Fix broken get user query, because it's broken with query_as! macro

sqlx-data.json

@@ -60,30 +60,6 @@
       ]
     }
   },
-  "64e137107139c56a43f7041db933671c210df4fa5110fe481d191fd63b2d3aeb": {
-    "query": "SELECT user_id, password FROM accounts\n               WHERE user_id = ?",
-    "describe": {
-      "columns": [
-        {
-          "name": "user_id",
-          "ordinal": 0,
-          "type_info": "Text"
-        },
-        {
-          "name": "password",
-          "ordinal": 1,
-          "type_info": "Text"
-        }
-      ],
-      "parameters": {
-        "Right": 1
-      },
-      "nullable": [
-        false,
-        false
-      ]
-    }
-  },
   "711d222911c1258365a6a0de1fe00eeec4686fd3589e976e225ad599e7cfc75d": {
     "query": "SELECT count(*) as \"count: i32\" FROM user_variables\n               WHERE room_id = ? and user_id = ?",
     "describe": {
@@ -102,66 +78,6 @@
       ]
     }
   },
-  "7248c8ae30bbe4bc5866e80cc277312c7f8cb9af5a8801fd8eaf178fd99eae18": {
-    "query": "SELECT room_id FROM room_users\n               WHERE username = ?",
-    "describe": {
-      "columns": [
-        {
-          "name": "room_id",
-          "ordinal": 0,
-          "type_info": "Text"
-        }
-      ],
-      "parameters": {
-        "Right": 1
-      },
-      "nullable": [
-        false
-      ]
-    }
-  },
-  "97f5d58f62baca51efd8c295ca6737d1240923c69c973621cd0a718ac9eed99f": {
-    "query": "SELECT room_id, room_name FROM room_info\n               WHERE room_id = ?",
-    "describe": {
-      "columns": [
-        {
-          "name": "room_id",
-          "ordinal": 0,
-          "type_info": "Text"
-        },
-        {
-          "name": "room_name",
-          "ordinal": 1,
-          "type_info": "Text"
-        }
-      ],
-      "parameters": {
-        "Right": 1
-      },
-      "nullable": [
-        false,
-        false
-      ]
-    }
-  },
-  "b302d586e5ac4c72c2970361ea5a5936c0b8c6dad10033c626a0ce0404cadb25": {
-    "query": "SELECT username FROM room_users\n                        WHERE room_id = ?",
-    "describe": {
-      "columns": [
-        {
-          "name": "username",
-          "ordinal": 0,
-          "type_info": "Text"
-        }
-      ],
-      "parameters": {
-        "Right": 1
-      },
-      "nullable": [
-        false
-      ]
-    }
-  },
   "bba0fc255e7c30d1d2d9468c68ba38db6e8a13be035aa1152933ba9247b14f8c": {
     "query": "SELECT event_id FROM room_events\n               WHERE room_id = ? AND event_id = ?",
     "describe": {

src/commands/management.rs

@@ -3,7 +3,7 @@ use crate::context::Context;
 use crate::db::Users;
 use crate::error::BotError::{AccountDoesNotExist, AuthenticationError, PasswordCreationError};
 use crate::logic::hash_password;
-use crate::models::User;
+use crate::models::{AccountStatus, User};
 use async_trait::async_trait;
 
 pub struct RegisterCommand(pub String);
@@ -22,7 +22,9 @@ impl Command for RegisterCommand {
         let pw_hash = hash_password(&self.0).map_err(|e| PasswordCreationError(e))?;
         let user = User {
             username: ctx.username.to_owned(),
-            password: pw_hash,
+            password: Some(pw_hash),
+            account_status: AccountStatus::Registered,
+            ..Default::default()
         };
 
         ctx.db.upsert_user(&user).await?;

src/db/sqlite/migrator/migrations/V8__user_state.rs

@@ -0,0 +1,21 @@
+use barrel::backend::Sqlite;
+use barrel::{types, types::Type, Migration};
+
+fn primary_uuid() -> Type {
+    types::text().unique(true).primary(true).nullable(false)
+}
+
+pub fn migration() -> String {
+    let status_enum =
+        r#"CHECK(account_status IN ('not_registered', 'registered', 'awaiting_activation'))"#;
+    let mut m = Migration::new();
+
+    // Keep track of contextual user state.
+    m.create_table("user_state", move |t| {
+        t.add_column("user_id", primary_uuid());
+        t.add_column("active_room", types::text().nullable(true));
+        t.add_column("account_status", types::custom(status_enum).nullable(false));
+    });
+
+    m.make::<Sqlite>()
+}

src/db/sqlite/migrator/migrations/V9__nullable_password.rs

@@ -0,0 +1,21 @@
+use barrel::backend::Sqlite;
+use barrel::{types, types::Type, Migration};
+
+fn primary_uuid() -> Type {
+    types::text().unique(true).primary(true).nullable(false)
+}
+
+pub fn migration() -> String {
+    // sqlite does really support alter column, and barrel does not
+    // implement the required workaround, so we do it ourselves!
+    r#"
+      CREATE TABLE IF NOT EXISTS "accounts2" (
+         "user_id" TEXT PRIMARY KEY NOT NULL UNIQUE,
+         "password" TEXT NULL
+      );
+      INSERT INTO accounts2 select * from accounts;
+      DROP TABLE accounts;
+      ALTER TABLE accounts2 RENAME TO accounts;
+    "#
+    .to_string()
+}

