fix(auth): refactor auth_tokens fully

Fleeym · Fleeym · commit fbc9892395d0 · 2025-01-20T18:58:10.000+02:00
diff --git a/src/auth/mod.rs b/src/auth/mod.rs
@@ -1,2 +1 @@
 pub mod github;
-pub mod token;
diff --git a/src/auth/token.rs b/src/auth/token.rs
diff --git a/src/database/repository/auth_tokens.rs b/src/database/repository/auth_tokens.rs
@@ -26,3 +26,40 @@ pub async fn generate_token(developer_id: i32, conn: &mut PgConnection) -> Resul
 
     Ok(token)
 }
+
+pub async fn remove_token(token: Uuid, conn: &mut PgConnection) -> Result<(), ApiError> {
+    let hash = sha256::digest(token.to_string());
+
+    sqlx::query!(
+        "DELETE FROM auth_tokens
+        WHERE token = $1",
+        hash
+    )
+    .execute(&mut *conn)
+    .await
+    .map_err(|e| {
+        log::error!("Failed to remove auth token: {}", e);
+        ApiError::DbError
+    })?;
+
+    Ok(())
+}
+
+pub async fn remove_developer_tokens(
+    developer_id: i32,
+    conn: &mut PgConnection,
+) -> Result<(), ApiError> {
+    sqlx::query!(
+        "DELETE FROM auth_tokens
+        WHERE developer_id = $1",
+        developer_id
+    )
+    .execute(&mut *conn)
+    .await
+    .map_err(|e| {
+        log::error!("Failed to wipe developer tokens: {}", e);
+        ApiError::DbError
+    })?;
+
+    Ok(())
+}
diff --git a/src/endpoints/developers.rs b/src/endpoints/developers.rs
@@ -3,7 +3,6 @@ use serde::{Deserialize, Serialize};
 use sqlx::Acquire;
 
 use crate::{
-    auth::token,
     extractors::auth::Auth,
     types::{
         api::{ApiError, ApiResponse},
@@ -15,6 +14,7 @@ use crate::{
     },
     AppData,
 };
+use crate::database::repository::auth_tokens;
 
 #[derive(Deserialize, Serialize, Debug, Clone)]
 pub struct SimpleDevMod {
@@ -181,23 +181,11 @@ pub async fn delete_token(
     data: web::Data<AppData>,
     auth: Auth,
 ) -> Result<impl Responder, ApiError> {
-    let dev = auth.developer()?;
     let token = auth.token()?;
     let mut pool = data.db.acquire().await.or(Err(ApiError::DbAcquireError))?;
-    let mut transaction = pool.begin().await.or(Err(ApiError::TransactionError))?;
-    if let Err(e) =
-        token::invalidate_token_for_developer(dev.id, token.to_string(), &mut transaction).await
-    {
-        transaction
-            .rollback()
-            .await
-            .or(Err(ApiError::TransactionError))?;
-        return Err(e);
-    }
-    transaction
-        .commit()
-        .await
-        .or(Err(ApiError::TransactionError))?;
+
+    auth_tokens::remove_token(token, &mut pool).await?;
+
     Ok(HttpResponse::NoContent())
 }
 
@@ -208,18 +196,9 @@ pub async fn delete_tokens(
 ) -> Result<impl Responder, ApiError> {
     let dev = auth.developer()?;
     let mut pool = data.db.acquire().await.or(Err(ApiError::DbAcquireError))?;
-    let mut transaction = pool.begin().await.or(Err(ApiError::TransactionError))?;
-    if let Err(e) = token::invalidate_tokens_for_developer(dev.id, &mut transaction).await {
-        transaction
-            .rollback()
-            .await
-            .or(Err(ApiError::TransactionError))?;
-        return Err(e);
-    }
-    transaction
-        .commit()
-        .await
-        .or(Err(ApiError::TransactionError))?;
+
+    auth_tokens::remove_developer_tokens(dev.id, &mut pool).await?;
+
     Ok(HttpResponse::NoContent())
 }
 
