Merge pull request #9981 from Turbo87/find-by-token

Turbo87 · web-flow · commit 496858efa114 · 2024-11-18T00:05:19.000+01:00
models/token: Remove sync `find_by_api_token()` fn
diff --git a/src/auth.rs b/src/auth.rs
@@ -214,7 +214,7 @@ async fn authenticate_via_token(
     let token =
         HashedToken::parse(header_value).map_err(|_| InsecurelyGeneratedTokenRevoked::boxed())?;
 
-    let token = ApiToken::async_find_by_api_token(conn, &token)
+    let token = ApiToken::find_by_api_token(conn, &token)
         .await
         .map_err(|e| {
             let cause = format!("invalid token caused by {e}");
diff --git a/src/bin/crates-admin/verify_token.rs b/src/bin/crates-admin/verify_token.rs
@@ -21,7 +21,7 @@ pub async fn run(opts: Opts) -> anyhow::Result<()> {
         .context("Failed to connect to the database")?;
 
     let token = HashedToken::parse(&opts.api_token)?;
-    let token = ApiToken::async_find_by_api_token(&mut conn, &token).await?;
+    let token = ApiToken::find_by_api_token(&mut conn, &token).await?;
     let user = User::async_find(&mut conn, token.user_id).await?;
     println!("The token belongs to user {}", user.gh_login);
     Ok(())
diff --git a/src/models/token.rs b/src/models/token.rs
@@ -69,32 +69,7 @@ impl ApiToken {
         })
     }
 
-    pub fn find_by_api_token(conn: &mut impl Conn, token: &HashedToken) -> QueryResult<ApiToken> {
-        use diesel::RunQueryDsl;
-        use diesel::{dsl::now, update};
-
-        let tokens = api_tokens::table
-            .filter(api_tokens::revoked.eq(false))
-            .filter(
-                api_tokens::expired_at
-                    .is_null()
-                    .or(api_tokens::expired_at.gt(now)),
-            )
-            .filter(api_tokens::token.eq(token));
-
-        // If the database is in read only mode, we can't update last_used_at.
-        // Try updating in a new transaction, if that fails, fall back to reading
-        conn.transaction(|conn| {
-            update(tokens)
-                .set(api_tokens::last_used_at.eq(now.nullable()))
-                .returning(ApiToken::as_returning())
-                .get_result(conn)
-        })
-        .or_else(|_| tokens.select(ApiToken::as_select()).first(conn))
-        .map_err(Into::into)
-    }
-
-    pub async fn async_find_by_api_token(
+    pub async fn find_by_api_token(
         conn: &mut AsyncPgConnection,
         token: &HashedToken,
     ) -> QueryResult<ApiToken> {
diff --git a/src/tests/user.rs b/src/tests/user.rs
@@ -36,9 +36,8 @@ async fn updating_existing_user_doesnt_change_api_token() {
 
     // Use the original API token to find the now updated user
     let hashed_token = assert_ok!(HashedToken::parse(token.expose_secret()));
-    let mut conn = app.db_conn();
-    let api_token = assert_ok!(ApiToken::find_by_api_token(&mut conn, &hashed_token));
-    let user = assert_ok!(User::find(&mut conn, api_token.user_id));
+    let api_token = assert_ok!(ApiToken::find_by_api_token(&mut conn, &hashed_token).await);
+    let user = assert_ok!(User::async_find(&mut conn, api_token.user_id).await);
 
     assert_eq!(user.gh_login, "bar");
     assert_eq!(user.gh_access_token, "bar_token");
