后端:定义错误,所有返回错误都具有发送和全局生命具有所有权,所有返回的错误都可以使用?来解用

This commit is contained in:
lsy 2024-11-21 11:47:41 +08:00
parent 33b53b3663
commit 3a88c33a6e
7 changed files with 88 additions and 122 deletions

View File

@ -5,7 +5,7 @@ use ed25519_dalek::{SigningKey, VerifyingKey};
use std::fs::File;
use std::io::Write;
use std::{env, fs};
use std::error::Error;
use crate::utils::CustomError;
use rand::{SeedableRng, RngCore};
#[derive(Debug, Serialize, Deserialize, Clone)]
@ -27,7 +27,7 @@ impl SecretKey {
}
}
pub fn generate_key() -> Result<(), Box<dyn Error>> {
pub fn generate_key() -> Result<(),CustomError> {
let mut csprng = rand::rngs::StdRng::from_entropy();
let mut private_key_bytes = [0u8; 32];
@ -49,7 +49,7 @@ pub fn generate_key() -> Result<(), Box<dyn Error>> {
Ok(())
}
pub fn get_key(key_type: SecretKey) -> Result<[u8; 32], Box<dyn Error>> {
pub fn get_key(key_type: SecretKey) -> Result<[u8; 32],CustomError> {
let path = env::current_dir()?
.join("assets")
.join("key")
@ -60,7 +60,7 @@ pub fn get_key(key_type: SecretKey) -> Result<[u8; 32], Box<dyn Error>> {
Ok(key)
}
pub fn generate_jwt(claims: CustomClaims, duration: Duration) -> Result<String, Box<dyn Error>> {
pub fn generate_jwt(claims: CustomClaims, duration: Duration) -> Result<String,CustomError> {
let key_bytes = get_key(SecretKey::Signing)?;
let signing_key = SigningKey::from_bytes(&key_bytes);
@ -79,7 +79,7 @@ pub fn generate_jwt(claims: CustomClaims, duration: Duration) -> Result<String,
Ok(token)
}
pub fn validate_jwt(token: &str) -> Result<CustomClaims, Box<dyn Error>> {
pub fn validate_jwt(token: &str) -> Result<CustomClaims, CustomError> {
let key_bytes = get_key(SecretKey::Verifying)?;
let verifying = VerifyingKey::from_bytes(&key_bytes)?;
let token = UntrustedToken::new(token)?;