src/db/sqlite/users.rs

@@ -1,8 +1,28 @@
 use super::Database;
 use crate::db::{errors::DataError, Users};
 use crate::error::BotError;
-use crate::models::User;
+use crate::models::{AccountStatus, User};
 use async_trait::async_trait;
+use std::convert::From;
+
+#[derive(Eq, PartialEq, Debug, Default, sqlx::FromRow)]
+struct UserRow {
+    pub username: String,
+    pub password: Option<String>,
+    pub active_room: Option<String>,
+    pub account_status: Option<AccountStatus>,
+}
+
+impl From<UserRow> for User {
+    fn from(row: UserRow) -> Self {
+        User {
+            username: row.username,
+            password: row.password,
+            active_room: row.active_room,
+            account_status: row.account_status.unwrap_or_default(),
+        }
+    }
+}
 
 #[async_trait]
 impl Users for Database {
@@ -30,18 +50,23 @@ impl Users for Database {
     }
 
     async fn get_user(&self, username: &str) -> Result<Option<User>, DataError> {
-        let user_row = sqlx::query!(
-            r#"SELECT user_id, password FROM accounts
-               WHERE user_id = ?"#,
-            username
+        // Should be query_as! macro, but the left join breaks it with a
+        // non existing error message.
+        let user_row: Option<UserRow> = sqlx::query_as(
+            r#"SELECT
+               a.user_id as "username",
+               a.password,
+               s.active_room,
+               s.account_status
+               FROM accounts a
+               LEFT JOIN user_state s on a.user_id = s.user_id
+               WHERE a.user_id = ?"#,
         )
+        .bind(username)
         .fetch_optional(&self.conn)
         .await?;
 
-        Ok(user_row.map(|u| User {
-            username: u.user_id,
-            password: u.password,
-        }))
+        Ok(user_row.map(|r| r.into()))
     }
 
     async fn authenticate_user(
@@ -50,6 +75,10 @@ impl Users for Database {
         raw_password: &str,
     ) -> Result<Option<User>, BotError> {
         let user = self.get_user(username).await?;
+        println!(
+            "user pw is {:?}",
+            user.as_ref().map(|u| u.password.as_ref())
+        );
         Ok(user.filter(|u| u.verify_password(raw_password)))
     }
 }
@@ -60,6 +89,7 @@ mod tests {
     use crate::db::sqlite::Database;
     use crate::db::Users;
 
+    //TODO test selecting user when state doesn't exist.
     async fn create_db() -> Database {
         let db_path = tempfile::NamedTempFile::new_in(".").unwrap();
         crate::db::sqlite::migrator::migrate(db_path.path().to_str().unwrap())

src/models.rs

@@ -7,15 +7,43 @@ pub struct RoomInfo {
     pub room_name: String,
 }
 
-#[derive(Eq, PartialEq, Debug)]
+#[derive(Eq, PartialEq, Debug, sqlx::Type)]
+#[sqlx(rename_all = "snake_case")]
+pub enum AccountStatus {
+    /// User is not registered, which means the "account" only exists
+    /// for state management in the bot. No privileged actions
+    /// possible.
+    NotRegistered,
+
+    /// User account is fully registered, either via Matrix directly,
+    /// or a web UI sign-up.
+    Registered,
+
+    /// Account is awaiting activation with a registration
+    /// code. Account cannot do privileged actions yet.
+    AwaitingActivation,
+}
+
+impl Default for AccountStatus {
+    fn default() -> Self {
+        AccountStatus::NotRegistered
+    }
+}
+
+#[derive(Eq, PartialEq, Debug, Default)]
 pub struct User {
     pub username: String,
-    pub password: String,
+    pub password: Option<String>,
+    pub active_room: Option<String>,
+    pub account_status: AccountStatus,
 }
 
 impl User {
     pub fn verify_password(&self, raw_password: &str) -> bool {
-        argon2::verify_encoded(&self.password, raw_password.as_bytes()).unwrap_or(false)
+        self.password
+            .as_ref()
+            .and_then(|p| argon2::verify_encoded(p, raw_password.as_bytes()).ok())
+            .unwrap_or(false)
     }
 }
 
@@ -26,8 +54,10 @@ mod tests {
     #[test]
     fn verify_password_passes_with_correct_password() {
         let user = User {
-            username: "myuser".to_string(),
-            password: crate::logic::hash_password("mypassword").expect("Password hashing error!"),
+            password: Some(
+                crate::logic::hash_password("mypassword").expect("Password hashing error!"),
+            ),
+            ..Default::default()
         };
 
         assert_eq!(user.verify_password("mypassword"), true);
@@ -36,8 +66,20 @@ mod tests {
     #[test]
     fn verify_password_fails_with_wrong_password() {
         let user = User {
-            username: "myuser".to_string(),
-            password: crate::logic::hash_password("mypassword").expect("Password hashing error!"),
+            password: Some(
+                crate::logic::hash_password("mypassword").expect("Password hashing error!"),
+            ),
+            ..Default::default()
+        };
+
+        assert_eq!(user.verify_password("wrong-password"), false);
+    }
+
+    #[test]
+    fn verify_password_fails_with_no_password() {
+        let user = User {
+            password: None,
+            ..Default::default()
         };
 
         assert_eq!(user.verify_password("wrong-password"), false);