Alpha release (Account management API 1/2) (#51)

First three routes are tested, all the other ones just need to have
their tests implemented except email stuff which I'm leaving for another
day.

| Account | route | commune-server | commune-rs |
| :--- | :--- | :---: | :---: |
| Create Account | `POST /account` | ✅ | ✅ |
| Login | `POST /login` | ✅ | ✅ |
| Logout | `GET /logout` | ✅ | ✅ |
| Validate Session | `GET /account/session` | ✅ | ❌ |
| Validate Token | `POST /account/token` | ✅ | ❌ |
| Send Password Recovery Code| `POST /account/password` | ✅ | ❌ |
| Verify Password | `POST /account/password/verify` | ✅ | ❌ |
| Reset Password | `POST /account/password/reset` | ✅ | ❌ |
| Update Password | `POST /account/password/update` | ✅ | ❌ |
| Send Verifications Code | `POST /account/verify/code` | ✅ | ❌ |
| Verify Code | `POST /account/verify` | ✅ | ❌ |
| Verify Email | `POST /account/verify/email` | ✅ | ❌ |
| Update Display Name | `POST /account/display_name` | ✅ | ❌ |
| Update Avatar | `POST /account/avatar` | ✅ | ❌ |
| Check Username Availability | `GET /username` | ✅ | ❌ |
| Validate Email | `GET /email` | ✅ | ❌ |

.github/workflows/ci.yml

@@ -86,8 +86,7 @@ jobs:
         env:
           COMMUNE_SYNAPSE_ADMIN_TOKEN: ${{ env.COMMUNE_SYNAPSE_ADMIN_TOKEN }}
         run: |
-          # just e2e -- --show-output
-          echo "warning: end-to-end tests are temporarily disabled"
+          just e2e -- --show-output
 
       - name: Print Logs
         if: always()

Cargo.toml

@@ -9,44 +9,63 @@ repository = "https://github.com/commune-os/commune-rs"
 rust-version = "1.75.0"
 
 [workspace]
-default-members = ["crates/server"]
-members = ["crates/core", "crates/matrix", "crates/server", "crates/test"]
+members = ["crates/core", "crates/matrix", "crates/router", "crates/test"]
+default-members = ["crates/router"]
 resolver = "2"
 
 [workspace.dependencies]
-anyhow = "1.0.75"
+axum-extra = { version = "0.9.3", features = ["typed-header"] }
 async-trait = "0.1.74"
-axum = { version = "0.7.4", features = ["tokio"] }
-chrono = { version = "0.4.34", features = ["serde"] }
-dotenv = "0.15.0"
+# async-stream = "0.3.5"
+bytes = "1.5.0"
+email_address = { version = "0.2.4", features = ["serde", "serde_support"] }
+figment = { version = "0.10.14", features = ["toml", "env"] }
 hex = "0.4.3"
+tokio-rustls = "0.25.0"
+# futures = "0.3.30"
 hmac = "0.12.1"
+sha1 = "0.10.6"
+anyhow = "1.0.75"
+axum = { version = "0.7.4", features = ["tokio", "macros"] }
 http = "0.2.11"
 mime = "0.3.17"
+mail-send = "0.4.7"
+maud = "0.26.0"
+headers = "0.4.0"
 # openssl = { version = "0.10.63", features = ["vendored"] }
 # openssl-sys = { version = "0.9.99", features = ["vendored"] }
 reqwest = { version = "0.11.22", default-features = false, features = [
-  "blocking",
   "json",
   "multipart",
   "rustls",
 ] }
 serde = "1.0.192"
-serde_json = "1.0.108"
-serde_path_to_error = "0.1.14"
-serde_qs = "0.12.0"
-sha1 = "0.10.6"
+serde_json = "1.0.114"
+time = "0.3.34"
 tokio = "1.34.0"
 tracing = "0.1.40"
 tracing-subscriber = "0.3.18"
 url = "2.4.1"
-uuid = { version = "1.6.1", features = ["v4"] }
-handlebars = "5.0.0"
-lettre = "0.11"
 rand = "0.8.5"
 thiserror = "1.0.50"
 validator = { version = "0.16", features = ["derive"] }
 
+router = { workspace = true, path = "crates/router" }
+matrix = { workspace = true, path = "crates/matrix" }
+commune = { workspace = true, path = "crates/core" }
+
+ruma-events = { version = "0.27.11", default_features = false, features = [
+  "html",
+  "markdown",
+] }
+ruma-common = { version = "0.12.0", default_features = false, features = [
+  "api",
+  "rand",
+] }
+ruma-macros = { version = "0.12.0", default_features = false }
+ruma-client = { version = "0.12.0", default_features = false }
+ruma-identifiers-validation = { version = "0.9.3", default_features = false }
+
 [workspace.lints.rust]
 unreachable_pub = "warn"
 unsafe_code = "forbid"

commune-example.toml

@@ -0,0 +1,23 @@
+registration_verification = false
+public_loopback = false
+port = 6421
+tls = true
+
+# Either one works but not both
+blocked_domains = []
+# allowed_domains = ['gmail.com', 'outlook.com']
+
+# `X-Forwarded-For` header
+# xff = false
+
+[matrix]
+server_name = "matrix.localhost"
+host = "http://0.0.0.0:8008"
+admin_token = "syt_YWRtaW4_FllbTksPWcQaDRUVVcYR_3LJQZ2"
+shared_registration_secret = "m@;wYOUOh0f:CH5XA65sJB1^q01~DmIriOysRImot,OR_vzN&B"
+
+[mail]
+host = "smtp://0.0.0.0:1025"
+username = ""
+password = ""
+tls = false

crates/core/Cargo.toml

@@ -10,18 +10,23 @@ path = "src/lib.rs"
 
