webauthn: Draft registration_start route

acrate_webauthn/src/routes/registration_start.rs

@@ -1,24 +1,47 @@
-use axum::Extension;
+use axum::{Extension, Json};
+use axum::extract::Query;
 use axum::http::StatusCode;
+use webauthn_rs::prelude::CreationChallengeResponse;
+use acrate_database::auth::{AuthPasskeyInsert, AuthRegistrationInsert, AuthUserInsert};
 use acrate_database::connect::connect_async;
 use crate::ext::ExtWebAuthn;
 
 pub async fn handler(
 	Extension(webauthn): ExtWebAuthn,
-) -> Result<StatusCode, StatusCode> {
+	Json(user): Json<AuthUserInsert>
+) -> Result<Json<CreationChallengeResponse>, StatusCode> {
 	log::debug!("Handling a registration start request!");
 	
 	log::trace!("Connecting to the database...");
-	let _conn = connect_async()
+	let mut conn = connect_async()
 		.await
 		.map_err(|_| StatusCode::BAD_GATEWAY)?;
 	
-	let result = webauthn.start_passkey_registration(
-		user_id,
-		user_name,
-		user_display_name,
-		exclude_credentials,
-	);
+	// TODO: How to prevent unauthenticated users from eating up all possible usernames?
 	
-	Ok(StatusCode::NO_CONTENT)
+	log::trace!("Inserting a new user in the database...");
+	let user = user.to_inserted_async(&mut conn)
+		.await
+		.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+	
+	log::trace!("Starting passkey registration for user: {:?}", &user.id);
+	let (ccr, pr) = webauthn.start_passkey_registration(
+		user.id,
+		user.username.as_str(),
+		user.display_name.as_str(),
+		None,
+	)
+		.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+	
+	log::trace!("Inserting pending registration in the database...");
+	let pr = AuthRegistrationInsert {
+		user_id: user.id,
+		state: pr.try_into().map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?,
+	};
+	let _pr = pr.to_inserted_async(&mut conn)
+		.await
+		.map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+	
+	log::trace!("Returning challenge...");
+	Ok(Json(ccr))
 }