moved pow to independent module

src/api/v1/pow/get_config.rs

@@ -0,0 +1,183 @@
+/*
+* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License as
+* published by the Free Software Foundation, either version 3 of the
+* License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+use actix::prelude::*;
+use actix_web::{post, web, HttpResponse, Responder};
+use m_captcha::{defense::LevelBuilder, master::AddSiteBuilder, DefenseBuilder, MCaptchaBuilder};
+use serde::{Deserialize, Serialize};
+
+use super::GetDurationResp;
+use super::I32Levels;
+use crate::errors::*;
+use crate::Data;
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct PoWConfig {
+    pub name: String,
+    pub domain: String,
+}
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct GetConfigPayload {
+    pub key: String,
+}
+
+// API keys are mcaptcha actor names
+
+#[post("/api/v1/mcaptcha/pow/config")]
+pub async fn get_config(
+    payload: web::Json<GetConfigPayload>,
+    data: web::Data<Data>,
+) -> ServiceResult<impl Responder> {
+    let res = sqlx::query!(
+        "SELECT EXISTS (SELECT 1 from mcaptcha_config WHERE key = $1)",
+        &payload.key,
+    )
+    .fetch_one(&data.db)
+    .await?;
+
+    if res.exists.is_none() {
+        return Err(ServiceError::TokenNotFound);
+    }
+    let payload = payload.into_inner();
+    match res.exists {
+        Some(true) => {
+            ();
+            match data.captcha.get_pow(payload.key.clone()).await {
+                Some(config) => Ok(HttpResponse::Ok().json(config)),
+                None => {
+                    init_mcaptcha(&data, &payload.key).await?;
+                    let config = data
+                        .captcha
+                        .get_pow(payload.key)
+                        .await
+                        .expect("mcaptcha should be initialized and ready to go");
+                    Ok(HttpResponse::Ok().json(config))
+                }
+            }
+        }
+
+        Some(false) => Err(ServiceError::TokenNotFound),
+        None => Err(ServiceError::TokenNotFound),
+    }
+}
+
+async fn init_mcaptcha(data: &Data, key: &str) -> ServiceResult<()> {
+    // get levels
+    let levels_fut = sqlx::query_as!(
+        I32Levels,
+        "SELECT difficulty_factor, visitor_threshold FROM mcaptcha_levels  WHERE
+            config_id = (
+                SELECT config_id FROM mcaptcha_config WHERE key = ($1)
+                );",
+        &key,
+    )
+    .fetch_all(&data.db);
+    // get duration
+    let duration_fut = sqlx::query_as!(
+        GetDurationResp,
+        "SELECT duration FROM mcaptcha_config  
+        WHERE key = $1",
+        &key,
+    )
+    .fetch_one(&data.db);
+    //let (levels, duration) = futures::try_join!(levels_fut, duration_fut).await?;
+    let (levels, duration) = futures::try_join!(levels_fut, duration_fut)?;
+
+    // build defense
+    let mut defense = DefenseBuilder::default();
+
+    for level in levels.iter() {
+        let level = LevelBuilder::default()
+            .visitor_threshold(level.visitor_threshold as u32)
+            .difficulty_factor(level.difficulty_factor as u32)
+            .unwrap()
+            .build()
+            .unwrap();
+        defense.add_level(level).unwrap();
+    }
+
+    let defense = defense.build()?;
+
+    // create captcha
+    let mcaptcha = MCaptchaBuilder::default()
+        .defense(defense)
+        // leaky bucket algorithm's emission interval
+        .duration(duration.duration as u64)
+        //   .cache(cache)
+        .build()
+        .unwrap()
+        .start();
+
+    // add captcha to master
+    let msg = AddSiteBuilder::default()
+        .id(key.into())
+        .addr(mcaptcha.clone())
+        .build()
+        .unwrap();
+    data.captcha.master.send(msg).await.unwrap();
+
+    Ok(())
+}
+
+#[cfg(test)]
+mod tests {
+    use actix_web::http::{header, StatusCode};
+    use actix_web::test;
+    use m_captcha::pow::PoWConfig;
+
+    use super::*;
+    use crate::api::v1::services as v1_services;
+    use crate::tests::*;
+    use crate::*;
+
+    #[actix_rt::test]
+    async fn get_pow_config_works() {
+        const NAME: &str = "powusrworks";
+        const PASSWORD: &str = "testingpas";
+        const EMAIL: &str = "randomuser@a.com";
+        const GET_URL: &str = "/api/v1/mcaptcha/pow/config";
+        //        const UPDATE_URL: &str = "/api/v1/mcaptcha/domain/token/duration/update";
+
+        {
+            let data = Data::new().await;
+            delete_user(NAME, &data).await;
+        }
+
+        register_and_signin(NAME, EMAIL, PASSWORD).await;
+        let (data, _, signin_resp, token_key) = add_levels_util(NAME, PASSWORD).await;
+        let cookies = get_cookie!(signin_resp);
+        let mut app = get_app!(data).await;
+
+        let get_config_payload = GetConfigPayload {
+            key: token_key.key.clone(),
+        };
+
+        // update and check changes
+
+        let get_config_resp = test::call_service(
+            &mut app,
+            post_request!(&get_config_payload, GET_URL)
+                .cookie(cookies.clone())
+                .to_request(),
+        )
+        .await;
+        assert_eq!(get_config_resp.status(), StatusCode::OK);
+        let config: PoWConfig = test::read_body_json(get_config_resp).await;
+        assert_eq!(config.difficulty_factor, L1.difficulty_factor);
+    }
+}

