Plume/Plume
9
18
Bifurcation 24
Code Tickets 177 Demandes d'ajout 8 Publications 8 Wiki Activité

Store password reset requests in database #610

Fusionnée
rfwatson a fusionné 4 révision(s) à partir de feature/persist_password_reset vers master 2019-06-04 18:55:18 +00:00
Discussion 3 Révisions 4 Fichiers Modifiés 9 +238 -75
rfwatson a commenté 2019-06-02 13:59:38 +00:00. (Migré de github.com)
Copier le lien

Had a go at closing #600.

New to lots of stuff here (Rust, Diesel, Rocket, Plume...) so all feedback appreciated.

TODO

  • SQLite migrations
  • resolve inline TODOs
  • integration tests?
  • fix CI issues
Had a go at closing #600. New to lots of stuff here (Rust, Diesel, Rocket, Plume...) so all feedback appreciated. ## TODO * [x] SQLite migrations * [x] resolve inline TODOs * [ ] integration tests? * [x] fix CI issues
👍 1 ❤️ 1
rfwatson (Migré de github.com) a évalué cette demande d’ajout 2019-06-02 14:01:14 +00:00
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
rfwatson (Migré de github.com) a commenté 2019-06-02 14:01:14 +00:00.
Copier le lien

The logic to detect an expired token is private to the model now. Not sure how important having a specific error is. We could maybe return a custom Diesel error?

The logic to detect an expired token is private to the model now. Not sure how important having a specific error is. We could maybe return a custom Diesel error?
rfwatson (Migré de github.com) a évalué cette demande d’ajout 2019-06-02 14:10:29 +00:00
plume-models/src/password_reset_requests.rs
rfwatson (Migré de github.com) a commenté 2019-06-02 14:10:29 +00:00.
Copier le lien

It would be good to test that old password reset requests are ignored.

The simplest way I can think of would be to insert a record, and then update its creation_date with some raw SQL in the test. It feels pretty dirty though. Better ideas appreciated.

It would be good to test that old password reset requests are [ignored](https://github.com/Plume-org/Plume/pull/610/files#diff-a248869f1983a92462c39c8b2ea8a66eR44). The simplest way I can think of would be to insert a record, and then update its `creation_date` with some raw SQL in the test. It feels pretty dirty though. Better ideas appreciated.
elegaanz (Migré de github.com) a évalué cette demande d’ajout 2019-06-02 16:33:19 +00:00
elegaanz (Migré de github.com) a laissé un commentaire
Copier le lien

What you did so far looks great! Thank you for helping with that.

What you did so far looks great! Thank you for helping with that.
plume-models/src/password_reset_requests.rs
elegaanz (Migré de github.com) a commenté 2019-06-02 16:27:10 +00:00.
Copier le lien

thread::sleep(2 * 60 * 60 * 1000)

More seriously, I think you can pass tuples to diesel::insert_into(...).values(), like:

diesel::insert_into(password_reset_requests::table)
    .values((
        password_reset_requests::email.eq("foo@bar.org"),
        password_reset_requests::token.eq("aaaaaaaaa"),
        password_reset_requests::creation_date.eq(now - 3.hours()),
    ))

You can probably use it instead of PasswordResetRequest::insert in this test.

~~`thread::sleep(2 * 60 * 60 * 1000)`~~ More seriously, I think you can pass tuples to `diesel::insert_into(...).values()`, like: ```rust diesel::insert_into(password_reset_requests::table) .values(( password_reset_requests::email.eq("foo@bar.org"), password_reset_requests::token.eq("aaaaaaaaa"), password_reset_requests::creation_date.eq(now - 3.hours()), )) ``` You can probably use it instead of `PasswordResetRequest::insert` in this test.
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
elegaanz (Migré de github.com) a commenté 2019-06-02 16:32:01 +00:00.
Copier le lien

Maybe, instead of mapping the error to to_validation, you could have a closure that returns the specific error that was previously returned?

Maybe, instead of mapping the error to `to_validation`, you could have a closure that returns the specific error that was previously returned?
codecov[bot] a commenté 2019-06-04 07:59:46 +00:00. (Migré de github.com)
Copier le lien

Codecov Report

No coverage uploaded for pull request base (master@b2312d7). Click here to learn what that means.
The diff coverage is 66.94%.

