Implement lightweight auth system with SQLite
Added SQLite database for session management and user preferences storage, allowing users to have consistent settings across different sessions and devices. Backend changes: - Added SQLite database with users, sessions, and preferences tables - Implemented session-based authentication alongside JWT tokens - Created preference storage/retrieval API endpoints - Database migrations for schema setup - Session validation and cleanup functionality Frontend changes: - Added "Remember server" and "Remember username" checkboxes to login - Created preferences service for syncing settings with backend - Updated auth flow to handle session tokens and preferences - Store remembered values in LocalStorage (not database) for convenience Key features: - User preferences persist across sessions and devices - CalDAV passwords never stored, only passed through - Sessions expire after 24 hours - Remember checkboxes only affect local browser storage 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Connor Johnstone
@@ -1,10 +1,12 @@
|
||||
use chrono::{Duration, Utc};
|
||||
use jsonwebtoken::{decode, encode, Algorithm, DecodingKey, EncodingKey, Header, Validation};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::calendar::CalDAVClient;
|
||||
use crate::config::CalDAVConfig;
|
||||
use crate::models::{ApiError, AuthResponse, CalDAVLoginRequest};
|
||||
use crate::db::{Database, PreferencesRepository, Session, SessionRepository, UserRepository};
|
||||
use crate::models::{ApiError, AuthResponse, CalDAVLoginRequest, UserPreferencesResponse};
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct Claims {
|
||||
@@ -17,11 +19,12 @@ pub struct Claims {
|
||||
#[derive(Clone)]
|
||||
pub struct AuthService {
|
||||
jwt_secret: String,
|
||||
db: Database,
|
||||
}
|
||||
|
||||
impl AuthService {
|
||||
pub fn new(jwt_secret: String) -> Self {
|
||||
Self { jwt_secret }
|
||||
pub fn new(jwt_secret: String, db: Database) -> Self {
|
||||
Self { jwt_secret, db }
|
||||
}
|
||||
|
||||
/// Authenticate user directly against CalDAV server
|
||||
@@ -49,13 +52,47 @@ impl AuthService {
|
||||
"✅ Authentication successful! Found {} calendars",
|
||||
calendars.len()
|
||||
);
|
||||
// Authentication successful, generate JWT token
|
||||
let token = self.generate_token(&request.username, &request.server_url)?;
|
||||
|
||||
|
||||
// Find or create user in database
|
||||
let user_repo = UserRepository::new(&self.db);
|
||||
let user = user_repo
|
||||
.find_or_create(&request.username, &request.server_url)
|
||||
.await
|
||||
.map_err(|e| ApiError::Database(format!("Failed to create user: {}", e)))?;
|
||||
|
||||
// Generate JWT token
|
||||
let jwt_token = self.generate_token(&request.username, &request.server_url)?;
|
||||
|
||||
// Generate session token
|
||||
let session_token = format!("sess_{}", Uuid::new_v4());
|
||||
|
||||
// Create session in database
|
||||
let session = Session::new(user.id.clone(), session_token.clone(), 24);
|
||||
let session_repo = SessionRepository::new(&self.db);
|
||||
session_repo
|
||||
.create(&session)
|
||||
.await
|
||||
.map_err(|e| ApiError::Database(format!("Failed to create session: {}", e)))?;
|
||||
|
||||
// Get or create user preferences
|
||||
let prefs_repo = PreferencesRepository::new(&self.db);
|
||||
let preferences = prefs_repo
|
||||
.get_or_create(&user.id)
|
||||
.await
|
||||
.map_err(|e| ApiError::Database(format!("Failed to get preferences: {}", e)))?;
|
||||
|
||||
Ok(AuthResponse {
|
||||
token,
|
||||
token: jwt_token,
|
||||
session_token,
|
||||
username: request.username,
|
||||
server_url: request.server_url,
|
||||
preferences: UserPreferencesResponse {
|
||||
calendar_selected_date: preferences.calendar_selected_date,
|
||||
calendar_time_increment: preferences.calendar_time_increment,
|
||||
calendar_view_mode: preferences.calendar_view_mode,
|
||||
calendar_theme: preferences.calendar_theme,
|
||||
calendar_colors: preferences.calendar_colors,
|
||||
},
|
||||
})
|
||||
}
|
||||
Err(err) => {
|
||||
@@ -143,4 +180,33 @@ impl AuthService {
|
||||
|
||||
Ok(token_data.claims)
|
||||
}
|
||||
|
||||
/// Validate session token
|
||||
pub async fn validate_session(&self, session_token: &str) -> Result<String, ApiError> {
|
||||
let session_repo = SessionRepository::new(&self.db);
|
||||
|
||||
let session = session_repo
|
||||
.find_by_token(session_token)
|
||||
.await
|
||||
.map_err(|e| ApiError::Database(format!("Failed to find session: {}", e)))?
|
||||
.ok_or_else(|| ApiError::Unauthorized("Invalid session token".to_string()))?;
|
||||
|
||||
if session.is_expired() {
|
||||
return Err(ApiError::Unauthorized("Session expired".to_string()));
|
||||
}
|
||||
|
||||
Ok(session.user_id)
|
||||
}
|
||||
|
||||
/// Logout user by deleting session
|
||||
pub async fn logout(&self, session_token: &str) -> Result<(), ApiError> {
|
||||
let session_repo = SessionRepository::new(&self.db);
|
||||
|
||||
session_repo
|
||||
.delete(session_token)
|
||||
.await
|
||||
.map_err(|e| ApiError::Database(format!("Failed to delete session: {}", e)))?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user