Plume
/
Plume
8
16
Vork 22
Code Kwesties 174 Pull-aanvragen 8 Publicaties 8 Wiki Activiteit

Labels Mijlpalen

Store password reset requests in database #610

Samengevoegd
rfwatson heeft 4 commits samengevoegd van feature/persist_password_reset naar master 5 jaren geleden
Discussie 3 Commits 4 Bestanden gewijzigd 9
rfwatson reageerde 5 jaren geleden (Gemigreerd van github.com)

Had a go at closing #600.

New to lots of stuff here (Rust, Diesel, Rocket, Plume...) so all feedback appreciated.

TODO

  • SQLite migrations
  • resolve inline TODOs
  • integration tests?
  • fix CI issues
Had a go at closing #600. New to lots of stuff here (Rust, Diesel, Rocket, Plume...) so all feedback appreciated. ## TODO * [x] SQLite migrations * [x] resolve inline TODOs * [ ] integration tests? * [x] fix CI issues
👍 1 ❤️ 1
rfwatson (Gemigreerd van github.com) beoordeeld 5 jaren geleden
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
rfwatson (Gemigreerd van github.com) reageerde 5 jaren geleden

The logic to detect an expired token is private to the model now. Not sure how important having a specific error is. We could maybe return a custom Diesel error?

The logic to detect an expired token is private to the model now. Not sure how important having a specific error is. We could maybe return a custom Diesel error?
rfwatson (Gemigreerd van github.com) beoordeeld 5 jaren geleden
plume-models/src/password_reset_requests.rs
rfwatson (Gemigreerd van github.com) reageerde 5 jaren geleden

It would be good to test that old password reset requests are ignored.

The simplest way I can think of would be to insert a record, and then update its creation_date with some raw SQL in the test. It feels pretty dirty though. Better ideas appreciated.

It would be good to test that old password reset requests are [ignored](https://github.com/Plume-org/Plume/pull/610/files#diff-a248869f1983a92462c39c8b2ea8a66eR44). The simplest way I can think of would be to insert a record, and then update its `creation_date` with some raw SQL in the test. It feels pretty dirty though. Better ideas appreciated.
elegaanz (Gemigreerd van github.com) beoordeeld 5 jaren geleden
elegaanz (Gemigreerd van github.com) heeft een reactie achtergelaten

What you did so far looks great! Thank you for helping with that.

What you did so far looks great! Thank you for helping with that.
plume-models/src/password_reset_requests.rs
elegaanz (Gemigreerd van github.com) reageerde 5 jaren geleden

thread::sleep(2 * 60 * 60 * 1000)

More seriously, I think you can pass tuples to diesel::insert_into(...).values(), like:

diesel::insert_into(password_reset_requests::table)
    .values((
        password_reset_requests::email.eq("foo@bar.org"),
        password_reset_requests::token.eq("aaaaaaaaa"),
        password_reset_requests::creation_date.eq(now - 3.hours()),
    ))

You can probably use it instead of PasswordResetRequest::insert in this test.

~~`thread::sleep(2 * 60 * 60 * 1000)`~~ More seriously, I think you can pass tuples to `diesel::insert_into(...).values()`, like: ```rust diesel::insert_into(password_reset_requests::table) .values(( password_reset_requests::email.eq("foo@bar.org"), password_reset_requests::token.eq("aaaaaaaaa"), password_reset_requests::creation_date.eq(now - 3.hours()), )) ``` You can probably use it instead of `PasswordResetRequest::insert` in this test.
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
elegaanz (Gemigreerd van github.com) reageerde 5 jaren geleden

Maybe, instead of mapping the error to to_validation, you could have a closure that returns the specific error that was previously returned?

Maybe, instead of mapping the error to `to_validation`, you could have a closure that returns the specific error that was previously returned?
codecov[bot] reageerde 5 jaren geleden (Gemigreerd van github.com)

Codecov Report

No coverage uploaded for pull request base (master@b2312d7). Click here to learn what that means.
The diff coverage is 66.94%.

