From fb03d27b412b42509d56cc71e4daf3fa2b6d191a Mon Sep 17 00:00:00 2001
From: "dev@ftbsc" <dev@fantabos.co>
Date: Mon, 23 Jan 2023 01:44:38 +0100
Subject: [PATCH] chore: version bump, removed unwraps

---
 Cargo.toml            |  2 +-
 src/routes/auth.rs    | 35 +++++++++++++++++++++--------------
 src/routes/session.rs | 15 +++++++++------
 3 files changed, 31 insertions(+), 21 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index b47808f..ef0c485 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "yggdrasil-clone"
-version = "0.1.0"
+version = "0.1.1"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/routes/auth.rs b/src/routes/auth.rs
index a7222fe..e3929dc 100644
--- a/src/routes/auth.rs
+++ b/src/routes/auth.rs
@@ -7,17 +7,17 @@ use tracing::{info, warn};
 use crate::{entities, AppState, proto};
 
 
-pub async fn validate(State(state): State<AppState>, Json(payload): Json<proto::ValidateRequest>) -> StatusCode {
+pub async fn validate(State(state): State<AppState>, Json(payload): Json<proto::ValidateRequest>) -> Result<StatusCode, StatusCode> {
 	info!(target: "AUTH", "[VALIDATE] called with {:?}", payload);
 	let token = entities::token::Entity::find().filter(
 		entities::token::Column::AccessToken.eq(payload.accessToken)
-	).one(&state.db).await.unwrap();
+	).one(&state.db).await.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
 
 	if let Some(_t) = token {
-		StatusCode::NO_CONTENT
+		Ok(StatusCode::NO_CONTENT)
 	} else {
 		warn!(target: "AUTH", "[VALIDATE] invalid token!");
-		StatusCode::UNAUTHORIZED
+		Err(StatusCode::UNAUTHORIZED)
 	}
 }
 
@@ -25,12 +25,16 @@ pub async fn refresh(State(state): State<AppState>, Json(payload): Json<proto::R
 	info!(target: "AUTH", "[REFRESH] called with {:?}", payload);
 	let token = entities::token::Entity::find().filter(
 		entities::token::Column::AccessToken.eq(payload.accessToken.clone())
-	).one(&state.db).await.unwrap();
+	).one(&state.db).await
+		.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 
 	if let Some(t) = token {
 		// TODO if user requests profile, fetch it and include it
-		let user = entities::user::Entity::find_by_id(t.user_id).one(&state.db).await.unwrap().unwrap();
-		entities::token::Entity::delete_by_id(t.id).exec(&state.db).await.unwrap();
+		let user = entities::user::Entity::find_by_id(t.user_id).one(&state.db).await
+			.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?
+			.ok_or((StatusCode::NOT_FOUND, proto::Error::simple("no user owns this token").json()))?;
+		entities::token::Entity::delete_by_id(t.id).exec(&state.db).await
+			.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 		let new_access_token = Uuid::new_v4(); // TODO same as with authenticate
 		entities::token::Entity::insert(
 			entities::token::ActiveModel{
@@ -39,7 +43,8 @@ pub async fn refresh(State(state): State<AppState>, Json(payload): Json<proto::R
 				created_at: Set(Utc::now()),
 				user_id: Set(t.user_id),
 			}
-		).exec(&state.db).await.unwrap();
+		).exec(&state.db).await
+			.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 		let response = proto::RefreshResponse {
 			accessToken: new_access_token.to_string(),
 			clientToken: payload.clientToken,
@@ -53,17 +58,18 @@ pub async fn refresh(State(state): State<AppState>, Json(payload): Json<proto::R
 	}
 }
 
-pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<proto::AuthenticateRequest>) -> Result<Json<proto::AuthenticateResponse>, StatusCode> {
+pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<proto::AuthenticateRequest>) -> proto::Response<proto::AuthenticateResponse> {
 	info!(target: "AUTH", "[AUTHENTICATE] called with {:?}", payload);
 	let user = entities::user::Entity::find().filter(
 		entities::user::Column::Name.eq(payload.username)
-	).one(&state.db).await.unwrap();
+	).one(&state.db).await
+		.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 
 	if let Some(u) = user {
 		if payload.password == u.password {
 			let s = entities::property::Entity::find().filter(
 				entities::property::Column::UserId.eq(u.id)
-			).one(&state.db).await.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+			).one(&state.db).await.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 			let skin = match s {
 				Some(s) => proto::Property::from(s),
 				None    => proto::Property::default_skin(),
@@ -75,7 +81,8 @@ pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<pro
 				user_id: Set(u.id),
 				access_token: Set(access_token.clone()),
 				created_at: Set(Utc::now()),
-			}).exec(&state.db).await.unwrap();
+			}).exec(&state.db).await
+				.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 			let client_token = payload.clientToken.unwrap_or(Uuid::new_v4().to_string());
 			let profile = proto::Profile {
 				name: u.name.clone(),
@@ -91,9 +98,9 @@ pub async fn authenticate(State(state): State<AppState>, Json(payload): Json<pro
 			info!(target: "AUTH", "[AUTHENTICATE] answering with {:?}", response);
 			Ok(Json(response))
 		} else {
-			Err(StatusCode::UNAUTHORIZED)
+			Err((StatusCode::UNAUTHORIZED, proto::Error::simple("password mismatch").json()))
 		}
 	} else {
-		Err(StatusCode::NOT_FOUND)
+		Err((StatusCode::NOT_FOUND, proto::Error::simple("user not found").json()))
 	}
 }
diff --git a/src/routes/session.rs b/src/routes/session.rs
index 94f3bda..fe92008 100644
--- a/src/routes/session.rs
+++ b/src/routes/session.rs
@@ -9,23 +9,26 @@ use uuid::Uuid;
 use crate::{AppState, proto, JoinAttempt, entities};
 
 
-pub async fn join(State(state): State<AppState>, Json(payload): Json<proto::JoinRequest>) -> StatusCode {
+pub async fn join(State(state): State<AppState>, Json(payload): Json<proto::JoinRequest>) -> proto::Response<()> {
 	info!(target: "SESSION", "[JOIN] called with {:?}", payload);
 	let user = entities::user::Entity::find().filter(
 		entities::user::Column::Uuid.eq(payload.selectedProfile)
-	).one(&state.db).await.unwrap().unwrap();
+	).one(&state.db).await
+		.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?
+		.ok_or((StatusCode::NOT_FOUND, proto::Error::simple("user not found").json()))?;
 
 	let tokens = entities::token::Entity::find().filter(
 		entities::token::Column::UserId.eq(user.id)
-	).all(&state.db).await.unwrap();
+	).all(&state.db).await
+		.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, proto::Error::simple("db error").json()))?;
 
 	if tokens.iter().any(|x| x.access_token == payload.accessToken) {
 		state.store.lock().await.insert(payload.selectedProfile, JoinAttempt::new(payload.serverId.clone()));
 		info!(target: "SESSION", "[JOIN] user {} has joined server {}", payload.selectedProfile, payload.serverId);
-		StatusCode::OK
+		Ok(Json(()))
 	} else {
 		warn!(target: "SESSION", "[JOIN] user {} attempted to join server {} without a valid token ({})", payload.selectedProfile, payload.serverId, payload.accessToken);
-		StatusCode::UNAUTHORIZED
+		Err((StatusCode::UNAUTHORIZED, proto::Error::simple("invalid access token").json()))
 	}
 }
 
@@ -62,7 +65,7 @@ pub async fn has_joined_local(state: &AppState, username: &String, server_id: &S
 
 	let user = entities::user::Entity::find().filter(
 		entities::user::Column::Name.eq(username.clone())
-	).one(&state.db).await.unwrap();
+	).one(&state.db).await.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
 
 	match user {
 		Some(user) => {