 [dependencies]
 # Workspace Dependencies
-handlebars = { workspace = true }
-lettre = { workspace = true }
+anyhow = { workspace = true }
+axum = { workspace = true }
 rand = { workspace = true }
+email_address = { workspace = true }
 thiserror = { workspace = true }
 validator = { workspace = true, features = ["derive"] }
 http = { workspace = true }
+mail-send = { workspace = true }
+maud = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 tracing = { workspace = true }
-uuid = { workspace = true, features = ["serde"] }
+figment = { workspace = true }
 url = { workspace = true, features = ["serde"] }
 tokio = { workspace = true, features = ["full"] }
+headers = { workspace = true }
+tokio-rustls = { workspace = true }
 
 # Local Dependencies
-matrix = { path = "../matrix" }
+matrix = { path = "../matrix", features = ["client"] }

crates/core/src/account.rs

@@ -0,0 +1,8 @@
+pub mod email;
+pub mod login;
+pub mod logout;
+pub mod password;
+pub mod register;
+pub mod token;
+pub mod username;
+pub mod whoami;

crates/core/src/account/email.rs

@@ -0,0 +1,32 @@
+use std::time::{SystemTime, UNIX_EPOCH};
+
+use email_address::EmailAddress;
+use matrix::admin::registration_tokens::new::*;
+use rand::{distributions::Uniform, prelude::Distribution};
+
+use crate::{commune, error::Result};
+
+pub async fn service(address: EmailAddress) -> Result<()> {
+    let uni = Uniform::new('0', '9');
+    let token: String = uni.sample_iter(rand::thread_rng()).take(6).collect();
+
+    let req = Request::new(
+        token.clone(),
+        1,
+        SystemTime::now()
+            .duration_since(UNIX_EPOCH)
+            // panics below should never happen
+            .expect("system time overflow")
+            .as_millis()
+            .try_into()
+            .expect("system time overflow"),
+    );
+
+    commune()
+        .send_matrix_request(req, Some(&commune().config.matrix.admin_token.inner()))
+        .await?;
+
+    commune().send_email_verification(address, token).await?;
+
+    Ok(())
+}

crates/core/src/account/login.rs

@@ -0,0 +1,21 @@
+use matrix::client::{login::*, uiaa::UserIdentifier};
+
+use crate::{commune, error::Result, util::secret::Secret};
+
+pub async fn service(username: impl Into<String>, password: &Secret) -> Result<Response> {
+    let req = Request::new(
+        LoginType::Password {
+            password: password.inner(),
+        },
+        Some(UserIdentifier::User {
+            user: username.into(),
+        }),
+        "commune".to_owned(),
+        Some(true),
+    );
+
+    commune()
+        .send_matrix_request(req, None)
+        .await
+        .map_err(Into::into)
+}

crates/core/src/account/logout.rs

@@ -0,0 +1,12 @@
+use matrix::client::logout::root::*;
+
+use crate::{commune, error::Result};
+
+pub async fn service(access_token: impl AsRef<str>) -> Result<Response> {
+    let req = Request::new();
+
+    commune()
+        .send_matrix_request(req, Some(access_token.as_ref()))
+        .await
+        .map_err(Into::into)
+}

crates/core/src/account/password.rs

@@ -0,0 +1,20 @@
+use matrix::{client::account::password::*, ruma_common::UserId};
+
+use crate::{commune, error::Result, util::secret::Secret};
+
+pub async fn service(
+    access_token: impl AsRef<str>,
+    username: impl Into<String>,
+    old_password: Secret,
+    new_password: Secret,
+) -> Result<Response> {
+    let server_name = &crate::commune().config.matrix.server_name;
+    let user_id = UserId::parse_with_server_name(username.into(), server_name)?;
+
+    let req = Request::new(new_password.inner()).with_password(user_id, old_password.inner());
+
+    commune()
+        .send_matrix_request(req, Some(access_token.as_ref()))
+        .await
+        .map_err(Into::into)
+}

crates/core/src/account/register.rs

@@ -0,0 +1,53 @@
+use http::StatusCode;
+use matrix::{
+    client::{
+        register::root::*,
+        uiaa::{Auth, AuthData, AuthType, Dummy, UiaaResponse},
+    },
+    ruma_client::Error::FromHttpResponse,
+    ruma_common::api::error::{FromHttpResponseError, MatrixError, MatrixErrorBody},
+};
+
+use crate::{commune, error::Result, util::secret::Secret};
+
+pub async fn service(username: impl Into<String>, password: Secret) -> Result<Response> {
+    let req = Request::new(
+        username.into(),
+        password.inner(),
+        Some("commune".to_owned()),
+        None,
+        None,
+    );
+
+    let mut retry_req = req.clone();
+
+    match commune().send_matrix_request(req, None).await {
+        Ok(resp) => Ok(resp),
+        Err(e) => match e {
+            FromHttpResponse(FromHttpResponseError::Server(MatrixError {
+                status_code: StatusCode::UNAUTHORIZED,
+                body: MatrixErrorBody::Json(ref body),
+            })) => {
+                let UiaaResponse { flows, session, .. } =
+                    serde_json::from_value::<UiaaResponse>(body.clone()).unwrap();
+
+                match flows.as_slice() {
+                    [value] => match value.stages.as_slice() {
+                        [AuthType::Dummy] => {
+                            retry_req.auth = Some(Auth::new(AuthData::Dummy(Dummy {}), session));
+
+                            commune()
+                                .send_matrix_request(retry_req, None)
+                                .await
+                                .map_err(Into::into)
+                        }
+                        _ => Err(e.into()),
+                    },
+                    _ => Err(e.into()),
+                }
+            }
+
+            _ => Err(e.into()),
+        },
+    }
+}