Schafkopf-Server/Sources/App/Management/SQLiteDatabase.swift

import Foundation
import Fluent
import Vapor
import SwiftSMTP

typealias PasswordHash = String
typealias SessionToken = String

final class SQLiteDatabase {

    /// A mapping between player name and generated access tokens for a session
    private var sessionTokenForPlayer = [PlayerName: SessionToken]()

    /// A reverse mapping between generated access tokens and player name
    private var playerNameForToken = [SessionToken: PlayerName]()

    private let tables: TableManagement

    private let mailConfiguration: Configuration.EMail

    private let smtp: SMTP

    private let mailSender: Mail.User

    init(db: Database, mail: Configuration.EMail) throws {
        self.tables = try TableManagement(db: db)
        self.smtp = SMTP(
            hostname: mail.emailHostname,
            email: mail.email,
            password: mail.password)
        self.mailSender = Mail.User(name: "Schafkopf Server", email: mail.email)
        self.mailConfiguration = mail
    }

    func registerPlayer(named name: PlayerName, hash: PasswordHash, email: String?, in database: Database) async throws -> SessionToken {
        if let email {
            let user = try await User
                .query(on: database)
                .filter(\.$recoveryEmail == email)
                .first()
            if user != nil {
                throw Abort(.conflict)
            }
        }
        if try await User.query(on: database).filter(\.$name == name).first() != nil {
            throw Abort(.conflict)
        }
        let user = User(name: name, hash: hash, email: email)
        try await user.create(on: database)

        // Create a new token and store it for the user
        let token = SessionToken.newToken()
        self.sessionTokenForPlayer[name] = token
        self.playerNameForToken[token] = name
        return token
    }

    /**
     Send a password reset email.

     Possible errors:
     - `417`: Player name or email not found.
     */
    func sendPasswordResetEmailIfPossible(name: PlayerName, in database: Database) async throws {
        guard let user = try await User.query(on: database).filter(\.$name == name).first() else {
            throw Abort(.expectationFailed)
        }
        guard let email = user.recoveryEmail else {
            throw Abort(.expectationFailed)
        }
        try await user.$resetRequest.load(on: database)
        if let request = user.resetRequest {
            request.renew()
            try await request.save(on: database)
            self.sendEmail(name: name, email: email, token: request.resetToken)
        } else {
            let reset = PasswordReset()
            try await user.$resetRequest.create(reset, on: database)
            self.sendEmail(name: name, email: email, token: reset.resetToken)
        }
    }

    private func sendEmail(name: PlayerName, email: String, token: String) {
        let recipient = Mail.User(name: name, email: email)
        let url = "\(mailConfiguration.serverDomain)/recovery.html?token=\(token)"
        let mail = Mail(
            from: mailSender,
            to: [recipient],
            subject: "Schafkopf Server Password Reset",
            text:
                    """
                    Hello \(name),

                    a reset of your account password has been requested for the Schafkopf Server at \(mailConfiguration.serverDomain).
                    To choose a new password, click the following link:

                    \(url)

                    The link will expire in \(mailConfiguration.tokenExpiryDuration) minutes. If you didn't request the password reset, you don't have to do anything.

                    Regards,

                    The Schafkopf Server Team
                    """
        )

        smtp.send(mail) { (error) in
            if let error = error {
                print("Failed to send recovery email to \(email): \(error)")
            }
        }
    }

    /**
     Change the password of a user with a recovery token

     Possible errors:
     - `417`: Reset token not found or expired
     */
    func updatePassword(password: String, forResetToken token: String, in database: Database) async throws {
        // 1. Find and validate the reset request
        let reset: PasswordReset? = try await PasswordReset.query(on: database)
            .filter(\.$resetToken == token)
            .first()
        guard let reset else {
            throw Abort(.expectationFailed)
        }
        guard reset.expiryDate.timeIntervalSinceNow > 0 else {
            throw Abort(.expectationFailed)
        }