View File

@ -1,8 +1,6 @@
use regex::Regex;
use crate::utils::CustomError;
use std::collections::HashMap;
use super::DatabaseError;
use std::hash::Hash;
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
@ -13,17 +11,15 @@ pub enum ValidatedValue {
}
impl ValidatedValue {
pub fn new_identifier(value: String) -> Result<Self, DatabaseError> {
pub fn new_identifier(value: String) -> Result<Self, CustomError> {
let valid_pattern = Regex::new(r"^[a-zA-Z][a-zA-Z0-9_]{0,63}$").unwrap();
if !valid_pattern.is_match(&value) {
return Err(DatabaseError::ValidationError(
"Invalid identifier format".to_string(),
));
return Err(CustomError::from_str("Invalid identifier format"));
}
Ok(ValidatedValue::Identifier(value))
}
pub fn new_rich_text(value: String) -> Result<Self, DatabaseError> {
pub fn new_rich_text(value: String) -> Result<Self, CustomError> {
let dangerous_patterns = [
"UNION ALL SELECT",
"UNION SELECT",
@ -42,24 +38,24 @@ impl ValidatedValue {
let value_upper = value.to_uppercase();
for pattern in dangerous_patterns.iter() {
if value_upper.contains(&pattern.to_uppercase()) {
return Err(DatabaseError::SqlInjectionAttempt(
format!("Dangerous SQL pattern detected: {}", pattern)
));
return Err(CustomError::from_str("Invalid identifier format"));
}
}
Ok(ValidatedValue::RichText(value))
}
pub fn new_plain_text(value: String) -> Result<Self, DatabaseError> {
pub fn new_plain_text(value: String) -> Result<Self, CustomError> {
if value.contains(';') || value.contains("--") {
return Err(DatabaseError::ValidationError("Invalid characters in text".to_string()));
return Err(CustomError::from_str("Invalid characters in text"));
}
Ok(ValidatedValue::PlainText(value))
}
pub fn get(&self) -> &str {
match self {
ValidatedValue::Identifier(s) | ValidatedValue::RichText(s) | ValidatedValue::PlainText(s) => s,
ValidatedValue::Identifier(s)
| ValidatedValue::RichText(s)
| ValidatedValue::PlainText(s) => s,
}
}
}
@ -115,7 +111,7 @@ impl WhereCondition {
field: String,
operator: Operator,
value: Option<String>,
) -> Result<Self, DatabaseError> {
) -> Result<Self, CustomError> {
let field = ValidatedValue::new_identifier(field)?;
let value = match value {
@ -140,7 +136,7 @@ pub enum WhereClause {
Or(Vec<WhereClause>),
Condition(WhereCondition),
}
#[derive(Debug, Clone)]
pub struct QueryBuilder {
operation: SqlOperation,
table: ValidatedValue,
@ -152,7 +148,7 @@ pub struct QueryBuilder {
}
impl QueryBuilder {
pub fn new(operation: SqlOperation, table: String) -> Result<Self, DatabaseError> {
pub fn new(operation: SqlOperation, table: String) -> Result<Self, CustomError> {
Ok(QueryBuilder {
operation,
table: ValidatedValue::new_identifier(table)?,
@ -164,7 +160,7 @@ impl QueryBuilder {
})
}
pub fn build(&self) -> Result<(String, Vec<String>), DatabaseError> {
pub fn build(&self) -> Result<(String, Vec<String>), CustomError> {
let mut query = String::new();
let mut values = Vec::new();
let mut param_counter = 1;
@ -174,7 +170,8 @@ impl QueryBuilder {
let fields = if self.fields.is_empty() {
"*".to_string()
} else {
self.fields.iter()
self.fields
.iter()
.map(|f| f.get().to_string())
.collect::<Vec<_>>()
.join(", ")
@ -182,12 +179,9 @@ impl QueryBuilder {
query.push_str(&format!("SELECT {} FROM {}", fields, self.table.get()));
}
SqlOperation::Insert => {
let fields: Vec<String> = self.params.keys()
.map(|k| k.get().to_string())
.collect();
let placeholders: Vec<String> = (1..=self.params.len())
.map(|i| format!("${}", i))
.collect();
let fields: Vec<String> = self.params.keys().map(|k| k.get().to_string()).collect();
let placeholders: Vec<String> =
(1..=self.params.len()).map(|i| format!("${}", i)).collect();
query.push_str(&format!(
"INSERT INTO {} ({}) VALUES ({})",
@ -201,7 +195,8 @@ impl QueryBuilder {
}
SqlOperation::Update => {
query.push_str(&format!("UPDATE {} SET ", self.table.get()));
let set_clauses: Vec<String> = self.params
let set_clauses: Vec<String> = self
.params
.iter()
.map(|(key, _)| {
let placeholder = format!("${}", param_counter);
@ -239,7 +234,7 @@ impl QueryBuilder {
&self,
clause: &WhereClause,
mut param_counter: i32,
) -> Result<(String, Vec<String>), DatabaseError> {
) -> Result<(String, Vec<String>), CustomError> {
let mut values = Vec::new();
let sql = match clause {
@ -267,7 +262,12 @@ impl QueryBuilder {
if let Some(value) = &cond.value {
let placeholder = format!("${}", param_counter);
values.push(value.get().to_string());
format!("{} {} {}", cond.field.get(), cond.operator.as_str(), placeholder)
format!(
"{} {} {}",
cond.field.get(),
cond.operator.as_str(),
placeholder
)
} else {
format!("{} {}", cond.field.get(), cond.operator.as_str())
}

