From 066fa8648dbe4f68a378422975c4c2b12b7882ab Mon Sep 17 00:00:00 2001
From: Jeremy Wall <jeremy@marzhillstudios.com>
Date: Mon, 19 Dec 2022 15:42:35 -0500
Subject: [PATCH] Auth api response tells you who you are now

---
 kitchen/src/migrations.rs | 22 -----------------
 kitchen/src/web/auth.rs   | 51 +++++++++++++++++++++++++++++----------
 2 files changed, 38 insertions(+), 35 deletions(-)
 delete mode 100644 kitchen/src/migrations.rs

diff --git a/kitchen/src/migrations.rs b/kitchen/src/migrations.rs
deleted file mode 100644
index df9120f..0000000
--- a/kitchen/src/migrations.rs
+++ /dev/null
@@ -1,22 +0,0 @@
-// Copyright 2022 Jeremy Wall (Jeremy@marzhilsltudios.com)
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-use sqlx::{migrate, SqlitePool};
-use std::sync::Arc;
-
-pub async fn run_migration(pool: Arc<SqlitePool>) {
-    sqlx::migrate!("./migrations")
-        .run(pool.as_ref())
-        .await
-        .expect("Unable to run migratins");
-}
diff --git a/kitchen/src/web/auth.rs b/kitchen/src/web/auth.rs
index 86ef87f..7786ec0 100644
--- a/kitchen/src/web/auth.rs
+++ b/kitchen/src/web/auth.rs
@@ -18,20 +18,43 @@ use async_session::{Session, SessionStore};
 use axum::{
     extract::Extension,
     http::{header, HeaderMap, StatusCode},
-    response::IntoResponse,
 };
 use axum_auth::AuthBasic;
 use cookie::{Cookie, SameSite};
 use secrecy::Secret;
+use serde::{Deserialize, Serialize};
 use tracing::{debug, error, info, instrument};
 
-use super::storage::{self, AuthStore};
+use super::storage::{self, AuthStore, UserCreds};
+
+// FIXME(jwall): This needs to live in a client integration library.
+#[derive(Serialize, Deserialize)]
+pub enum AccountResponse {
+    Success { user_id: String },
+    Err { message: String },
+}
+
+impl From<UserCreds> for AccountResponse {
+    fn from(auth: UserCreds) -> Self {
+        Self::Success {
+            user_id: auth.user_id().to_owned(),
+        }
+    }
+}
+
+impl<'a> From<&'a str> for AccountResponse {
+    fn from(msg: &'a str) -> Self {
+        Self::Err {
+            message: msg.to_string(),
+        }
+    }
+}
 
 #[instrument(skip_all, fields(user=%auth.0.0))]
 pub async fn handler(
     auth: AuthBasic,
     Extension(session_store): Extension<Arc<storage::SqliteStore>>,
-) -> impl IntoResponse {
+) -> (StatusCode, HeaderMap, axum::Json<AccountResponse>) {
     // NOTE(jwall): It is very important that you do **not** log the password
     // here. We convert the AuthBasic into UserCreds immediately to help prevent
     // that. Do not circumvent that protection.
@@ -44,28 +67,31 @@ pub async fn handler(
         let mut session = Session::new();
         if let Err(err) = session.insert("user_id", auth.user_id()) {
             error!(?err, "Unable to insert user id into session");
+            let resp: AccountResponse = "Unable to insert user id into session".into();
             return (
                 StatusCode::INTERNAL_SERVER_ERROR,
                 headers,
-                "Unable to insert user id into session",
+                axum::Json::from(resp),
             );
         }
         // 2. Store the session in the store.
         let cookie_value = match session_store.store_session(session).await {
             Err(err) => {
                 error!(?err, "Unable to store session in session store");
+                let resp: AccountResponse = "Unable to store session in session store".into();
                 return (
                     StatusCode::INTERNAL_SERVER_ERROR,
                     headers,
-                    "Unable to store session in session store",
+                    axum::Json::from(resp),
                 );
             }
             Ok(None) => {
                 error!("Unable to create session cookie");
+                let resp: AccountResponse = "Unable to create session cookie".into();
                 return (
                     StatusCode::INTERNAL_SERVER_ERROR,
                     headers,
-                    "Unable to create session cookie",
+                    axum::Json::from(resp),
                 );
             }
             Ok(Some(value)) => value,
@@ -79,25 +105,24 @@ pub async fn handler(
         let parsed_cookie = match cookie.to_string().parse() {
             Err(err) => {
                 error!(?err, "Unable to parse session cookie");
+                let resp: AccountResponse = "Unable to parse session cookie".into();
                 return (
                     StatusCode::INTERNAL_SERVER_ERROR,
                     headers,
-                    "Unable to parse session cookie",
+                    axum::Json::from(resp),
                 );
             }
             Ok(parsed_cookie) => parsed_cookie,
         };
         headers.insert(header::SET_COOKIE, parsed_cookie);
         // Respond with 200 OK
-        (StatusCode::OK, headers, "Login Successful")
+        let resp: AccountResponse = auth.into();
+        (StatusCode::OK, headers, axum::Json::from(resp))
     } else {
         debug!("Invalid credentials");
         let headers = HeaderMap::new();
-        (
-            StatusCode::UNAUTHORIZED,
-            headers,
-            "Invalid user id or password",
-        )
+        let resp: AccountResponse = "Invalid user id or password".into();
+        (StatusCode::UNAUTHORIZED, headers, axum::Json::from(resp))
     }
 }