giving up with style

author: Yigit Sever 2021-04-10 16:56:00 +0300
committer: Yigit Sever 2021-04-10 16:56:00 +0300
commit: 001a9ac21c29af53d31e9710d12e37d565880207 (patch)
tree: 7e0bbbc0b828694950ffaff6f6b51f63a62f46c7
parent: a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc (diff)
download: gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.tar.gz
gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.tar.bz2
gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.zip
8 files changed, 50 insertions, 15 deletions
diff --git a/.gitignore b/.gitignore
index ca9689c..53d254d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,3 @@
 /target
-/secrets
 tags.lock
 tags.temp
diff --git a/secrets/gradecoin_rsa b/secrets/gradecoin_rsa
new file mode 100644
index 0000000..f00685c
--- /dev/null
+++ b/secrets/gradecoin_rsa
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA4nU0G4WjkmcQUx0hq6LQuV5Q+ACmUFL/OjoYMDwC/O/6pCd1
+UZgCfgHN2xEffDPznzcTn8OiFRxr4oWyBinyrUpnY4mhy0SQUwoeCw7YkcHAyhCj
+NT74aR/ohX0MCj0qRRdbt5ZQXM/GC3HJuXE1ptSuhFgQxziItamn8maoJ6JUSVEX
+VO1NOrrjoM3r7Q+BK2B+sX4/bLZ+VG5g1q2nEbFdTHS6pHqtZNHQndTmEKwRfh0R
+YtzEzOXuO6e1gQY42Tujkof40dhGCIU7TeIGGHwdFxy1niLkXwtHNjV7lnIOkTbx
+6+sSPamRfQAlZqUWM2Lf5o+7h3qWP3ENB138sQIDAQABAoIBAD23nYTmrganag6M
+wPFrBSGP79c3Lhx0EjUHQjJbGKFgsdltG48qM3ut+DF9ACy0Z+/7bbC7+39vaIOq
+1jLR2d6aiYTaLKseO4s2FawD1sgamvU3BZPsXn0gAhnnU5Gyy8Nas1dccvhoc9wI
+neaZUPrvucQ90AzLfo6r9yacDbYHB1lOyomApUvpJxOgHISGEtc9qGPDrdH19aF0
+8fCv2bbQRh+TChgN3IB0o5w0wXaI7YAyAouAv/AzHCoEMpt7OGjFTkjh/ujlPL9O
+FLuJNsQRHDN0gJo2pcvwGwDCsioMixQ9bZ7ZrUu2BNpEQygyeSbj9ZI1iRvhosO
+JU3rwEECgYEA9MppTYA6A9WQbCCwPH1QMpUAmPNVSWVhUVag4lGOEhdCDRcz9ook
+DohQMKctiEB1luKuvDokxo0uMOfMO9/YwjsRB7qjQip7Th1zMJIjD+A+juLzHK4r
+/RiRtWYGAnF8mptDvE+93JsPb3C/lQLvIhio5GQYWBqPJu6SpeosIskCgYEA7NPi
+Gbffzr2UQhW8BNKmctEEh8yFRVojFo3wwwWxSNUVXGSmSm31CL+Q8h817R+2OkPV
+1ZMUOBU4UJiqFt28kIvTDFqbAJlJQGCpY2mY7OLQiD2A+TVLcFrHmoCaPfCAK1Qd
+hQ0PmFK7Mf8qClpA3E5chop/WfKQfiu46sZv1qkCgYAhGdXPcw1lQ1W6KVlrdI6J
+qHhiNlVMDXdxZkNvFxQdAiQeXQrbxaZGiMw/J/wSNpUwCAsUzM/4QVMDrfSCDCzl
+ZtNQtj4pTlFKKNVQthIjrXEIJUw2jp7IJLBfVSJu5iWxSlmId0f3MsiNizN81N69
+P5Rm/doE3+KHoy8VXGsHcQKBgQCkNh62enqjHWypjex6450qS6f6iWN3PRLLVsw0
+TcQpniZblCaBwVCAKmRUnjOEIdL2/4ZLutnwMTaFG/YEOOfAylMiY8jKV38lNmD9
+X4D78CFr9klxgvS2CRwSE03f2NzmLkLxuKaxldvaxPTfjMkgeO1LFMlNExYBhkuH
+7uQpUQKBgQCKX6qMNh2gSdgG7qyxfTFZ4y5EGOBoKe/dE+IcVF3Vnh6DZVbCAbBL
+5EdFWZSrCnDjA4xiKW55mwp95Ud9EZsZAb13L8V9t82eK+UDBoWlb7VRNYpda/x1
+5/i4qQJ28x2UNJDStpYFpnp4Ba1lvXjKngIbDPkjU+hbBJ+BNGAIeg==
+-----END RSA PRIVATE KEY-----
diff --git a/secrets/gradecoin_rsa.pub b/secrets/gradecoin_rsa.pub
new file mode 100644
index 0000000..697f313
--- /dev/null
+++ b/secrets/gradecoin_rsa.pub
@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nU0G4WjkmcQUx0hq6LQ
+uV5Q+ACmUFL/OjoYMDwC/O/6pCd1UZgCfgHN2xEffDPznzcTn8OiFRxr4oWyBiny
+rUpnY4mhy0SQUwoeCw7YkcHAyhCjNT74aR/ohX0MCj0qRRdbt5ZQXM/GC3HJuXE1
+ptSuhFgQxziItamn8maoJ6JUSVEXVO1NOrrjoM3r7Q+BK2B+sX4/bLZ+VG5g1q2n
+EbFdTHS6pHqtZNHQndTmEKwRfh0RYtzEzOXuO6e1gQY42Tujkof40dhGCIU7TeIG
+GHwdFxy1niLkXwtHNjV7lnIOkTbx6+sSPamRfQAlZqUWM2Lf5o+7h3qWP3ENB138
+sQIDAQAB
+-----END PUBLIC KEY-----
diff --git a/src/auth.rs b/src/auth.rs
index 65d639b..51b2e6a 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -90,7 +90,7 @@ async fn authorize(
            let decoded = decode::<Claims>(
                &jwt,
                // TODO: what key are we using here? pass db/pw store here to get the claimant's public key <10-04-21, yigit> //
-                &DecodingKey::from_rsa_pem(PUBLIC_KEY_PEM.as_bytes()).unwrap(),
+                &DecodingKey::from_rsa_pem(db.users.read().get(&source).unwrap().pubkey.as_bytes()).unwrap(),
                &Validation::new(Algorithm::HS512),
            )
            .map_err(|_| reject::custom(Error::JWTTokenError))
diff --git a/src/custom_filters.rs b/src/custom_filters.rs
index 8c36d02..1d65c69 100644
--- a/src/custom_filters.rs
+++ b/src/custom_filters.rs