View File

@ -2,43 +2,20 @@ mod postgresql;
use crate::config;
use async_trait::async_trait;
use std::collections::HashMap;
use std::error::Error;
use crate::utils::CustomError;
use std::sync::Arc;
use std::fmt;
pub mod builder;
#[derive(Debug)]
pub enum DatabaseError {
ValidationError(String),
SqlInjectionAttempt(String),
InvalidParameter(String),
ExecutionError(String),
}
impl fmt::Display for DatabaseError {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match self {
DatabaseError::ValidationError(msg) => write!(f, "Validation error: {}", msg),
DatabaseError::SqlInjectionAttempt(msg) => write!(f, "SQL injection attempt: {}", msg),
DatabaseError::InvalidParameter(msg) => write!(f, "Invalid parameter: {}", msg),
DatabaseError::ExecutionError(msg) => write!(f, "Execution error: {}", msg),
}
}
}
impl Error for DatabaseError {}
#[async_trait]
pub trait DatabaseTrait: Send + Sync {
async fn connect(database: &config::SqlConfig) -> Result<Self, Box<dyn Error>>
async fn connect(database: &config::SqlConfig) -> Result<Self, CustomError>
where
Self: Sized;
async fn execute_query<'a>(
&'a self,
builder: &builder::QueryBuilder,
) -> Result<Vec<HashMap<String, String>>, Box<dyn Error + 'a>>;
async fn initialization(database: config::SqlConfig) -> Result<(), Box<dyn Error>>
) -> Result<Vec<HashMap<String, String>>, CustomError>;
async fn initialization(database: config::SqlConfig) -> Result<(), CustomError>
where
Self: Sized;
}
@ -53,7 +30,7 @@ impl Database {
&self.db
}
pub async fn link(database: &config::SqlConfig) -> Result<Self, Box<dyn Error>> {
pub async fn link(database: &config::SqlConfig) -> Result<Self, CustomError> {
let db = match database.db_type.as_str() {
"postgresql" => postgresql::Postgresql::connect(database).await?,
_ => return Err("unknown database type".into()),
@ -64,7 +41,7 @@ impl Database {
})
}
pub async fn initial_setup(database: config::SqlConfig) -> Result<(), Box<dyn Error>> {
pub async fn initial_setup(database: config::SqlConfig) -> Result<(), CustomError> {
match database.db_type.as_str() {
"postgresql" => postgresql::Postgresql::initialization(database).await?,
_ => return Err("unknown database type".into()),

View File

@ -6,33 +6,13 @@ mod routes;
use chrono::Duration;
use database::relational;
use rocket::{
get, post,
http::Status,
launch,
response::status,
State,
get, http::Status, launch, outcome::IntoOutcome, post, response::status, State
};
use std::sync::Arc;
use tokio::sync::Mutex;
use std::error::Error;
#[derive(Debug)]
pub enum AppError {
Database(String),
Config(String),
Auth(String),
}
impl From<AppError> for status::Custom<String> {
fn from(error: AppError) -> Self {
match error {
AppError::Database(msg) => status::Custom(Status::InternalServerError, format!("Database error: {}", msg)),
AppError::Config(msg) => status::Custom(Status::InternalServerError, format!("Config error: {}", msg)),
AppError::Auth(msg) => status::Custom(Status::InternalServerError, format!("Auth error: {}", msg)),
}
}
}
type AppResult<T> = Result<T, AppError>;
struct AppState {
db: Arc<Mutex<Option<relational::Database>>>,
@ -40,18 +20,17 @@ struct AppState {
}
impl AppState {
async fn get_sql(&self) -> AppResult<relational::Database> {
async fn get_sql(&self) -> Result<relational::Database,Box<dyn Error>> {
self.db
.lock()
.await
.clone()
.ok_or_else(|| AppError::Database("Database not initialized".into()))
.ok_or_else(|| "Database not initialized".into())
}
async fn link_sql(&self, config: config::SqlConfig) -> AppResult<()> {
async fn link_sql(&self, config: config::SqlConfig) -> Result<,Box<dyn Error>> {
let database = relational::Database::link(&config)
.await
.map_err(|e| AppError::Database(e.to_string()))?;
.await?;
*self.db.lock().await = Some(database);
Ok(())
}
@ -68,7 +47,7 @@ async fn token_system(_state: &State<AppState>) -> Result<status::Custom<String>
auth::jwt::generate_jwt(claims, Duration::seconds(1))
.map(|token| status::Custom(Status::Ok, token))
.map_err(|e| AppError::Auth(e.to_string()).into())
.map_err(|e| status::Custom(Status::InternalServerError, e.to_string()))
}

