feat: unlock with only mnemonic

Author: dpc

crates/rostra-client-db/src/lib.rs

@@ -125,7 +125,7 @@ pub enum DbError {
     },
     #[snafu(visibility(pub))]
     #[snafu(display("Provided Id does not match one used previously"))]
-    IdMismatch {
+    DbIdMismatch {
         #[snafu(implicit)]
         location: Location,
     },
@@ -536,7 +536,7 @@ impl Database {
     pub fn verify_self_tx(self_id: RostraId, ids_self_t: &mut ids_self::Table) -> DbResult<()> {
         if let Some(existing_self_id_record) = Self::read_self_id_tx(ids_self_t)? {
             if existing_self_id_record.rostra_id != self_id {
-                return IdMismatchSnafu.fail();
+                return DbIdMismatchSnafu.fail();
             }
         } else {
             Self::write_self_id_tx(self_id, ids_self_t)?;

crates/rostra-web-ui/src/error.rs

@@ -1,7 +1,11 @@
+use std::io;
+
 use axum::http::{HeaderName, HeaderValue, StatusCode};
 use axum::response::{IntoResponse, Redirect, Response};
-use rostra_client::error::PostError;
+use rostra_client::error::{ActivateError, InitError, PostError};
+use rostra_client::multiclient::MultiClientError;
 use rostra_client::ClientRefError;
+use rostra_client_db::DbError;
 use rostra_util_error::BoxedError;
 use serde::Serialize;
 use snafu::Snafu;
@@ -34,6 +38,33 @@ pub struct UserErrorResponse {
     pub message: String,
 }
 
+#[derive(Debug, Snafu)]
+pub enum UnlockError {
+    #[snafu(visibility(pub(crate)))]
+    PublicKeyMissing,
+    #[snafu(visibility(pub(crate)))]
+    IdMismatch,
+    #[snafu(transparent)]
+    Io {
+        source: io::Error,
+    },
+    Database {
+        source: DbError,
+    },
+    Init {
+        source: InitError,
+    },
+    #[snafu(transparent)]
+    MultiClient {
+        source: MultiClientError,
+    },
+    #[snafu(transparent)]
+    MultiClientActivate {
+        source: ActivateError,
+    },
+}
+pub type UnlockResult<T> = std::result::Result<T, UnlockError>;
+
 #[derive(Debug, Snafu)]
 pub enum RequestError {
     #[snafu(transparent)]
@@ -49,7 +80,9 @@ pub enum RequestError {
     #[snafu(visibility(pub(crate)))]
     LoginRequired,
     #[snafu(visibility(pub(crate)))]
-    SecretKeyMissing,
+    Unlock { source: UnlockError },
+    #[snafu(visibility(pub(crate)))]
+    ReadOnlyMode,
     #[snafu(visibility(pub(crate)))]
     User { source: UserRequestError },
 }

crates/rostra-web-ui/src/lib.rs

@@ -4,6 +4,8 @@ mod fragment;
 pub mod html_utils;
 pub mod is_htmx;
 mod routes;
+// TODO: move to own crate
+mod serde_util;
 
 use std::net::{AddrParseError, SocketAddr};
 use std::path::{Path, PathBuf};
@@ -16,13 +18,13 @@ use asset_cache::AssetCache;
 use axum::http::header::{ACCEPT, CONTENT_TYPE};
 use axum::http::{HeaderName, HeaderValue, Method};
 use axum::{middleware, Router};
-use rostra_client::error::{ActivateError, IdSecretReadError, InitError};
-use rostra_client::multiclient::{MultiClient, MultiClientError};
+use error::{IdMismatchSnafu, UnlockError, UnlockResult};
+use rostra_client::error::IdSecretReadError;
+use rostra_client::multiclient::MultiClient;
 use rostra_client::{ClientHandle, ClientRefError};
-use rostra_client_db::DbError;
 use rostra_core::id::{RostraId, RostraIdSecretKey};
 use rostra_util::is_rostra_dev_mode_set;
-use rostra_util_error::{BoxedError, WhateverResult};
+use rostra_util_error::WhateverResult;
 use routes::cache_control;
 use snafu::{ensure, ResultExt as _, Snafu, Whatever};
 use tokio::net::{TcpListener, TcpSocket};
@@ -89,33 +91,6 @@ pub enum UiStateClientError {
 }
 pub type UiStateClientResult<T> = result::Result<T, UiStateClientError>;
 