        // 2. Update the user password
        let user = try await reset.$user.get(on: database)
        user.passwordHash = password
        try await user.save(on: database)

        // 3. Delete the reset request
        try await PasswordReset
            .query(on: database)
            .filter(\.$resetToken == token)
            .delete()
    }

    func passwordHashForExistingPlayer(named name: PlayerName, in database: Database) async throws -> PasswordHash {
        try await User
            .query(on: database)
            .filter(\.$name == name)
            .first()
            .unwrap(or: Abort(.unauthorized))
            .passwordHash
    }

    func deletePlayer(named name: PlayerName, in database: Database) async throws {
        let user = try await user(named: name, in: database)
        try await tables.leaveTable(player: user, in: database)
        try await User.query(on: database).filter(\.$name == name).delete()
    }

    func isValid(sessionToken token: SessionToken) -> Bool {
        playerNameForToken[token] != nil
    }

    func startSession(socket: WebSocket, sessionToken token: SessionToken) -> Bool {
        guard let player = playerNameForToken[token] else {
            return false
        }
        return tables.connect(player: player, using: socket)
    }

    func endSession(forSessionToken sessionToken: SessionToken) {
        guard let player = endExistingSession(forSessionToken: sessionToken) else {
            return
        }
        tables.disconnect(player: player)
    }

    private func endExistingSession(forSessionToken token: SessionToken) -> PlayerName? {
        guard let player = playerNameForToken.removeValue(forKey: token) else {
            return nil
        }
        sessionTokenForPlayer.removeValue(forKey: player)
        return player
    }


    /**
     Start a new session for an existing user.
     - Parameter name: The user name
     - Returns: The generated access token for the session
     */
    func startNewSessionForRegisteredPlayer(named name: PlayerName) -> SessionToken {
        let token = SessionToken.newToken()
        self.sessionTokenForPlayer[name] = token
        self.playerNameForToken[token] = name
        return token
    }

    func registeredPlayerExists(withSessionToken token: SessionToken) -> PlayerName? {
        playerNameForToken[token]
    }

    func currentTableOfPlayer(named player: PlayerName) -> TableInfo? {
        tables.tableInfo(player: player)
    }

    private func points(for player: PlayerName, in database: Database) async throws -> Int {
        try await User.query(on: database)
            .filter(\.$name == player)
            .first()
            .unwrap(or: Abort(.notFound))
            .points
    }

    private func user(named name: PlayerName, in database: Database) async throws -> User {
        try await User
            .query(on: database)
            .filter(\.$name == name)
            .first()
            .unwrap(or: Abort(.notFound))
    }

    private func user(withToken token: SessionToken, in database: Database) async throws -> User {
        let name = try playerNameForToken[token].unwrap(or: Abort(.unauthorized))
        return try await user(named: name, in: database)
    }

    // MARK: Tables

    /**
     Create a new table with optional players.
     - Parameter name: The name of the table
     - Parameter players: The player creating the table
     - Parameter isPublic: Indicates that this is a game joinable by everyone
     - Returns: The table id
     */
    func createTable(named name: TableName, player: PlayerName, isPublic: Bool, in database: Database) async throws -> TableInfo {
        let user = try await user(named: player, in: database)
        return try await tables.createTable(named: name, player: user, isPublic: isPublic, in: database)
    }

    func getPublicTableInfos() -> [PublicTableInfo] {
        tables.publicTableList
    }

    func join(tableId: UUID, playerToken: SessionToken, in database: Database) async throws -> TableInfo {
        let user = try await user(withToken: playerToken, in: database)
        return try await tables.join(tableId: tableId, player: user, in: database)
    }

    func leaveTable(playerToken: SessionToken, in database: Database) async throws {
        let user = try await user(withToken: playerToken, in: database)
        try await tables.leaveTable(player: user, in: database)
    }

    func performAction(playerToken: SessionToken, action: PlayerAction) -> PlayerActionResult {
        guard let player = playerNameForToken[playerToken] else {
            return .invalidToken
        }
        return tables.performAction(player: player, action: action)
    }

