Add SSH and GPG keys

Cargo.toml

@@ -92,6 +92,7 @@ webauthn-rs = { version = "0.4", features = [
 ] }
 webauthn-rs-proto = "0.4"
 x25519-dalek = { version = "2.0", features = ["static_secrets"] }
+ssh-key = "0.6.4"
 
 [dev-dependencies]
 bytes = "1.5"

migrations/20240123195802_authentication_key.down.sql

@@ -0,0 +1 @@
+DROP TABLE authentication_key;

migrations/20240123195802_authentication_key.up.sql

@@ -0,0 +1,10 @@
+CREATE TABLE authentication_key (
+    id bigserial PRIMARY KEY NOT NULL,
+    user_id bigint NOT NULL,
+    key text NOT NULL,
+    key_type text NOT NULL,
+    name text NOT NULL,
+    created timestamp without time zone NOT NULL,
+    FOREIGN KEY(user_id) REFERENCES "user"(id) ON DELETE CASCADE
+    -- TODO: Hardware key relation
+);

src/db/models/authentication_key.rs

@@ -0,0 +1,99 @@
+use std::fmt::{self, Display, Formatter};
+
+use chrono::{NaiveDateTime, Utc};
+use model_derive::Model;
+use sqlx::{query_as, Error as SqlxError};
+
+use crate::db::DbPool;
+
+#[derive(Clone, Deserialize, Model, Serialize, Debug)]
+#[table(authentication_key)]
+pub struct AuthenticationKey {
+    id: Option<i64>,
+    pub user_id: i64,
+    pub key: String,
+    pub name: String,
+    pub key_type: String,
+    pub created: NaiveDateTime,
+}
+
+impl Display for AuthenticationKey {
+    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
+        match self.id {
+            Some(id) => write!(f, "[ID {}] {}", id, self.name),
+            None => write!(f, "{}", self.name),
+        }
+    }
+}
+
+impl AuthenticationKey {
+    #[must_use]
+    pub fn new(user_id: i64, key: String, name: String, key_type: String) -> Self {
+        Self {
+            id: None,
+            user_id,
+            key,
+            name,
+            key_type,
+            created: Utc::now().naive_utc(),
+        }
+    }
+
+    pub async fn fetch_user_authentication_keys(
+        pool: &DbPool,
+        user_id: i64,
+    ) -> Result<Vec<Self>, SqlxError> {
+        query_as!(
+            Self,
+            "SELECT id \"id?\", user_id, key, name, key_type, created
+            FROM authentication_key WHERE user_id = $1",
+            user_id,
+        )
+        .fetch_all(pool)
+        .await
+    }
+
+    pub async fn fetch_user_authentication_keys_by_type(
+        pool: &DbPool,
+        user_id: i64,
+        key_type: &str,
+    ) -> Result<Vec<Self>, SqlxError> {
+        query_as!(
+            Self,
+            "SELECT id \"id?\", user_id, key, name, key_type, created
+            FROM authentication_key WHERE user_id = $1 AND key_type = $2",
+            user_id,
+            key_type,
+        )
+        .fetch_all(pool)
+        .await
+    }
+
+    pub async fn find_by_user(
+        pool: &DbPool,
+        user_id: i64,
+        key: String,
+    ) -> Result<Option<Self>, SqlxError> {
+        query_as!(
+            Self,
+            "SELECT id \"id?\", user_id, key, name, key_type, created
+            FROM authentication_key WHERE user_id = $1 AND key = $2",
+            user_id,
+            key,
+        )
+        .fetch_optional(pool)
+        .await
+    }
+
+    pub async fn find_authentication_key(&self, pool: &DbPool) -> Result<Option<Self>, SqlxError> {
+        query_as!(
+            Self,
+            "SELECT id \"id?\", user_id, key, name, key_type, created
+            FROM authentication_key WHERE user_id = $1 AND key = $2",
+            self.user_id,
+            self.key,
+        )
+        .fetch_optional(pool)
+        .await
+    }
+}

src/db/models/mod.rs

@@ -1,5 +1,6 @@
 #[cfg(feature = "openid")]
 pub mod auth_code;
+pub mod authentication_key;
 pub mod device;
 pub mod device_login;
 pub mod enrollment;