@@ -12,7 +12,7 @@ pub fn with_db(db: Db) -> impl Filter<Extract = (Db,), Error = Infallible> + Clo
 // Accept only json encoded Transaction body and reject big payloads
 pub fn transaction_json_body() -> impl Filter<Extract = (Transaction,), Error = Rejection> + Clone {
-    warp::body::content_length_limit(1024 * 32).and(warp::body::json())
+    warp::body::content_length_limit(1024 * 32).and(warp::filters::body::json())
 }
 // Accept only json encoded Transaction body and reject big payloads
diff --git a/src/handlers.rs b/src/handlers.rs
index 0bcbd49..a9c0315 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -1,10 +1,11 @@
+use crate::auth::Pubkey;
 /// API handlers, the ends of each filter chain
 use log::debug; // this is more useful than debug! learn how to use this
 use parking_lot::RwLockUpgradableReadGuard;
 use std::convert::Infallible;
-use warp::{http::StatusCode, reply};
+use warp::filters::BoxedFilter;
 use warp::reject::Rejection;
-use crate::auth::Pubkey;
+use warp::{http::StatusCode, reply};
 use crate::schema::{Block, Db, Transaction};
@@ -63,11 +64,10 @@ pub async fn propose_transaction(
 /// POST /transaction, authenticated
 /// The transaction arrived in this method has been authored by the public key in the source
 pub async fn propose_authenticated_transaction(
-    pubkey: Pubkey,
+    pubkey: BoxedFilter<(Pubkey,)>,
    new_transaction: Transaction,
    db: Db,
 ) -> Result<impl warp::Reply, warp::Rejection> {
    // auth logic
    debug!("new transaction request {:?}", new_transaction);
@@ -79,7 +79,6 @@ pub async fn propose_authenticated_transaction(
    Ok(StatusCode::CREATED)
 }
 /// POST /block
 /// Proposes a new block for the next round
 /// Can reject the block
diff --git a/src/routes.rs b/src/routes.rs
index 871fd9c..b389919 100644
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -8,7 +8,8 @@ use crate::schema::{Db, Transaction};
 /// Root, all routes combined
 pub fn consensus_routes(db: Db) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone {
    transaction_list(db.clone())
-        .or(transaction_propose(db.clone()))
+        // .or(transaction_propose(db.clone()))
+        .or(authenticated_transaction_propose(db.clone()))
        .or(block_propose(db.clone()))
        .or(block_list(db.clone()))
 }
@@ -51,16 +52,16 @@ pub fn authenticated_transaction_propose(
    //         // header/jwt logic to propose_transaction but that doesn't feel right either
    //         // good luck <10-04-21, yigit> //
+    let db1 = db.clone();
    warp::path("transaction")
        .and(warp::path::end())
        .and(warp::post())
        .and(custom_filters::transaction_json_body()) // returns transaction
-        .map(|t: Transaction| {
+        .map(move |t: Transaction| {
-            // what do these do?
+            with_auth(db1.clone(), t).boxed()
-            with_auth(db.clone(), t)
        })
        .and(custom_filters::transaction_json_body()) // returns transaction
-        .and(custom_filters::with_db(db)) // wraps db
+        .and(custom_filters::with_db(db.clone())) // wraps db
        .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated
 }
diff --git a/src/schema.rs b/src/schema.rs
index f680bbf..46d49cd 100644
--- a/src/schema.rs
+++ b/src/schema.rs
@@ -72,8 +72,8 @@ pub struct Block {
 #[derive(Serialize, Deserialize, Debug)]
 pub struct User {
-    username: String,
+    pub username: String,
-    token: String
+    pub pubkey: String
 }
 // TODO: write schema tests using the original repo <09-04-21, yigit> //
author	Yigit Sever	2021-04-10 16:56:00 +0300
committer	Yigit Sever	2021-04-10 16:56:00 +0300
commit	001a9ac21c29af53d31e9710d12e37d565880207 (patch)
tree	7e0bbbc0b828694950ffaff6f6b51f63a62f46c7
parent	a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc (diff)
download	gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.tar.gz gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.tar.bz2 gradecoin-001a9ac21c29af53d31e9710d12e37d565880207.zip