diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-06-10 22:26:10 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-06-10 22:26:10 +0200 |
| commit | 989f01ad230423c5a5105d6c9ff8580020e902ed (patch) | |
| tree | b750d06a9a39dcc76a1da7898b0748b0dad500cf /crates/atuin-client/src/auth.rs | |
| parent | chore: Remove some unused rust code (diff) | |
| download | atuin-989f01ad230423c5a5105d6c9ff8580020e902ed.zip | |
chore: Remove more useless code
Diffstat (limited to 'crates/atuin-client/src/auth.rs')
| -rw-r--r-- | crates/atuin-client/src/auth.rs | 269 |
1 files changed, 8 insertions, 261 deletions
diff --git a/crates/atuin-client/src/auth.rs b/crates/atuin-client/src/auth.rs index 8ea4b8ab..1031c11f 100644 --- a/crates/atuin-client/src/auth.rs +++ b/crates/atuin-client/src/auth.rs @@ -1,13 +1,9 @@ use async_trait::async_trait; use eyre::{Context, Result, bail}; -use reqwest::{StatusCode, Url, header::USER_AGENT}; -use serde::Deserialize; +use reqwest::{Url, header::USER_AGENT}; use atuin_common::{ - api::{ - ATUIN_CARGO_VERSION, ATUIN_HEADER_VERSION, ChangePasswordRequest, LoginRequest, - LoginResponse, RegisterResponse, - }, + api::{ATUIN_CARGO_VERSION, ATUIN_HEADER_VERSION, ChangePasswordRequest, LoginRequest}, tls::ensure_crypto_provider, }; @@ -74,20 +70,12 @@ pub trait AuthClient: Send + Sync { /// Resolve the appropriate [`AuthClient`] for the current settings. pub async fn auth_client(settings: &Settings) -> Box<dyn AuthClient> { - if settings.is_hub_sync() { - let endpoint = settings.active_hub_endpoint().unwrap_or_default(); - Box::new(HubAuthClient::new( - endpoint.as_ref(), - settings.hub_session_token().await.ok(), - )) as Box<dyn AuthClient> - } else { - Box::new(LegacyAuthClient::new( - &settings.sync_address, - settings.session_token().await.ok(), - settings.network_connect_timeout, - settings.network_timeout, - )) as Box<dyn AuthClient> - } + Box::new(LegacyAuthClient::new( + &settings.sync_address, + settings.session_token().await.ok(), + settings.network_connect_timeout, + settings.network_timeout, + )) as Box<dyn AuthClient> } // --------------------------------------------------------------------------- @@ -221,247 +209,6 @@ impl AuthClient for LegacyAuthClient { } // --------------------------------------------------------------------------- -// Hub backend — talks to the Hub v0 API endpoints -// --------------------------------------------------------------------------- - -pub struct HubAuthClient { - address: String, - hub_token: Option<String>, -} - -impl HubAuthClient { - pub fn new(address: &str, hub_token: Option<String>) -> Self { - Self { - address: address.trim_end_matches('/').to_string(), - hub_token, - } - } -} - -/// Hub v0 error/status response — includes an optional `code` field for -/// machine-readable status like `"2fa_required"`. -#[derive(Debug, Deserialize)] -struct HubErrorResponse { - reason: String, - code: Option<String>, -} - -#[async_trait] -impl AuthClient for HubAuthClient { - async fn login( - &self, - username: &str, - password: &str, - totp_code: Option<&str>, - ) -> Result<AuthResponse> { - ensure_crypto_provider(); - let url = make_url(&self.address, "/api/v0/login")?; - let client = reqwest::Client::new(); - - let mut body = serde_json::json!({ - "username": username, - "password": password, - }); - if let Some(code) = totp_code { - body["totp_code"] = serde_json::Value::String(code.to_string()); - } - - let resp = client - .post(&url) - .header(USER_AGENT, APP_USER_AGENT) - .header(ATUIN_HEADER_VERSION, ATUIN_CARGO_VERSION) - .json(&body) - .send() - .await - .context("failed to connect to Atuin Hub")?; - - let status = resp.status(); - - if status.is_success() { - let login: LoginResponse = resp.json().await?; - return Ok(AuthResponse::Success { - session: login.session, - auth_type: login.auth, - }); - } - - if status == StatusCode::FORBIDDEN - && let Ok(err) = resp.json::<HubErrorResponse>().await - { - if err.code.as_deref() == Some("2fa_required") { - return Ok(AuthResponse::TwoFactorRequired); - } - bail!("{}", err.reason); - } - - if status == StatusCode::UNAUTHORIZED { - bail!("invalid credentials"); - } - - bail!