feat: external client authentication

.env.example

@@ -1,4 +1,6 @@
 # shellcheck disable=2034,2148
+
+# db app
 DB_MONGO_USER=mongo
 DB_MONGO_PASS=secret
 DB_MONGO_HOST=localhost
@@ -20,10 +22,15 @@ DB_KEYS_HOST=localhost
 DB_KEYS_PORT=5433
 DB_KEYS_NAME=api6_keys
 
+# api app
 API_BYPASS_AUTH=false
 
+# auth app
+AUTH_APP_URL=localhost
+AUTH_APP_PORT=3000
+
 AUTH_DB_POSTGRES_HOST=api6_postgres
 AUTH_DB_KEYS_HOST=api6_keys
-AUTH_APP_PORT=3000
+
 AUTH_JWT_SECRET=secret
 AUTH_DEV_MODE=true

apps/auth/Cargo.toml

@@ -37,5 +37,6 @@ thiserror = "2.0.12"
 fernet = "0.2.2"
 base64 = "0.22.1"
 actix-web-httpauth = "0.8.2"
+askama = "0.14.0"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

apps/auth/src/entities/entity_key.rs

@@ -0,0 +1,16 @@
+use sea_orm::entity::prelude::*;
+
+#[derive(Clone, Debug, DeriveEntityModel)]
+#[sea_orm(table_name = "entity_key")]
+pub struct Model {
+    #[sea_orm(primary_key, auto_increment = true)]
+    pub id: i64,
+    pub entity_id: i64,
+    pub entity_type: i64,
+    pub key: String,
+}
+
+#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
+pub enum Relation {}
+
+impl ActiveModelBehavior for ActiveModel {}

apps/auth/src/entities/keys.rs → apps/auth/src/entities/entity_type.rs

@@ -1,11 +1,11 @@
 use sea_orm::entity::prelude::*;
 
 #[derive(Clone, Debug, DeriveEntityModel)]
-#[sea_orm(table_name = "user_key")]
+#[sea_orm(table_name = "entity_type")]
 pub struct Model {
     #[sea_orm(primary_key)]
     pub id: i64,
-    pub key: String
+    pub name: String,
 }
 
 #[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]

apps/auth/src/entities/external_client.rs

@@ -0,0 +1,19 @@
+use sea_orm::entity::prelude::*;
+use utoipa::ToSchema;
+
+#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, ToSchema)]
+#[sea_orm(table_name = "external_clients")]
+pub struct Model {
+    #[sea_orm(primary_key, auto_increment = true)]
+    pub id: i64,
+    pub name: String,
+    pub login: String,
+    pub password: String,
+    pub created_at: DateTime,
+    pub disabled_since: Option<DateTime>,
+}
+
+#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
+pub enum Relation {}
+
+impl ActiveModelBehavior for ActiveModel {}

apps/auth/src/entities/mod.rs

@@ -1,4 +1,6 @@
-pub mod keys;
+pub mod entity_key;
+pub mod entity_type;
+pub mod external_client;
 pub mod permission;
 pub mod revoked_token;
 pub mod role;

apps/auth/src/infra/config.rs

@@ -37,7 +37,9 @@ pub fn setup() -> Config {
             .parse()
             .unwrap(),
 
-        server_port: env::var("AUTH_APP_PORT")
+        app_host: env::var("AUTH_APP_HOST").unwrap_or_else(|_| "localhost".into()),
+
+        app_port: env::var("AUTH_APP_PORT")
             .unwrap_or_else(|_| "3000".into())
             .parse()
             .unwrap(),

apps/auth/src/infra/server.rs

@@ -23,7 +23,7 @@ pub struct DatabaseClientKeys {
 }
 
 pub async fn create_server(config: Config) -> std::io::Result<Server> {
-    let server_port = config.server_port;
+    let server_port = config.app_port;
 
     let db_postgres_client_data = web::Data::new(DatabaseClientPostgres {
         client: db::create_seaorm_connection(
@@ -54,6 +54,9 @@ pub async fn create_server(config: Config) -> std::io::Result<Server> {
             )
             .configure(routes::user)
             .configure(routes::auth)
+            .configure(routes::external_client)
+            .configure(routes::external_client_auth)
+            .configure(routes::portability)
     })
     .bind(("0.0.0.0", server_port))?;
 

