Feature: User auth #15

scott · 2023-06-26T15:04:04Z

scott commented

2023-06-26 15:04:04 +00:00

Add user model
Add auth guard
Add association between users and tracks
Make the API differentiate tracks by user

Resolves #2

- [x] Add user model - [x] Add auth guard - [x] Add association between users and tracks - [x] Make the API differentiate tracks by user Resolves #2

scott self-assigned this 2023-06-26 15:04:04 +00:00

scott added 3 commits 2023-06-26 15:04:04 +00:00

Add user model 60d7ce4664

Add support for rocket's "secret cookies" 62ba1420b9

Add login+sign_up routes and auth guard 14bd4b48ca

scott added 3 commits 2023-06-26 15:58:16 +00:00

TODO FIXUP: add cookie-secret to secrets list in server config 272d1edb9a

Add users-to-tracks many-to-many association 72bd08225f

Add entity and relations for user-tracks relationship ff260cc1bb

scott added 1 commit 2023-06-26 19:59:59 +00:00

tracks are now relative to an authenticated user 3ce19da675

scott force-pushed feature/user-auth from 3ce19da675 to e25301655b

2023-06-26 20:02:01 +00:00

Compare

scott force-pushed feature/user-auth from 396ed28079 to a390f79a75

2023-08-26 10:12:12 +00:00

Compare

scott added 12 commits 2023-08-26 10:15:16 +00:00

Add user model 0a197db93f

Add support for rocket's "secret cookies" 792779a36d

Add login+sign_up routes and auth guard 2485740291

Add users-to-tracks many-to-many association 05bda8deb0

Add entity and relations for user-tracks relationship 46a9374571

tracks are now relative to an authenticated user f44f15d2b6

Rename user -> users 205a3b165e

Fix authenticated track insertion d7285a84bb

Remove no-longer-existing Rust feature default_free_fn 1c400e7ffa

add tests a8e4e5145b

Add log-out route (necessary to delete secret cookie) f6fb736ff7

Merge pull request 'Backend feature: user auth' (#1 ) from backend/feature/user-auth into feature/user-auth 3dbe2d2327

Reviewed-on: https://git.tams.tech/scott/kalkutago/pulls/1

scott added 6 commits 2023-08-26 10:18:09 +00:00

Add busy-indicator to login/signup buttons db72a6df17

WIP: Add busy indicators to login view 37426aaa52

Fix shell.nix ffc1c6806a

Restore logged-in state on page reload 290218eefe

Add logout button bfffacabf6

Merge pull request 'Frontend was merged prematurely, this fixes that' (#3 ) from frontend/feature/login-view into feature/user-auth f32a188750

Reviewed-on: https://git.tams.tech/scott/kalkutago/pulls/3

scott changed title from ~~WIP: Feature: User auth~~ to Feature: User auth

2023-08-26 10:18:37 +00:00

scott added 3 commits 2023-08-26 10:54:51 +00:00

Renamed a variable db3ef7640a

sorry it was bothering me.

Quick tweak 5aa16762f7

Fixed logout flow 003383e455

scott added 1 commit 2023-08-26 11:03:29 +00:00

Move logOut function into method on state dafdd491f9

todtb reviewed 2023-08-26 12:29:57 +00:00

client/src/state.ts

					
				@ -2,6 +2,8 @@ import { reactive } from "vue"

				import { Track } from "./track"

todtb commented

2023-08-26 12:07:29 +00:00

Have you tried out vuex or the newer pinia yet?

scott commented

2023-08-26 12:39:39 +00:00

It's been a while since I looked into it, but I think I remember reading something in their docs which suggested that they might be overkill for this situation.

client/src/state.ts Outdated

					
				@ -81,3 +103,2 @@

				        this.state = State.Fetched

				    },

				    }

				    async taskCompleted(track: Track, date: Date): Promise<Tick> {

todtb commented

2023-08-26 12:09:02 +00:00

For the API calls, is there a reason for them to be in state?