@@            Coverage Diff            @@
##             master     #610   +/-   ##
=========================================
  Coverage          ?   35.31%           
=========================================
  Files             ?       68           
  Lines             ?     7907           
  Branches          ?     1893           
=========================================
  Hits              ?     2792           
  Misses            ?     4345           
  Partials          ?      770
# [Codecov](https://codecov.io/gh/Plume-org/Plume/pull/610?src=pr&el=h1) Report > :exclamation: No coverage uploaded for pull request base (`master@b2312d7`). [Click here to learn what that means](https://docs.codecov.io/docs/error-reference#section-missing-base-commit). > The diff coverage is `66.94%`. ```diff @@ Coverage Diff @@ ## master #610 +/- ## ========================================= Coverage ? 35.31% ========================================= Files ? 68 Lines ? 7907 Branches ? 1893 ========================================= Hits ? 2792 Misses ? 4345 Partials ? 770 ```
rfwatson (Gemigreerd van github.com) beoordeeld 5 jaren geleden
src/routes/session.rs
@ -243,4 +223,4 @@
form: Form<NewPasswordForm>,
rockets: PlumeRocket,
) -> Result<Flash<Redirect>, Ructe> {
form.validate()
rfwatson (Gemigreerd van github.com) reageerde 5 jaren geleden

I ended up adding a new Expired error variant - it felt generic enough to be useful elsewhere in the app too. Happy to iterate on this more if it doesn't feel like a good approach though.

I ended up adding a new `Expired` error variant - it felt generic enough to be useful elsewhere in the app too. Happy to iterate on this more if it doesn't feel like a good approach though.
rfwatson reageerde 5 jaren geleden (Gemigreerd van github.com)

Pretty happy with this now. Still a couple of CI failures but they look random to me

Pretty happy with this now. Still a couple of CI failures but they look random to me
👍 1
elegaanz reageerde 5 jaren geleden (Gemigreerd van github.com)

Yes the CI fails sometimes because it doesn't have enough memory to build…

Yes the CI fails sometimes because it doesn't have enough memory to build…
elegaanz (Gemigreerd van github.com) heeft deze veranderingen 5 jaren geleden goedgekeurd
elegaanz (Gemigreerd van github.com) heeft een reactie achtergelaten

Everything seems to work fine. Thank you! 😊

Everything seems to work fine. Thank you! :blush:

Reviewers

elegaanz
De pull request is samengevoegd als 4b205fa995.
Je kunt ook command line instructies bekijken.

Stap 1:

Vanuit het project, check een branch uit en test de veranderingen.
git checkout -b feature/persist_password_reset master
git pull origin feature/persist_password_reset

Stap 2:

Voeg de wijzigingen samen en update ze op Forgejo.
git checkout master
git merge --no-ff feature/persist_password_reset
git push origin master
Log in om deel te nemen aan deze discussie.
Reviewers
Beoordeling aanvragen
Geen beoordelaars
elegaanz
Labels
Labels toepassen
Verwijder labels   
A: API

Related to the REST API   
A: Backend

Code running on the server   
A: Federation

Stuff related to Federation   
A: Front-End

Related to the front-end   
A: I18N

Translations, and related code   
A: Meta

More about project management or code than the project itself   
A: Security
   
Build

The building, or installation process of Plume   
C: Bug

Something isn't working   
C: Discussion

We need to talk   
C: Enhancement

New feature or request   
C: Feature

This is a new feature   
Compatibility

Compatibility with different browsers, readers and OS   
Dependency

Related to an external package that Plume uses   
Design

UI/UX related issues and PRs   
Documentation
   
Good first issue

Good for newcomers   
Help welcome

Extra attention is needed   
Mobile

Issues affecting only mobile UX   
Rendering

How elements're rendered out for the end user   
S: Blocked

Something else needs to be fixed first   
S: Duplicate

This issue or pull request already exists   
S: Incomplete

This PR is not complete yet   
S: Instance specific

Issues concern a limited number of instances   
S: Invalid

This doesn't seem right   
S: Needs Voting/Discussion

Need to be discussed by the community (on Loomio)   
S: Ready for review

This PR is ready to be reviewed   
Suggestion

Proposed ideas worth considering   
S: Voted on Loomio

This is issue has been created after a vote on Loomio   
S: Wontfix

This will not be worked on
Geen label
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
Mijlpaal
Stel mijlpaal in
Verwijder mijlpaal
Geen items
Geen mijlpaal
Toegewezen aan
Gebruikers toewijzen
Verwijder toegewezen aan
Niet toegewezen
1 deelnemers
Notificaties
Vervaldatum
De deadline is ongeldig of buiten bereik. Gebruik het formaat 'jjjj-mm-dd'.

Geen vervaldatum ingesteld.

Afhankelijkheden

Geen afhankelijkheden ingesteld.

Referentie: Plume/Plume#610
Schrijf Voorbeeld
Laden…
Annuleren
Opslaan
Er is nog geen inhoud.
Verwijder branch 'feature/persist_password_reset'

Het verwijderen van een branch is permanent. Het KAN NIET ongedaan gemaakt worden. Wil je toch doorgaan?

Nee
Ja