@@            Coverage Diff            @@
##             master     #610   +/-   ##
=========================================
  Coverage          ?   35.31%           
=========================================
  Files             ?       68           
  Lines             ?     7907           
  Branches          ?     1893           
=========================================
  Hits              ?     2792           
  Misses            ?     4345           
  Partials          ?      770
# [Codecov](https://codecov.io/gh/Plume-org/Plume/pull/610?src=pr&el=h1) Report > :exclamation: No coverage uploaded for pull request base (`master@b2312d7`). [Click here to learn what that means](https://docs.codecov.io/docs/error-reference#section-missing-base-commit). > The diff coverage is `66.94%`. ```diff @@ Coverage Diff @@ ## master #610 +/- ## ========================================= Coverage ? 35.31% ========================================= Files ? 68 Lines ? 7907 Branches ? 1893 ========================================= Hits ? 2792 Misses ? 4345 Partials ? 770 ```
rfwatson (Migré de github.com) a évalué cette demande d’ajout 2019-06-04 17:55:40 +00:00
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
rfwatson (Migré de github.com) a commenté 2019-06-04 17:55:40 +00:00.
Copier le lien

I ended up adding a new Expired error variant - it felt generic enough to be useful elsewhere in the app too. Happy to iterate on this more if it doesn't feel like a good approach though.

I ended up adding a new `Expired` error variant - it felt generic enough to be useful elsewhere in the app too. Happy to iterate on this more if it doesn't feel like a good approach though.
rfwatson a commenté 2019-06-04 18:06:09 +00:00. (Migré de github.com)
Copier le lien

Pretty happy with this now. Still a couple of CI failures but they look random to me

Pretty happy with this now. Still a couple of CI failures but they look random to me
👍 1
elegaanz a commenté 2019-06-04 18:13:11 +00:00. (Migré de github.com)
Copier le lien

Yes the CI fails sometimes because it doesn't have enough memory to build…

Yes the CI fails sometimes because it doesn't have enough memory to build…
elegaanz (Migré de github.com) a approuvé ces modifications 2019-06-04 18:55:05 +00:00
elegaanz (Migré de github.com) a laissé un commentaire
Copier le lien

Everything seems to work fine. Thank you! 😊

Everything seems to work fine. Thank you! :blush:
Connectez-vous pour rejoindre cette conversation.
Évaluateurs
Sans évaluateur
elegaanz
Labels
Effacer les labels   
A: API

Related to the REST API

  
A: Backend

Code running on the server

  
A: Federation

Stuff related to Federation

  
A: Front-End

Related to the front-end

  
A: I18N

Translations, and related code

  
A: Meta

More about project management or code than the project itself

  
A: Security

   
Build

The building, or installation process of Plume

  
C: Bug

Something isn't working

  
C: Discussion

We need to talk

  
C: Enhancement

New feature or request

  
C: Feature

This is a new feature

  
Compatibility

Compatibility with different browsers, readers and OS

  
Dependency

Related to an external package that Plume uses

  
Design

UI/UX related issues and PRs

  
Documentation

   
Good first issue

Good for newcomers

  
Help welcome

Extra attention is needed

  
Mobile

Issues affecting only mobile UX

  
Rendering

How elements're rendered out for the end user

  
S: Blocked

Something else needs to be fixed first

  
S: Duplicate

This issue or pull request already exists

  
S: Incomplete

This PR is not complete yet

  
S: Instance specific

Issues concern a limited number of instances

  
S: Invalid

This doesn't seem right

  
S: Needs Voting/Discussion

Need to be discussed by the community (on Loomio)

  
S: Ready for review

This PR is ready to be reviewed

  
Suggestion

Proposed ideas worth considering

  
S: Voted on Loomio

This is issue has been created after a vote on Loomio

  
S: Wontfix

This will not be worked on

Sans labels
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
Jalon
Effacer le jalon
Pas d'élément
Sans jalon
Projets
Effacer les projets
Pas d'élément
Sans projet
Assignés
Supprimer les affectations
Sans assignation
1 participant
Notifications
Échéance
La date d’échéance est invalide ou hors plage. Veuillez utiliser le format "aaaa-mm-dd".

Aucune échéance n'a été définie.

Dépendances

Aucune dépendance définie.

Référence : Plume/Plume#610
Sans contenu.
Supprimer la branche "feature/persist_password_reset"

La suppression d’une branche est permanente. Bien qu’une branche supprimée puisse temporairement subsister, elle NE PEUT PAS être facilement restaurée. Continuer ?