-#[derive(Debug, Snafu)]
-pub enum UiStateClientUnlockError {
-    IdMismatch,
-    InvalidMnemonic {
-        source: BoxedError,
-    },
-    #[snafu(transparent)]
-    Io {
-        source: io::Error,
-    },
-    Database {
-        source: DbError,
-    },
-    Init {
-        source: InitError,
-    },
-    #[snafu(transparent)]
-    MultiClient {
-        source: MultiClientError,
-    },
-    #[snafu(transparent)]
-    MultiClientActivate {
-        source: ActivateError,
-    },
-}
-pub type UiStateClientUnlockResult<T> = result::Result<T, UiStateClientUnlockError>;
-
 pub struct UiState {
     clients: MultiClient,
 }
@@ -132,21 +107,17 @@ impl UiState {
     pub async fn unlock(
         &self,
         rostra_id: RostraId,
-        mnemonic: &str,
-    ) -> UiStateClientUnlockResult<Option<RostraIdSecretKey>> {
-        let res = if mnemonic.trim().is_empty() {
-            self.clients.load(rostra_id).await?;
-            None
-        } else {
-            let secret_id = RostraIdSecretKey::from_str(mnemonic)
-                .boxed()
-                .context(InvalidMnemonicSnafu)?;
-
+        secret_id: Option<RostraIdSecretKey>,
+    ) -> UnlockResult<Option<RostraIdSecretKey>> {
+        let res = if let Some(secret_id) = secret_id {
             ensure!(secret_id.id() == rostra_id, IdMismatchSnafu);
-            let client = self.clients.load(rostra_id).await?;
+            let client = self.clients.load(secret_id.id()).await?;
             client.unlock_active(secret_id).await?;
 
             Some(secret_id)
+        } else {
+            self.clients.load(rostra_id).await?;
+            None
         };
         Ok(res)
     }
@@ -173,7 +144,7 @@ pub enum WebUiServerError {
     },
 
     SecretUnlock {
-        source: UiStateClientUnlockError,
+        source: UnlockError,
     },
 
     ListenAddr {

crates/rostra-web-ui/src/routes/unlock.rs

@@ -12,8 +12,11 @@ use snafu::ResultExt as _;
 use tower_sessions::Session;
 
 use super::Maud;
-use crate::error::{OtherSnafu, RequestResult};
+use crate::error::{
+    LoginRequiredSnafu, OtherSnafu, PublicKeyMissingSnafu, RequestResult, UnlockResult, UnlockSnafu,
+};
 use crate::is_htmx::IsHtmx;
+use crate::serde_util::empty_string_as_none;
 use crate::{SharedState, UiState};
 
 pub async fn get(
@@ -31,64 +34,76 @@ pub async fn get(
         )];
         return Ok((StatusCode::OK, headers).into_response());
     }
-    Ok(Maud(state.unlock_page(None, "", None).await?).into_response())
+    Ok(Maud(state.unlock_page(None, None, None).await?).into_response())
 }
 
 pub async fn get_random(state: State<SharedState>) -> RequestResult<impl IntoResponse> {
     let random_secret_key = RostraIdSecretKey::generate();
     Ok(Maud(
         state
-            .unlock_page(
-                Some(random_secret_key.id()),
-                &random_secret_key.to_string(),
-                None,
-            )
+            .unlock_page(Some(random_secret_key.id()), Some(random_secret_key), None)
             .await?,
     ))
 }
 
 #[derive(Deserialize)]
 pub struct Input {
     #[serde(rename = "username")]
-    rostra_id: RostraId,
+    #[serde(deserialize_with = "empty_string_as_none")]
+    rostra_id: Option<RostraId>,
     #[serde(rename = "password")]
-    mnemonic: String,
+    #[serde(deserialize_with = "empty_string_as_none")]
+    mnemonic: Option<RostraIdSecretKey>,
+}
+
+impl Input {
+    fn rostra_id(&self) -> UnlockResult<RostraId> {
+        self.rostra_id
+            .or_else(|| self.mnemonic.map(|m| m.id()))
+            .ok_or_else(|| PublicKeyMissingSnafu.build())
+    }
 }
 
