From 5bcf7beddc7ac96bbe7dac41013ad9ee00b548ee Mon Sep 17 00:00:00 2001
From: realaravinth <realaravinth@batsense.net>
Date: Wed, 11 May 2022 18:53:18 +0530
Subject: [PATCH] fix: return username to store in sessions when getting
 password

---
 db/db-core/src/lib.rs          | 11 ++++++++++-
 db/db-core/src/tests.rs        | 29 ++++++++++++++++-------------
 db/db-sqlx-postgres/src/lib.rs | 14 ++++++++++----
 3 files changed, 36 insertions(+), 18 deletions(-)

diff --git a/db/db-core/src/lib.rs b/db/db-core/src/lib.rs
index 0b094df2..fdb4e390 100644
--- a/db/db-core/src/lib.rs
+++ b/db/db-core/src/lib.rs
@@ -89,6 +89,15 @@ pub enum Login<'a> {
     Email(&'a str),
 }
 
+#[derive(Clone, Debug, Deserialize, Serialize, PartialEq)]
+/// type encapsulating username and hashed password of a user
+pub struct NameHash {
+    /// username
+    pub username: String,
+    /// hashed password
+    pub hash: String,
+}
+
 #[async_trait]
 /// mCaptcha's database requirements. To implement support for $Database, kindly implement this
 /// trait.
@@ -112,7 +121,7 @@ pub trait MCDatabase: std::marker::Send + std::marker::Sync + CloneSPDatabase {
     async fn update_email(&self, p: &UpdateEmail) -> DBResult<()>;
 
     /// get a user's password
-    async fn get_password(&self, l: &Login) -> DBResult<String>;
+    async fn get_password(&self, l: &Login) -> DBResult<NameHash>;
 }
 
 /// Trait to clone MCDatabase
diff --git a/db/db-core/src/tests.rs b/db/db-core/src/tests.rs
index 12917797..d46c2a46 100644
--- a/db/db-core/src/tests.rs
+++ b/db/db-core/src/tests.rs
@@ -29,20 +29,23 @@ pub async fn database_works<'a, T: MCDatabase>(db: &T, p: &Register<'a>) {
     }
     db.register(p).await.unwrap();
 
-    assert_eq!(
-        db.get_password(&Login::Username(p.username)).await.unwrap(),
-        p.hash,
-        "user password matches"
-    );
+    // testing get_password
 
-    assert_eq!(
-        db.get_password(&Login::Email(p.email.as_ref().unwrap()))
-            .await
-            .unwrap(),
-        p.hash,
-        "user password matches"
-    );
+    // with username
+    let name_hash = db.get_password(&Login::Username(p.username)).await.unwrap();
+    assert_eq!(name_hash.hash, p.hash, "user password matches");
 
+    assert_eq!(name_hash.username, p.username, "username matches");
+
+    // with email
+    let name_hash = db
+        .get_password(&Login::Email(p.email.as_ref().unwrap()))
+        .await
+        .unwrap();
+    assert_eq!(name_hash.hash, p.hash, "user password matches");
+    assert_eq!(name_hash.username, p.username, "username matches");
+
+    // testing email exists
     assert!(
         db.email_exists(p.email.as_ref().unwrap()).await.unwrap(),
         "user is registered so email should exsit"
@@ -70,11 +73,11 @@ pub async fn database_works<'a, T: MCDatabase>(db: &T, p: &Register<'a>) {
         "user registration with email is deleted; so email shouldn't exsit"
     );
 
+    // testing update email
     let update_email = UpdateEmail {
         username: p.username,
         new_email: p.email.as_ref().unwrap(),
     };
-
     db.update_email(&update_email).await.unwrap();
     println!(
         "null user email: {}",
diff --git a/db/db-sqlx-postgres/src/lib.rs b/db/db-sqlx-postgres/src/lib.rs
index 9a2fd63c..b7ee9d92 100644
--- a/db/db-sqlx-postgres/src/lib.rs
+++ b/db/db-sqlx-postgres/src/lib.rs
@@ -189,15 +189,16 @@ impl MCDatabase for Database {
     }
 
     /// get a user's password
-    async fn get_password(&self, l: &Login) -> DBResult<String> {
+    async fn get_password(&self, l: &Login) -> DBResult<NameHash> {
         struct Password {
+            name: String,
             password: String,
         }
 
         let rec = match l {
             Login::Username(u) => sqlx::query_as!(
                 Password,
-                r#"SELECT password  FROM mcaptcha_users WHERE name = ($1)"#,
+                r#"SELECT name, password  FROM mcaptcha_users WHERE name = ($1)"#,
                 u,
             )
             .fetch_one(&self.pool)
@@ -206,7 +207,7 @@ impl MCDatabase for Database {
 
             Login::Email(e) => sqlx::query_as!(
                 Password,
-                r#"SELECT password  FROM mcaptcha_users WHERE email = ($1)"#,
+                r#"SELECT name, password  FROM mcaptcha_users WHERE email = ($1)"#,
                 e,
             )
             .fetch_one(&self.pool)
@@ -214,7 +215,12 @@ impl MCDatabase for Database {
             .map_err(map_register_err)?,
         };
 
-        Ok(rec.password)
+        let res = NameHash {
+            hash: rec.password,
+            username: rec.name,
+        };
+
+        Ok(res)
     }
 }