finish login route

src/api/client_server/errors/registration_error.rs

@@ -14,6 +14,8 @@ pub enum RegistrationError {
     InvalidUserId,
     #[error("The desired user ID is already taken")]
     UserIdTaken,
+    #[error("Registration is disabled")]
+    RegistrationDisabled,
 }
 
 impl IntoResponse for RegistrationError {
@@ -42,6 +44,15 @@ impl IntoResponse for RegistrationError {
                 )),
             )
                 .into_response(),
+            RegistrationError::RegistrationDisabled => (
+                StatusCode::FORBIDDEN,
+                Json(ErrorResponse::new(
+                    ErrorCode::Forbidden,
+                    &self.to_string(),
+                    None,
+                )),
+            )
+                .into_response(),
         }
     }
 }

src/api/client_server/mod.rs

@@ -1,3 +1,3 @@
-pub mod auth;
 pub mod errors;
+pub mod r0;
 pub mod versions;

src/api/client_server/r0/auth.rs

@@ -7,16 +7,19 @@ use axum::{
     routing::{get, post},
     Extension, Json,
 };
-use rand_core::OsRng;
 use sqlx::SqlitePool;
 
 use crate::{
-    api::client_server::errors::authentication_error::AuthenticationError,
+    api::client_server::errors::{
+        api_error::ApiError, authentication_error::AuthenticationError,
+        registration_error::RegistrationError,
+    },
     models::sessions::Session,
     responses::{
         authentication::{AuthenticationResponse, AuthenticationSuccess},
         registration::RegistrationResponse,
     },
+    types::uuid::Uuid,
 };
 use crate::{
     models::devices::Device,
@@ -30,8 +33,6 @@ use crate::{
     Config,
 };
 
-use super::errors::{api_error::ApiError, registration_error::RegistrationError};
-
 pub fn routes() -> axum::Router {
     axum::Router::new()
         .route("/r0/login", get(get_login).post(post_login))
@@ -53,17 +54,34 @@ async fn post_login(
     match body {
         AuthenticationData::Password(auth_data) => {
             let user = auth_data.user().unwrap();
-            let user_id = UserId::new(&user, config.homeserver_name())
+            let user_id = UserId::new(&user, config.server_name())
                 .ok()
                 .ok_or(AuthenticationError::InvalidUserId)?;
-            
+
             let user = User::find_by_user_id(&db, &user_id).await?;
 
-            user.password_correct(auth_data.password()).ok().ok_or(AuthenticationError::Forbidden)?;
+            user.password_correct(auth_data.password())
+                .ok()
+                .ok_or(AuthenticationError::Forbidden)?;
 
-            todo!("find_or_create device for user and create a session");
+            let device = if let Some(device_id) = auth_data.device_id() {
+                Device::find_for_user(&db, &user, device_id).await?
+            } else {
+                let device_id = uuid::Uuid::new_v4().to_string();
+                let display_name =
+                    if let Some(display_name) = auth_data.initial_device_display_name() {
+                        display_name.as_ref()
+                    } else {
+                        "Generic Device"
+                    };
+                Device::new(&user, &device_id, display_name)?
+                    .create(&db)
+                    .await?
+            };
 
-            let resp = AuthenticationSuccess::new("", "", &user_id);
+            let session = Session::new(&device)?.create(&db).await?;
+
+            let resp = AuthenticationSuccess::new(session.key(), device.device_id(), &user_id);
             Ok(Json(AuthenticationResponse::Success(resp)))
         }
     }
@@ -78,7 +96,7 @@ async fn get_username_available(
     let username = params
         .get("username")
         .ok_or(RegistrationError::MissingUserId)?;
-    let user_id = UserId::new(username, &config.homeserver_name())
+    let user_id = UserId::new(username, &config.server_name())
         .ok()
         .ok_or(RegistrationError::InvalidUserId)?;
     let exists = User::exists(&db, &user_id).await?;
@@ -92,13 +110,14 @@ async fn post_register(
     Extension(db): Extension<SqlitePool>,
     Json(body): Json<RegistrationRequest>,
 ) -> Result<Json<RegistrationResponse>, ApiError> {
+    config.enable_registration().then(|| true).ok_or(RegistrationError::RegistrationDisabled)?;
     body.auth()
         .ok_or(RegistrationError::AdditionalAuthenticationInformation)?;
 
     let (user, device) = match &body.auth().expect("must be Some") {
         AuthenticationData::Password(auth_data) => {
             let username = body.username().ok_or(RegistrationError::MissingUserId)?;
-            let user_id = UserId::new(username, &config.homeserver_name())
+            let user_id = UserId::new(username, &config.server_name())
                 .ok()
                 .ok_or(RegistrationError::InvalidUserId)?;
 
@@ -115,9 +134,13 @@ async fn post_register(
                 .create(&db)
                 .await?;
 
-            let device = Device::new(&user, "test", display_name)?
-                .create(&db)
-                .await?;
+            let device = Device::new(
+                &user,
+                uuid::Uuid::new_v4().to_string().as_ref(),
+                display_name,
+            )?
+            .create(&db)
+            .await?;
 
             (user, device)
         }

src/api/client_server/r0/mod.rs

@@ -0,0 +1 @@
+pub mod auth;