src/api/v1/pow/mod.rs

@@ -0,0 +1,24 @@
+/*
+* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License as
+* published by the Free Software Foundation, either version 3 of the
+* License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+pub mod get_config;
+pub mod verify_pow;
+pub mod verify_token;
+
+pub use super::mcaptcha::duration::GetDurationResp;
+pub use super::mcaptcha::is_authenticated;
+pub use super::mcaptcha::levels::I32Levels;

src/api/v1/pow/verify_pow.rs

@@ -0,0 +1,129 @@
+/*
+* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License as
+* published by the Free Software Foundation, either version 3 of the
+* License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+use actix_web::{post, web, HttpResponse, Responder};
+use m_captcha::pow::Work;
+use serde::{Deserialize, Serialize};
+
+use crate::errors::*;
+use crate::Data;
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct ValidationToken {
+    pub token: String,
+}
+
+// API keys are mcaptcha actor names
+
+#[post("/api/v1/mcaptcha/pow/verify")]
+pub async fn verify_pow(
+    payload: web::Json<Work>,
+    data: web::Data<Data>,
+) -> ServiceResult<impl Responder> {
+    let res = data.captcha.verify_pow(payload.into_inner()).await?;
+    let payload = ValidationToken { token: res };
+    Ok(HttpResponse::Ok().json(payload))
+}
+
+#[cfg(test)]
+mod tests {
+    use actix_web::http::{header, StatusCode};
+    use actix_web::test;
+    use m_captcha::pow::PoWConfig;
+
+    use super::*;
+    use crate::api::v1::pow::get_config::GetConfigPayload;
+    use crate::api::v1::services as v1_services;
+    use crate::tests::*;
+    use crate::*;
+
+    #[actix_rt::test]
+    async fn verify_pow_works() {
+        const NAME: &str = "powverifyusr";
+        const PASSWORD: &str = "testingpas";
+        const EMAIL: &str = "verifyuser@a.com";
+        const VERIFY_URL: &str = "/api/v1/mcaptcha/pow/verify";
+        const GET_URL: &str = "/api/v1/mcaptcha/pow/config";
+        //        const UPDATE_URL: &str = "/api/v1/mcaptcha/domain/token/duration/update";
+
+        {
+            let data = Data::new().await;
+            delete_user(NAME, &data).await;
+        }
+
+        register_and_signin(NAME, EMAIL, PASSWORD).await;
+        let (data, _, _signin_resp, token_key) = add_levels_util(NAME, PASSWORD).await;
+        let mut app = get_app!(data).await;
+
+        let get_config_payload = GetConfigPayload {
+            key: token_key.key.clone(),
+        };
+
+        // update and check changes
+
+        let get_config_resp = test::call_service(
+            &mut app,
+            post_request!(&get_config_payload, GET_URL).to_request(),
+        )
+        .await;
+        assert_eq!(get_config_resp.status(), StatusCode::OK);
+        let config: PoWConfig = test::read_body_json(get_config_resp).await;
+
+        let pow = pow_sha256::ConfigBuilder::default()
+            .salt(config.salt)
+            .build()
+            .unwrap();
+        let work = pow
+            .prove_work(&config.string.clone(), config.difficulty_factor)
+            .unwrap();
+
+        let work = Work {
+            string: config.string.clone(),
+            result: work.result,
+            nonce: work.nonce,
+            key: token_key.key.clone(),
+        };
+
+        let pow_verify_resp =
+            test::call_service(&mut app, post_request!(&work, VERIFY_URL).to_request()).await;
+        assert_eq!(pow_verify_resp.status(), StatusCode::OK);
+
+        let string_not_found =
+            test::call_service(&mut app, post_request!(&work, VERIFY_URL).to_request()).await;
+        assert_eq!(string_not_found.status(), StatusCode::BAD_REQUEST);
+        let err: ErrorToResponse = test::read_body_json(string_not_found).await;
+        assert_eq!(
+            err.error,
+            format!(
+                "{}",
+                ServiceError::CaptchaError(m_captcha::errors::CaptchaError::StringNotFound)
+            )
+        );
+
+        let pow_config_resp = test::call_service(
+            &mut app,
+            post_request!(&get_config_payload, GET_URL).to_request(),
+        )
+        .await;
+        assert_eq!(pow_config_resp.status(), StatusCode::OK);
+        // I'm not checking for errors because changing work.result triggered
+        // InssuficientDifficulty, which is possible becuase m_captcha calculates
+        // difficulty with the submitted result. Besides, this endpoint is merely
+        // propagating errors from m_captcha and m_captcha has tests covering the
+        // pow aspects ¯\_(ツ)_/¯
+    }
+}