("Hub login failed with status {status}"); - } - - async fn register(&self, username: &str, email: &str, password: &str) -> Result<AuthResponse> { - ensure_crypto_provider(); - let url = make_url(&self.address, "/api/v0/register")?; - let client = reqwest::Client::new(); - - let resp = client - .post(&url) - .header(USER_AGENT, APP_USER_AGENT) - .header(ATUIN_HEADER_VERSION, ATUIN_CARGO_VERSION) - .json(&serde_json::json!({ - "email": email, - "username": username, - "password": password, - })) - .send() - .await - .context("failed to connect to Atuin Hub")?; - - let status = resp.status(); - - if status.is_success() { - let reg: RegisterResponse = resp.json().await?; - return Ok(AuthResponse::Success { - session: reg.session, - auth_type: reg.auth, - }); - } - - if let Ok(err) = resp.json::<HubErrorResponse>().await { - bail!("{}", err.reason); - } - - bail!("Hub registration failed with status {status}"); - } - - async fn change_password( - &self, - current_password: &str, - new_password: &str, - totp_code: Option<&str>, - ) -> Result<MutateResponse> { - let hub_token = self.hub_token.as_deref().ok_or_else(|| { - eyre::eyre!( - "Not logged in to Atuin Hub. \ - Please run 'atuin login' to authenticate." - ) - })?; - - if !hub_token.starts_with("atapi_") { - bail!( - "Your Hub session token is invalid. \ - Please run 'atuin login' to re-authenticate with Atuin Hub." - ); - } - - ensure_crypto_provider(); - let url = make_url(&self.address, "/api/v0/account/password")?; - let client = reqwest::Client::new(); - - let mut body = serde_json::json!({ - "current_password": current_password, - "new_password": new_password, - }); - if let Some(code) = totp_code { - body["totp_code"] = serde_json::Value::String(code.to_string()); - } - - let resp = client - .patch(&url) - .header(USER_AGENT, APP_USER_AGENT) - .header(ATUIN_HEADER_VERSION, ATUIN_CARGO_VERSION) - .bearer_auth(hub_token) - .json(&body) - .send() - .await - .context("failed to connect to Atuin Hub")?; - - let status = resp.status(); - - if status.is_success() { - return Ok(MutateResponse::Success); - } - - if let Ok(err) = resp.json::<HubErrorResponse>().await { - match err.code.as_deref() { - Some("2fa_required") => return Ok(MutateResponse::TwoFactorRequired), - Some("invalid_2fa_code") => bail!("invalid two-factor code"), - _ => bail!("{}", err.reason), - } - } - - match status { - StatusCode::UNAUTHORIZED => bail!("current password is incorrect"), - StatusCode::FORBIDDEN => bail!("invalid login details"), - _ => bail!("Hub password change failed with status {status}"), - } - } - - async fn delete_account( - &self, - password: &str, - totp_code: Option<&str>, - ) -> Result<MutateResponse> { - let hub_token = self.hub_token.as_deref().ok_or_else(|| { - eyre::eyre!( - "Not logged in to Atuin Hub. \ - Please run 'atuin login' to authenticate." - ) - })?; - - if !hub_token.starts_with("atapi_") { - bail!( - "Your Hub session token is invalid. \ - Please run 'atuin login' to re-authenticate with Atuin Hub." - ); - } - - ensure_crypto_provider(); - let url = make_url(&self.address, "/api/v0/account")?; - let client = reqwest::Client::new(); - - let mut body = serde_json::json!({ - "password": password, - }); - if let Some(code) = totp_code { - body["totp_code"] = serde_json::Value::String(code.to_string()); - } - - let resp = client - .delete(&url) - .header(USER_AGENT, APP_USER_AGENT) - .header(ATUIN_HEADER_VERSION, ATUIN_CARGO_VERSION) - .bearer_auth(hub_token) - .json(&body) - .send() - .await - .context("failed to connect to Atuin Hub")?; - - let status = resp.status(); - - if status.is_success() { - return Ok(MutateResponse::Success); - } - - if let Ok(err) = resp.json::<HubErrorResponse>().await { - match err.code.as_deref() { - Some("2fa_required") => return Ok(MutateResponse::TwoFactorRequired), - Some("invalid_2fa_code") => bail!("invalid two-factor code"), - _ => bail!("{}", err.reason), - } - } - - match status { - StatusCode::UNAUTHORIZED => bail!("password is incorrect"), - StatusCode::FORBIDDEN => bail!("invalid login details"), - _ => bail!("Hub account deletion failed with status {status}"), - } - } -} - -// --------------------------------------------------------------------------- // Shared helpers // --------------------------------------------------------------------------- |