Add utility functions

- `user_authentication` returns Ok when authenticated successfully - `user_exists` returns Ok when the passed user exists
2021-11-25 15:44:32 +01:00
parent c146516d76
commit bc50c13803
2 changed files with 54 additions and 61 deletions
--- a/src/graphql.rs
+++ b/src/graphql.rs
@@ -136,6 +136,28 @@ fn is_valid_user_name(username: &str) -> bool {
    true
 }

+async fn user_authentication(db: &SqlitePool, user: &uuid::adapter::Simple, password_hash: &str) -> FieldResult<()> {
+    if sqlx::query(format!(
+        r#"SELECT users.id FROM users, security_preferences WHERE users.id = "{}" AND password_hash = "{}""#,
+        user,
+        password_hash,
+    ).as_str()).fetch_optional(db).await?.is_some() {
+        Ok(())
+    } else {
+        Err("authentication failed".into())
+    }
+}
+
+async fn user_exists(db: &SqlitePool, user: &uuid::adapter::Simple) -> FieldResult<()> {
+        if sqlx::query(
+            format!(r#"SELECT id FROM users WHERE id = "{}""#, user).as_str()
+        ).fetch_optional(db).await?.is_some() {
+            Ok(())
+        } else {
+            Err(format!(r#"user "{}" does not exist on this server"#, user).into())
+        }
+}
+
 #[derive(Clone, Debug)]
 pub struct Context {
    #[cfg(feature = "sqlite")]
@@ -529,14 +551,7 @@ impl Mutation {
        let users = BTreeSet::from_iter([user, chat_partner]);

        // User authentication
-        let authentication_successful = sqlx::query(format!(
-            r#"SELECT users.id FROM users, security_preferences WHERE users.id = "{}" AND password_hash = "{}""#,
-            user,
-            password_hash,
-        ).as_str()).fetch_optional(&context.db).await?.is_some();
-        if !authentication_successful {
-            return Err("authentication failed".into());
-        }
+        user_authentication(&context.db, &user, &password_hash).await?;

        // Chat partner needs to be another user (for now)
        if user == chat_partner {
@@ -544,12 +559,7 @@ impl Mutation {
        }

        // Chat partner must exist
-        let chat_partner_exists = sqlx::query(
-            format!(r#"SELECT id FROM users WHERE id = "{}""#, chat_partner).as_str()
-        ).fetch_optional(&context.db).await?.is_some();
-        if !chat_partner_exists {
-            return Err(format!(r#"chat partner "{}" does not exist on this server"#, chat_partner).into());
-        }
+        user_exists(&context.db, &chat_partner).await?;

        // non-group chats must be unique
        let chat_already_exists = sqlx::query(format!(