src/api/v1/pow/verify_token.rs

@@ -0,0 +1,153 @@
+/*
+* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License as
+* published by the Free Software Foundation, either version 3 of the
+* License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+use actix_web::{post, web, HttpResponse, Responder};
+use m_captcha::cache::messages::VerifyCaptchaResult;
+use serde::{Deserialize, Serialize};
+
+use crate::errors::*;
+use crate::Data;
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct CaptchaValidateResp {
+    pub valid: bool,
+}
+
+// API keys are mcaptcha actor names
+
+#[post("/api/v1/siteverify")]
+pub async fn validate_captcha_token(
+    payload: web::Json<VerifyCaptchaResult>,
+    data: web::Data<Data>,
+) -> ServiceResult<impl Responder> {
+    let res = data
+        .captcha
+        .validate_verification_tokens(payload.into_inner())
+        .await?;
+    let payload = CaptchaValidateResp { valid: res };
+    println!("{:?}", &payload);
+    Ok(HttpResponse::Ok().json(payload))
+}
+
+#[cfg(test)]
+mod tests {
+    use actix_web::http::{header, StatusCode};
+    use actix_web::test;
+    use m_captcha::pow::PoWConfig;
+    use m_captcha::pow::Work;
+
+    use super::*;
+    use crate::api::v1::pow::get_config::GetConfigPayload;
+    use crate::api::v1::pow::verify_pow::ValidationToken;
+    use crate::api::v1::services as v1_services;
+    use crate::tests::*;
+    use crate::*;
+
+    #[actix_rt::test]
+    async fn validate_captcha_token_works() {
+        const NAME: &str = "enterprisetken";
+        const PASSWORD: &str = "testingpas";
+        const EMAIL: &str = "verifyuser@enter.com";
+        const VERIFY_CAPTCHA_URL: &str = "/api/v1/mcaptcha/pow/verify";
+        const GET_URL: &str = "/api/v1/mcaptcha/pow/config";
+        const VERIFY_TOKEN_URL: &str = "/api/v1/siteverify";
+        //        const UPDATE_URL: &str = "/api/v1/mcaptcha/domain/token/duration/update";
+
+        {
+            let data = Data::new().await;
+            delete_user(NAME, &data).await;
+        }
+
+        register_and_signin(NAME, EMAIL, PASSWORD).await;
+        let (data, _, _signin_resp, token_key) = add_levels_util(NAME, PASSWORD).await;
+        let mut app = get_app!(data).await;
+
+        let get_config_payload = GetConfigPayload {
+            key: token_key.key.clone(),
+        };
+
+        // update and check changes
+
+        let get_config_resp = test::call_service(
+            &mut app,
+            post_request!(&get_config_payload, GET_URL).to_request(),
+        )
+        .await;
+        assert_eq!(get_config_resp.status(), StatusCode::OK);
+        let config: PoWConfig = test::read_body_json(get_config_resp).await;
+
+        let pow = pow_sha256::ConfigBuilder::default()
+            .salt(config.salt)
+            .build()
+            .unwrap();
+        let work = pow
+            .prove_work(&config.string.clone(), config.difficulty_factor)
+            .unwrap();
+
+        let work = Work {
+            string: config.string.clone(),
+            result: work.result,
+            nonce: work.nonce,
+            key: token_key.key.clone(),
+        };
+
+        let pow_verify_resp = test::call_service(
+            &mut app,
+            post_request!(&work, VERIFY_CAPTCHA_URL).to_request(),
+        )
+        .await;
+        assert_eq!(pow_verify_resp.status(), StatusCode::OK);
+        let client_token: ValidationToken = test::read_body_json(pow_verify_resp).await;
+
+        let validate_payload = VerifyCaptchaResult {
+            token: client_token.token.clone(),
+            key: token_key.key.clone(),
+        };
+
+        let validate_client_token = test::call_service(
+            &mut app,
+            post_request!(&validate_payload, VERIFY_TOKEN_URL).to_request(),
+        )
+        .await;
+        assert_eq!(validate_client_token.status(), StatusCode::OK);
+        let resp: CaptchaValidateResp = test::read_body_json(validate_client_token).await;
+        assert!(resp.valid);
+
+        // string not found
+        let string_not_found = test::call_service(
+            &mut app,
+            post_request!(&validate_payload, VERIFY_TOKEN_URL).to_request(),
+        )
+        .await;
+        let resp: CaptchaValidateResp = test::read_body_json(string_not_found).await;
+        assert!(!resp.valid);
+
+        let validate_payload = VerifyCaptchaResult {
+            token: client_token.token.clone(),
+            key: client_token.token.clone(),
+        };
+
+        // key not found
+        let key_not_found = test::call_service(
+            &mut app,
+            post_request!(&validate_payload, VERIFY_TOKEN_URL).to_request(),
+        )
+        .await;
+        let resp: CaptchaValidateResp = test::read_body_json(key_not_found).await;
+        assert!(!resp.valid);
+    }
+}