View File

@ -1,7 +1,7 @@
use serde::{Deserialize,Serialize};
use crate::{config,utils};
use crate::database::relational;
use crate::{AppState,AppError,AppResult};
use crate::AppState;
use rocket::{
post,
http::Status,
@ -28,20 +28,6 @@ pub struct InstallReplyData{
password:String,
}
#[post("/test", format = "application/json", data = "<data>")]
pub async fn test(
data: Json<InstallData>,
state: &State<AppState>
) -> Result<status::Custom<String>, status::Custom<String>> {
let data=data.into_inner();
let sql= state.get_sql().await.map_err(|e| e)?;
let _ = person::insert(&sql,person::RegisterData{ name: data.name.clone(), email: data.email, password:data.password });
Ok(status::Custom(Status::Ok, "Installation successful".to_string()))
}
#[post("/install", format = "application/json", data = "<data>")]
pub async fn install(
@ -59,6 +45,9 @@ pub async fn install(
.await
.map_err(|e| status::Custom(Status::InternalServerError, e.to_string()))?;
auth::jwt::generate_key();
config.info.install = true;
state.link_sql(data.sql_config.clone()).await?;

View File

@ -1,7 +1,6 @@
use serde::{Deserialize,Serialize};
use crate::{config,utils};
use crate::database::{relational,relational::builder};
use crate::{AppError,AppResult};
use rocket::{
get, post,
http::Status,
@ -11,6 +10,8 @@ use rocket::{
};
use std::collections::HashMap;
use bcrypt::{hash, verify, DEFAULT_COST};
use crate::utils::CustomError;
#[derive(Deserialize, Serialize)]
@ -25,7 +26,7 @@ pub struct RegisterData{
pub password:String
}
pub async fn insert(sql:&relational::Database,data:RegisterData) -> AppResult<()>{
pub async fn insert(sql:&relational::Database,data:RegisterData) -> Result<(),CustomError>{
let hashed_password = hash(data.password, DEFAULT_COST).expect("Failed to hash password");
@ -46,16 +47,11 @@ pub async fn insert(sql:&relational::Database,data:RegisterData) -> AppResult<()
builder::ValidatedValue::PlainText(hashed_password)
);
let builder = builder::QueryBuilder::new(builder::SqlOperation::Insert,String::from("persons"))
.map_err(|e|{
AppError::Database(format!("Error while building query: {}", e.to_string()))
})?
let builder = builder::QueryBuilder::new(builder::SqlOperation::Insert,String::from("persons"))?
.params(user_params)
;
let _= sql.get_db().execute_query(&builder).await.map_err(|e|{
AppError::Database(format!("Travel during execution: {}", e.to_string()))
})?;
sql.get_db().execute_query(&builder).await?;
Ok(())
}

View File

@ -1,5 +1,6 @@
use rand::seq::SliceRandom;
pub fn generate_random_string(length: usize) -> String {
let charset = b"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
let mut rng = rand::thread_rng();
@ -7,3 +8,27 @@ pub fn generate_random_string(length: usize) -> String {
.map(|_| *charset.choose(&mut rng).unwrap() as char)
.collect()
}
pub struct CustomError(String);
impl std::fmt::Display for CustomError {
fn fmt(&self, f: &mut std::fmt::Formatter) -> std::fmt::Result {
write!(f, "{}", self.0)
}
}
impl<T> From<T> for CustomError
where
T: std::error::Error + Send + 'static,
{
fn from(error: T) -> Self {
CustomError(error.to_string())
}
}
impl CustomError {
pub fn from_str(error: &str) -> Self {
CustomError(error.to_string())
}
}