moonbeeper

beep beep boop.
now emails have template support! you just need either a .html or .txt (or both!), and its using tera under the hood.
this cleaned up a lot of repetitive code in each exchange handler that sent emails, which is nice.

ah, and also, the mailer and the job queue now have proper error enums… for errors. I really should’ve done this ages ago man
another tiiiny change was just the copy pasting of the authentication flows into the sudo reauth flows with a few tweaks (means that the authentication flow handlers are prettty easy to modify :D)
NOW, gotta make the real email templates to be used because the ones i have are just “hi i work yay”.

Changelog

• handlers swap to email templates
• email templates
• authentication flows cleanup
• C&P flows to sudo reauth
• update crates

nuked my old authentication flow. while it wasn’t terrible on its own, the exchange part was AWFUL because I was (for some reason) trying to crap every single handler of every auth option (otp, totp…) in one place, and i honestly really didn’t want to add more sauce to my beautiful horrible amalgamation especially with me wanting to add passkeys next as a login method.
so, i split everything into its own dedicated exchange endpoints! just like it should have been… great job past me. Now you just talk with a “start” endpoint, get a next_method back, and that tells you which exchange route to hit to get your session. its pretty better and great and beautiful to maintain.
AND about passkeys… yes. i sadly spent way too much time hammering my head against the.. uhhm keys. because I wanted to store things my own way in the database, but the library i wanted to use really was telling me a big nope. i just gave up and just stored the whole credential stuff as json (as the library wanted) along with the credential_id and the counter. now i can do coool passkey stuff like matching the credential to the authenticator (like a github yubikey) and check the counter to make sure it hasn’t been cloned. yay security! (not that cool) with my own complications that shouldnt even happen.
The rest about it was actually prettty ok. cookies to track the challenge session (because you don’t have a session (logged out!!!) and you just slap some simple checks and boom works :D

Changelog

• oops, forgot to update passkey counter
• webauthn login flow
• better login flow handlers (unmerged)
• passkey registration handlers and db models
• swap auth challenges enums to use db types

Right because I’ve been seeing some people adding a their git changes changelog, I’ll also add it :). Plus it helps by making me remember what the hell did i do if it was a lot.
Right, I wrapped the totp auth utils because before i just unwrapped them directly just like the sudo stuff before wrapping them also in the magical map_err.
And sudo like autorization is here! As always to make big baddy auth related changes like enabling two factor auth or deleting sessions will require you to enable sudo to be able to make those changes. Pretty simple security. I even used and renamed an old db table so that I didnt need to create a new table for this sudo stuff (It was the user login attemps that was converted into the auth challenges)
That’s it, I just needed to implement this sudo stuff to the other routes after making it and its working as I intended :D

Changelog

• update cargo crates (d52375c)
• wrap totp with map_err for http handlers (b1cbb84)
• sudo http handler and utils (7d6df89)
• implement sudo to little http handlers (1032854)

implemented the typical two factor authentication stuff like the removing the totp or enabling and added that when you log in and have this enabled, you need to use it (wow).
this stuff is being stored in the db encrypted which is nice.
god am awful at coding these kinds of stuff because i am trying to not have it messy but i always get it messy hahaha and i should be adding more commits per stuff i make but ofc i forget.

added the typical session endpoint that lets you see your own session, delete or delete all. simple stuff but got stuck figuring out that to delete cookies you have to have the same params as the original cookie or else it won’t work. oh and also that you have to set the path param or else the cookie takes the path of the request that is creating it like if the route “/v1/bananas” creates a cookie, instead of creating a cookie at the root, it creates a cookie at “/v1/bananas” which made my middleware that checks the sessions think the user didnt have a session open.

I made a background job queue for background jobs! pretty cool because the hecking email sending was really blocking the requests for around 4 seconds until the email was sent… and now I don’t have to wait for that! and now i even have a tiny framework in which i can make my tiny background jobs to be run on the workers of the queue that are pretty fast :D
I actually don’t know if my queue stuff is good or if i am using the database for the right job because the job of the database is to actually dequeue the jobs by pending jobs and stale jobs that havent updated their heartbeat (updated_at field). I tried my best at making the cost of the query pretty low because gah damn it was pretty pretty high when i was using an OR in the where part of the query, now i just query for the pending and stale inprogress jobs in different queries and then union them which is somehow faster. i mean, also having indexes helped alot (who would have known that!? wow).
but probably i will be using this queue stuff only for my email stuff and that’s it, so I made this thingy for nothing which isn’t cool :(.

wasted a whole lot of time by making a simple thing to track my running services to be able to shutdown them and wait to have all of them sleeping. The primary cause of the time wasting mode was the “oh yeah. i want to add this and this and even. ah yeah, i want this. yes more bloat for useless features i won’t even use” when in reality I just needed a counter that goes up and then down and a away to notify “yeah, i was the last service alive you can shutdown now”.
I mean in the future I might add a method to futures for when i want to force shutdown to make all the futures return poll::ready or maybe not idk.
I also added a less important thingy, the http error enum monolith. muahaha. its great.

right, worked out the basic flow of login in and registering with the typical emails being sent and that’s it. The thing that took a bit more time was just the middleware to manage sessions and that’s it haha.
I also need to get a queue based email sending thingy because sending them in the routes makes so they hang until the email was sent which isn’t cool.
here you get an useless screenshot of the api explorer which has nothing more than “hey, this route exists and needs and returns this”.

wow my procrastination is a bit enormous for these things haha. i am still pretty bad because i actually don’t know how to code this beautiful language called rust.
anyways, currently the beautiful meow auth thingy just has the bare basics: settings management, database, global state and openapi docs… and that’s it I still have to make the actual backend lol.
pew pew peww