ref().ok_or(Error::InvalidCredentials)?; let password_hash = user.password_hash.as_ref().ok_or(Error::InvalidCredentials)?;
let parsed_hash = PasswordHash::new(password_hash) let parsed_hash = PasswordHash::new(password_hash)
.map_err(|_| Error::PasswordHash)?; .map_err(|_| Error::PasswordHash)?;
let is_valid = Argon2::default() let is_valid = Argon2::default()
.verify_password(creds.password.as_bytes(), &parsed_hash) .verify_password(creds.password.as_bytes(), &parsed_hash)
.is_ok(); .is_ok();
if is_valid { if is_valid {
Ok(Some(user)) Ok(Some(user))
} else {
Err(Error::InvalidCredentials)
}
} else { } else {
Err(Error::InvalidCredentials) Err(Error::InvalidCredentials)
} }
} else {
Err(Error::InvalidCredentials)
} }
} }
async fn get_user(&self, user_id: &UserId<Self>) -> Result<Option<Self::User>, Self::Error> { fn get_user(
let user = User::find_by_id(*user_id).one(&self.db).await?; &self,
Ok(user) user_id: &UserId<Self>,
) -> impl Future<Output = Result<Option<Self::User>, Self::Error>> + Send {
let db = self.db.clone();
let user_id = *user_id;
async move {
let user = User::find_by_id(user_id).one(&db).await?;
Ok(user)
}
} }
} }

4
backend/src/services/invite_link_service.rs
View File

@@ -1,5 +1,5 @@
use sea_orm::*; use sea_orm::*;
use rand::distributions::Alphanumeric; use rand::distr::Alphanumeric;
use rand::Rng; use rand::Rng;
use crate::models::invite_link::{self, Entity as InviteLink, Model as InviteLinkModel}; use crate::models::invite_link::{self, Entity as InviteLink, Model as InviteLinkModel};
use crate::models::{user, User}; use crate::models::{user, User};
@@ -8,7 +8,7 @@ pub struct InviteLinkService;
impl InviteLinkService { impl InviteLinkService {
pub fn generate_token() -> String { pub fn generate_token() -> String {
rand::thread_rng() rand::rng()
.sample_iter(&Alphanumeric) .sample_iter(&Alphanumeric)
.take(32) .take(32)
.map(char::from) .map(char::from)