apps/auth/src/infra/types.rs

@@ -10,7 +10,8 @@ pub struct DatabaseConfig {
 
 pub struct Config {
     pub database_clients: HashMap<String, DatabaseConfig>,
-    pub server_port: u16,
+    pub app_host: String,
+    pub app_port: u16,
     pub jwt_secret: String,
     pub dev_mode: bool,
 }
@@ -22,6 +23,13 @@ impl Config {
             None => panic!("Database config not found for `{}`", name),
         }
     }
+
+    pub fn get_app_url(&self) -> String {
+        match self.app_host.as_str() {
+            "localhost" => format!("http://{}:{}", self.app_host, self.app_port),
+            _ => format!("https://{}", self.app_host),
+        }
+    }
 }
 
 pub struct PresetField {

apps/auth/src/main.rs

@@ -1,5 +1,6 @@
 mod infra;
 mod service;
+mod templates;
 
 mod entities;
 mod models;

apps/auth/src/models/auth.rs

@@ -3,7 +3,7 @@ use utoipa::ToSchema;
 
 #[derive(Deserialize, ToSchema)]
 #[serde(rename_all = "camelCase")]
-pub struct RegisterRequest {
+pub struct UserRegisterRequest {
     pub name: String,
     pub login: String,
     pub email: String,
@@ -12,20 +12,38 @@ pub struct RegisterRequest {
     pub role_id: i64,
 }
 
+#[derive(Deserialize, ToSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct ExternalClientRegisterRequest {
+    pub name: String,
+    pub login: String,
+    pub password: String,
+}
+
 #[derive(Deserialize, ToSchema)]
 pub struct LoginRequest {
     pub login: String,
     pub password: String,
 }
 
 #[derive(Serialize, ToSchema)]
-pub struct LoginResponse {
+pub struct UserLoginResponse {
     pub token: String,
     pub id: i64,
     pub permissions: Vec<String>,
 }
 
+#[derive(Serialize, ToSchema)]
+pub struct ExternalClientLoginResponse {
+    pub token: String,
+}
+
 #[derive(Deserialize, ToSchema)]
 pub struct ValidateRequest {
     pub token: String,
 }
+
+#[derive(Debug, Serialize, Deserialize, ToSchema)]
+pub struct PortabilityScreenQuery {
+    pub token: String,
+}

apps/auth/src/models/entity_type.rs

@@ -0,0 +1,42 @@
+use sea_orm::entity::prelude::*;
+use std::str::FromStr;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, EnumIter, DeriveActiveEnum)]
+#[sea_orm(rs_type = "String", db_type = "String(StringLen::Max)")]
+pub enum EntityType {
+    #[sea_orm(string_value = "user")]
+    User,
+    #[sea_orm(string_value = "external_client")]
+    ExternalClient,
+    #[sea_orm(string_value = "authorized_client")]
+    AuthorizedClient,
+}
+
+impl EntityType {
+    pub fn as_str(&self) -> &'static str {
+        match self {
+            EntityType::User => "user",
+            EntityType::ExternalClient => "external_client",
+            EntityType::AuthorizedClient => "authorized_client",
+        }
+    }
+}
+
+impl FromStr for EntityType {
+    type Err = ();
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        match s {
+            "user" => Ok(EntityType::User),
+            "external_client" => Ok(EntityType::ExternalClient),
+            "authorized_client" => Ok(EntityType::AuthorizedClient),
+            _ => Err(()),
+        }
+    }
+}
+
+impl std::fmt::Display for EntityType {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "{}", self.as_str())
+    }
+}

apps/auth/src/models/external_client.rs

@@ -0,0 +1,22 @@
+use serde::{Deserialize, Serialize};
+use sqlx::FromRow;
+use utoipa::ToSchema;
+
+#[derive(Debug, Serialize, Deserialize, FromRow, ToSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct ExternalClientPublic {
+    pub id: i64,
+    pub name: String,
+    pub login: String,
+    pub created_at: String,
+    pub disabled_since: Option<String>,
+}
+
+#[derive(Debug, Serialize, Deserialize, ToSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct ExternalClientUpdate {
+    pub name: Option<String>,
+    pub login: Option<String>,
+    pub password: Option<String>,
+    pub disabled_since: Option<Option<String>>,
+}