    func select(game: GameType, playerToken: SessionToken) -> PlayerActionResult {
        guard let player = playerNameForToken[playerToken] else {
            return .invalidToken
        }
        return tables.select(game: game, player: player)
    }

    func play(card: Card, playerToken: SessionToken) -> PlayerActionResult {
        guard let player = playerNameForToken[playerToken] else {
            return .invalidToken
        }
        return tables.play(card: card, player: player)
    }
    
    func disconnectAllSockets() {
        tables.disconnectAllSockets()
    }
}
Add first database version and model 2021-12-22 22:11:37 +01:00			`import Foundation`
			`import Fluent`
			`import Vapor`
Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`import SwiftSMTP`
Add first database version and model 2021-12-22 22:11:37 +01:00
			`typealias PasswordHash = String`
			`typealias SessionToken = String`

			`final class SQLiteDatabase {`

			`/// A mapping between player name and generated access tokens for a session`
			`private var sessionTokenForPlayer = [PlayerName: SessionToken]()`

			`/// A reverse mapping between generated access tokens and player name`
			`private var playerNameForToken = [SessionToken: PlayerName]()`

			`private let tables: TableManagement`

Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`private let mailConfiguration: Configuration.EMail`

			`private let smtp: SMTP`

			`private let mailSender: Mail.User`

			`init(db: Database, mail: Configuration.EMail) throws {`
Add first database version and model 2021-12-22 22:11:37 +01:00			`self.tables = try TableManagement(db: db)`
Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`self.smtp = SMTP(`
			`hostname: mail.emailHostname,`
			`email: mail.email,`
			`password: mail.password)`
			`self.mailSender = Mail.User(name: "Schafkopf Server", email: mail.email)`
			`self.mailConfiguration = mail`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

Convert registration to async 2022-10-12 14:34:43 +02:00			`func registerPlayer(named name: PlayerName, hash: PasswordHash, email: String?, in database: Database) async throws -> SessionToken {`
			`if let email {`
			`let user = try await User`
			`.query(on: database)`
			`.filter(\.$recoveryEmail == email)`
			`.first()`
			`if user != nil {`
			`throw Abort(.conflict)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`
Convert registration to async 2022-10-12 14:34:43 +02:00			`}`
			`if try await User.query(on: database).filter(\.$name == name).first() != nil {`
			`throw Abort(.conflict)`
			`}`
			`let user = User(name: name, hash: hash, email: email)`
			`try await user.create(on: database)`

			`// Create a new token and store it for the user`
			`let token = SessionToken.newToken()`
			`self.sessionTokenForPlayer[name] = token`
			`self.playerNameForToken[token] = name`
			`return token`
			`}`
Add route to send recovery email 2022-10-12 19:30:11 +02:00
			`/**`
			`Send a password reset email.`

			`Possible errors:`
Replace 404 errors 2022-10-12 19:43:16 +02:00			- `417`: Player name or email not found.
Add route to send recovery email 2022-10-12 19:30:11 +02:00			`*/`
			`func sendPasswordResetEmailIfPossible(name: PlayerName, in database: Database) async throws {`
			`guard let user = try await User.query(on: database).filter(\.$name == name).first() else {`
Replace 404 errors 2022-10-12 19:43:16 +02:00			`throw Abort(.expectationFailed)`
Add route to send recovery email 2022-10-12 19:30:11 +02:00			`}`
			`guard let email = user.recoveryEmail else {`
Replace 404 errors 2022-10-12 19:43:16 +02:00			`throw Abort(.expectationFailed)`
Add route to send recovery email 2022-10-12 19:30:11 +02:00			`}`
			`try await user.$resetRequest.load(on: database)`
			`if let request = user.resetRequest {`
			`request.renew()`
			`try await request.save(on: database)`
			`self.sendEmail(name: name, email: email, token: request.resetToken)`
			`} else {`
			`let reset = PasswordReset()`
			`try await user.$resetRequest.create(reset, on: database)`
			`self.sendEmail(name: name, email: email, token: reset.resetToken)`
			`}`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`private func sendEmail(name: PlayerName, email: String, token: String) {`
			`let recipient = Mail.User(name: name, email: email)`
Add route to send recovery email 2022-10-12 19:30:11 +02:00			`let url = "\(mailConfiguration.serverDomain)/recovery.html?token=\(token)"`
Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`let mail = Mail(`
			`from: mailSender,`
			`to: [recipient],`
			`subject: "Schafkopf Server Password Reset",`
			`text:`
			`"""`
			`Hello \(name),`

