Sprint 5 into 6 update #41
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* updates to sprint 2 deps and breaking changes * move rand to dev deps * changes after audit * dependency updates * Deps updates and refactor for breaking changes * update deps and refactor breaking changes
* update to password struct impl * new type hashpassword for user stored password * remove hashpassword and refactor validate User * validate_user fn change &string to &str and param name password to raw_password * remove unnecessary clones * change clone to owned in verify_password_hash * add tokio::test to valid_passwords_are_parsed_successfully * change Password to HashedPassword * refactor verify_password_hash password_candidate to &str * refactor compute_password_hash accept password: &str * ch to verify_raw_password from verify_password_hash
auth-service/src/routes/signup.rs
Outdated
| Email::parse(request.email.clone()).map_err(|_| AuthAPIError::InvalidCredentials)?; | ||
| let password = | ||
| Password::parse(request.password.clone()).map_err(|_| AuthAPIError::InvalidCredentials)?; | ||
| let email = Email::parse(request.email).map_err(|e| AuthAPIError::UnexpectedError(e.into()))?; |
Owner
There was a problem hiding this comment.
Why are we changing this from InvalidCredentials to UnexpectedError?
Owner
There was a problem hiding this comment.
Pretty sure this would break integration tests
Contributor
Author
There was a problem hiding this comment.
It was an attempt to recreate the section of Err(eyre!("oh no!"))
Since the compute_password_hash was moved to password.rs.
I have reverted it to InvalidCredentials, but I have also added error source tracking to it.
Contributor
Author
|
@letsgetrusty let me know if the commit I have pushed makes sense to you. Then I will also make the changes to ClickUp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Updated ClickUp Tasks (WIP)
Set up tracing 1.3 Instrument sign-up route handler
Removed fn verify_raw_password and compute_password_hash
https://app.clickup.com/9015495369/v/dc/8cnv2p9-22315/8cnv2p9-40155?block=block-0a61171e-5e7f-49b3-bae4-e452fa051883
Added a new step 3 (Instrument the auth-service/src/domain/password.rs)
https://app.clickup.com/9015495369/v/dc/8cnv2p9-22315/8cnv2p9-40155?block=block-e500b83a-3142-496d-81b1-7ebaa6b19563
Idiomatic errors - part 1
Force an error to occur
compute_password_hashfunction was movedhttps://app.clickup.com/9015495369/v/dc/8cnv2p9-22315/8cnv2p9-40155?block=block-b691e2d1-82c5-46ca-b743-5b6d9062629f
https://app.clickup.com/9015495369/v/dc/8cnv2p9-22315/8cnv2p9-40155?block=block-5ab81358-110d-4125-98dc-6c13bff474e0
Update error reporting for the sign-up route
Update auth-service/src/domain/password.rs to use color_eyre
https://app.clickup.com/9015495369/v/dc/8cnv2p9-22315/8cnv2p9-40155?&block=block-eac22722-3c33-411a-9eed-c9aa15989782
Update error conversion to UserStoreError::UnexpectedError in PostgresUserStore. We need to pass an eyre::Report to UserStoreError::UnexpectedError.
Hiding sensitive data
Update the Password type to SecretString. This will prevent the password type from accidentally being logged!
Update auth-service/src/services/data-stores/postgres_user_store.rs to use the SecretString type