 pub async fn post_unlock(
     state: State<SharedState>,
     session: Session,
     Form(form): Form<Input>,
 ) -> RequestResult<Response> {
-    Ok(match state.unlock(form.rostra_id, &form.mnemonic).await {
-        Ok(secret_key_opt) => {
-            session
-                .insert(
-                    SESSION_KEY,
-                    &UserSession::new(form.rostra_id, secret_key_opt),
-                )
-                .await
-                .boxed()
-                .context(OtherSnafu)?;
-            let headers = [(
-                HeaderName::from_static("hx-redirect"),
-                HeaderValue::from_static("/ui"),
-            )];
-            (StatusCode::SEE_OTHER, headers).into_response()
-        }
-        Err(e) => Maud(
-            state
-                .unlock_page(
-                    Some(form.rostra_id),
-                    &form.mnemonic,
-                    html! {
-                        span ."o-unlockScreen_notice" { (e)}
-                    },
-                )
-                .await?,
-        )
-        .into_response(),
-    })
+    Ok(
+        match state
+            .unlock(form.rostra_id().context(UnlockSnafu)?, form.mnemonic)
+            .await
+        {
+            Ok(secret_key_opt) => {
+                let rostra_id = secret_key_opt
+                    .map(|secret| secret.id())
+                    .or(form.rostra_id)
+                    .ok_or_else(|| LoginRequiredSnafu.build())?;
+                session
+                    .insert(SESSION_KEY, &UserSession::new(rostra_id, secret_key_opt))
+                    .await
+                    .boxed()
+                    .context(OtherSnafu)?;
+                let headers = [(
+                    HeaderName::from_static("hx-redirect"),
+                    HeaderValue::from_static("/ui"),
+                )];
+                (StatusCode::SEE_OTHER, headers).into_response()
+            }
+            Err(e) => Maud(
+                state
+                    .unlock_page(
+                        form.rostra_id,
+                        form.mnemonic,
+                        html! {
+                            span ."o-unlockScreen_notice" { (e)}
+                        },
+                    )
+                    .await?,
+            )
+            .into_response(),
+        },
+    )
 }
 
 pub async fn logout(session: Session) -> RequestResult<impl IntoResponse> {
@@ -105,7 +120,7 @@ impl UiState {
     async fn unlock_page(
         &self,
         current_rostra_id: Option<RostraId>,
-        current_mnemonic: &str,
+        current_secret_key: Option<RostraIdSecretKey>,
         notification: impl Into<Option<Markup>>,
     ) -> RequestResult<Markup> {
         let random_rostra_id_secret = &RostraIdSecretKey::generate();
@@ -150,7 +165,7 @@ impl UiState {
                             autocomplete="current-password"
                             placeholder="Mnemonic (Secret Key) - if empty, read-only mode"
                             title="Mnemonic is 12 words passphrase encoding secret key of your identity"
-                            value=(current_mnemonic)
+                            value=(current_secret_key.as_ref().map(ToString::to_string).unwrap_or_default())
                             { }
                         button
                             type="button" // do not submit the form!

crates/rostra-web-ui/src/routes/unlock/session.rs

@@ -5,7 +5,7 @@ use serde::{Deserialize, Serialize};
 use tower_sessions::Session;
 
 use crate::error::{
-    InternalServerSnafu, LoginRequiredSnafu, RequestError, RequestResult, SecretKeyMissingSnafu,
+    InternalServerSnafu, LoginRequiredSnafu, ReadOnlyModeSnafu, RequestError, RequestResult,
 };
 
 #[derive(Clone, Deserialize, Serialize)]
@@ -20,7 +20,7 @@ impl UserSession {
     }
 
     pub(crate) fn id_secret(&self) -> RequestResult<RostraIdSecretKey> {
-        self.id_secret.ok_or_else(|| SecretKeyMissingSnafu.build())
+        self.id_secret.ok_or_else(|| ReadOnlyModeSnafu.build())
     }
 
     pub(crate) fn new(rostra_id: RostraId, secret_key: Option<RostraIdSecretKey>) -> Self {

crates/rostra-web-ui/src/serde_util.rs

@@ -0,0 +1,31 @@
+use serde::de::IntoDeserializer as _;
+use serde::{Deserialize, Deserializer};
+
+pub(crate) fn empty_string_as_none<'de, D, T>(deserializer: D) -> Result<Option<T>, D::Error>
+where
+    D: Deserializer<'de>,
+    T: Deserialize<'de>,
+{
+    if let Some(str) = Option::<String>::deserialize(deserializer)? {
+        let str = str.trim();
+        if str.is_empty() {
+            Ok(None)
+        } else {
+            T::deserialize(str.into_deserializer()).map(Some)
+        }
+    } else {
+        Ok(None)
+    }
+}
+
+#[allow(dead_code)]
+pub(crate) fn trim_string<'de, D, T>(deserializer: D) -> Result<T, D::Error>
+where
+    D: Deserializer<'de>,
+    T: Deserialize<'de>,
+{
+    let s = String::deserialize(deserializer)?;
+    let s = s.trim();
+
+    T::deserialize(s.into_deserializer())
+}