			`a reset of your account password has been requested for the Schafkopf Server at \(mailConfiguration.serverDomain).`
			`To choose a new password, click the following link:`

Add route to send recovery email 2022-10-12 19:30:11 +02:00			`\(url)`
Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00
			`The link will expire in \(mailConfiguration.tokenExpiryDuration) minutes. If you didn't request the password reset, you don't have to do anything.`

			`Regards,`

			`The Schafkopf Server Team`
			`"""`
			`)`

Add route to send recovery email 2022-10-12 19:30:11 +02:00			`smtp.send(mail) { (error) in`
Add email sending functionality and configuration 2022-10-11 12:09:43 +02:00			`if let error = error {`
			`print("Failed to send recovery email to \(email): \(error)")`
			`}`
			`}`
			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`/**`
			`Change the password of a user with a recovery token`
Add first database version and model 2021-12-22 22:11:37 +01:00
Add route to update password with email token 2022-10-12 19:30:43 +02:00			`Possible errors:`
Replace 404 errors 2022-10-12 19:43:16 +02:00			- `417`: Reset token not found or expired
Add route to update password with email token 2022-10-12 19:30:43 +02:00			`*/`
			`func updatePassword(password: String, forResetToken token: String, in database: Database) async throws {`
			`// 1. Find and validate the reset request`
			`let reset: PasswordReset? = try await PasswordReset.query(on: database)`
			`.filter(\.$resetToken == token)`
			`.first()`
			`guard let reset else {`
			`throw Abort(.expectationFailed)`
			`}`
			`guard reset.expiryDate.timeIntervalSinceNow > 0 else {`
			`throw Abort(.expectationFailed)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`
Add route to update password with email token 2022-10-12 19:30:43 +02:00
			`// 2. Update the user password`
			`let user = try await reset.$user.get(on: database)`
			`user.passwordHash = password`
			`try await user.save(on: database)`

			`// 3. Delete the reset request`
			`try await PasswordReset`
			`.query(on: database)`
			`.filter(\.$resetToken == token)`
			`.delete()`
			`}`

			`func passwordHashForExistingPlayer(named name: PlayerName, in database: Database) async throws -> PasswordHash {`
			`try await User`
			`.query(on: database)`
			`.filter(\.$name == name)`
			`.first()`
Replace 404 errors 2022-10-12 19:43:16 +02:00			`.unwrap(or: Abort(.unauthorized))`
Add route to update password with email token 2022-10-12 19:30:43 +02:00			`.passwordHash`
			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`func deletePlayer(named name: PlayerName, in database: Database) async throws {`
			`let user = try await user(named: name, in: database)`
			`try await tables.leaveTable(player: user, in: database)`
			`try await User.query(on: database).filter(\.$name == name).delete()`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

			`func isValid(sessionToken token: SessionToken) -> Bool {`
			`playerNameForToken[token] != nil`
			`}`

			`func startSession(socket: WebSocket, sessionToken token: SessionToken) -> Bool {`
			`guard let player = playerNameForToken[token] else {`
			`return false`
			`}`
			`return tables.connect(player: player, using: socket)`
			`}`

			`func endSession(forSessionToken sessionToken: SessionToken) {`
			`guard let player = endExistingSession(forSessionToken: sessionToken) else {`
			`return`
			`}`
			`tables.disconnect(player: player)`
			`}`