For the API calls, is there a reason for them to be in `state`?

scott commented

2023-08-26 12:45:00 +00:00

From the Vue docs:

This also means any component importing store can mutate it however they want. While this works in simple cases, global state that can be arbitrarily mutated by any component is not going to be very maintainable in the long run. To ensure the state-mutating logic is centralized like the state itself, it is recommended to define methods on the store with names that express the intention of the actions.

From [the Vue docs](https://vuejs.org/guide/scaling-up/state-management.html#simple-state-management-with-reactivity-api): > This also means any component importing store can mutate it however they want. While this works in simple cases, global state that can be arbitrarily mutated by any component is not going to be very maintainable in the long run. To ensure the state-mutating logic is centralized like the state itself, it is recommended to define methods on the store with names that express the intention of the actions.

todtb commented

2023-08-26 12:50:42 +00:00

Yeah, but do these mutate state? I thought they were just making the request and returning the parsed body?

scott commented

2023-08-26 13:17:19 +00:00

Ah, you raise a good point there. It was originally intended to, but then I changed it so that only the events update the state. Thanks for that.

server/src/migrator/m20230626_083036_create_users_table.rs

					
				@ -0,0 +13,4 @@

				                    .if_not_exists()

				                    .col(

				                        ColumnDef::new(Users::Id)

				                            .integer()

todtb commented

2023-08-26 12:27:42 +00:00

Does sea_orm support UUIDs?

scott commented

2023-08-26 12:48:19 +00:00

It seems to support a UUID column type, but I don't see documentation for it, or for using it as a primary key. Is that important?

todtb commented

2023-08-26 12:53:31 +00:00

For this, probably not. However UUIDs can be nice for PKs on publicly facing resources as you cannot crawl them (ie /user/3 suggests /user/4 exists). Slugs can be used to keep the url tidy.

For this, probably not. However UUIDs can be nice for PKs on publicly facing resources as you cannot crawl them (ie `/user/3` suggests `/user/4` exists). Slugs can be used to keep the url tidy.

scott commented

2023-08-26 13:19:18 +00:00

That makes sense. Though I think I might do /user/{name} if we add public profile pages (and /me for the logged in user)

That makes sense. Though I think I might do `/user/{name}` if we add public profile pages (and `/me` for the logged in user)

server/src/migrator/m20230626_150551_associate_users_and_tracks.rs

					
				@ -0,0 +11,4 @@

				    async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {

				        manager

				            .create_table(

				                Table::create()

todtb commented

2023-08-26 12:28:38 +00:00

Interesting DSL here...

scott commented

2023-08-26 12:40:18 +00:00

These are generated by the sea-orm CLI 🤷

todtb approved these changes 2023-08-26 14:04:29 +00:00

scott added 2 commits 2023-08-26 15:05:23 +00:00

Move dateQuery to util.ts cd16208dd7

Move API calls from state to Track methods 89b0180989

scott requested review from todtb 2023-08-26 15:05:48 +00:00

scott added 1 commit 2023-08-26 15:18:26 +00:00

prod needs the cookie secret too, arguably more than the others! 424bc15512

scott added 1 commit 2023-08-26 15:21:42 +00:00

DEFAULT_COST + 2 is 2 much bc6f06e210

scott reviewed 2023-08-26 18:48:42 +00:00

server/src/api/tracks.rs Outdated

					
				@ -21,0 +32,4 @@

				    track_id: i32,

				    user: &users::Model,

				) -> Result<Json<tracks::Model>, Either<Status, api::ErrorResponder>> {

				    if let Some(Some(user)) = user

scott commented

2023-08-26 18:19:42 +00:00

rename user -> track in assignment here

rename `user` -> `track` in assignment here

scott marked this conversation as resolved

server/src/api/update.rs

					
				@ -96,0 +94,4 @@

				        let receiver_count = tx.receiver_count();

				        if receiver_count > 0 {

				            trace!(receiver_count = receiver_count, update = as_serde!(self); "sending update");

				            let count = tx.send(self.clone())?;