			`private func endExistingSession(forSessionToken token: SessionToken) -> PlayerName? {`
			`guard let player = playerNameForToken.removeValue(forKey: token) else {`
			`return nil`
			`}`
			`sessionTokenForPlayer.removeValue(forKey: player)`
			`return player`
			`}`


			`/**`
			`Start a new session for an existing user.`
			`- Parameter name: The user name`
			`- Returns: The generated access token for the session`
			`*/`
			`func startNewSessionForRegisteredPlayer(named name: PlayerName) -> SessionToken {`
			`let token = SessionToken.newToken()`
			`self.sessionTokenForPlayer[name] = token`
			`self.playerNameForToken[token] = name`
			`return token`
			`}`

			`func registeredPlayerExists(withSessionToken token: SessionToken) -> PlayerName? {`
			`playerNameForToken[token]`
			`}`

			`func currentTableOfPlayer(named player: PlayerName) -> TableInfo? {`
			`tables.tableInfo(player: player)`
			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`private func points(for player: PlayerName, in database: Database) async throws -> Int {`
			`try await User.query(on: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`.filter(\.$name == player)`
			`.first()`
			`.unwrap(or: Abort(.notFound))`
Convert functions to async/await 2022-10-12 19:28:28 +02:00			`.points`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`private func user(named name: PlayerName, in database: Database) async throws -> User {`
			`try await User`
			`.query(on: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`.filter(\.$name == name)`
			`.first()`
			`.unwrap(or: Abort(.notFound))`
			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`private func user(withToken token: SessionToken, in database: Database) async throws -> User {`
			`let name = try playerNameForToken[token].unwrap(or: Abort(.unauthorized))`
			`return try await user(named: name, in: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

			`// MARK: Tables`

			`/**`
			`Create a new table with optional players.`
			`- Parameter name: The name of the table`
			`- Parameter players: The player creating the table`
			`- Parameter isPublic: Indicates that this is a game joinable by everyone`
			`- Returns: The table id`
			`*/`
Convert functions to async/await 2022-10-12 19:28:28 +02:00			`func createTable(named name: TableName, player: PlayerName, isPublic: Bool, in database: Database) async throws -> TableInfo {`
			`let user = try await user(named: player, in: database)`
			`return try await tables.createTable(named: name, player: user, isPublic: isPublic, in: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

			`func getPublicTableInfos() -> [PublicTableInfo] {`
			`tables.publicTableList`
			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`func join(tableId: UUID, playerToken: SessionToken, in database: Database) async throws -> TableInfo {`
			`let user = try await user(withToken: playerToken, in: database)`
			`return try await tables.join(tableId: tableId, player: user, in: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

Convert functions to async/await 2022-10-12 19:28:28 +02:00			`func leaveTable(playerToken: SessionToken, in database: Database) async throws {`
			`let user = try await user(withToken: playerToken, in: database)`
			`try await tables.leaveTable(player: user, in: database)`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`

			`func performAction(playerToken: SessionToken, action: PlayerAction) -> PlayerActionResult {`
			`guard let player = playerNameForToken[playerToken] else {`
			`return .invalidToken`
			`}`
			`return tables.performAction(player: player, action: action)`
			`}`

			`func select(game: GameType, playerToken: SessionToken) -> PlayerActionResult {`
			`guard let player = playerNameForToken[playerToken] else {`
			`return .invalidToken`
			`}`
			`return tables.select(game: game, player: player)`
			`}`

			`func play(card: Card, playerToken: SessionToken) -> PlayerActionResult {`
			`guard let player = playerNameForToken[playerToken] else {`
			`return .invalidToken`
			`}`
			`return tables.play(card: card, player: player)`
			`}`
Close all sockets on shutdown 2022-01-24 17:15:11 +01:00
			`func disconnectAllSockets() {`
			`tables.disconnectAllSockets()`
			`}`
Add first database version and model 2021-12-22 22:11:37 +01:00			`}`