From d06a15771a210005c3f003e8baa653d37ee1a62b Mon Sep 17 00:00:00 2001
From: Andrea <andrea@bruschetta.cc>
Date: Mon, 21 Apr 2025 18:36:30 +0200
Subject: [PATCH] Add ban check and reason retrieval for user authentication

- Introduced `check_ban` and `get_ban_reason` functions in `db::users`
- Updated client handler to enforce ban checks during login
- Added detailed logging for ban status and reasons
---
 db.sqlite         | Bin 28672 -> 28672 bytes
 db.sqlite-journal | Bin 4616 -> 0 bytes
 src/client/mod.rs |  36 +++++++++++++++++++++++-
 src/db/mod.rs     |  68 ++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 103 insertions(+), 1 deletion(-)
 delete mode 100644 db.sqlite-journal

diff --git a/db.sqlite b/db.sqlite
index ce0640b8b4906cc876ee5a35ab39450545b5107c..5fd4abf9067db9e92e56b836f645d27d28b24b34 100644
GIT binary patch
delta 62
zcmZp8z}WDBae_3X;6xc`RzU{6c&Uvki}cyvGVrJHz1_@X@Q{zIl#PQyveBP|Q*!cO
SyL7gk#InSa%*`qGa|{4o#uLy0

delta 68
zcmV-K0K5Ny-~oW(0gxL35Rn{11rPu(dT_C1qAv#X01spi^Ro;v;SP~d1`uxs2ml#@
aPY4JAXK7(>ZfTQnKOd7EKSHx)Kb$b-`W0gU

diff --git a/db.sqlite-journal b/db.sqlite-journal
deleted file mode 100644
index 55c0fd2ac839f28b3c3ab56c8b1862c7f38779a1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4616
zcmeIvKTpCy6aes(pw>jF3u%~Kx|M|XN<{_+Xxb_gDnto!yZ)g)=pRySOS<t9{T2>7
z@dd0CqdUGg+<WhCczM4==ooqT>$B`G5vr8w=J){BDGO9<><6mU4~TW@2i9Q)RygH#
zVK)!}0T2KI5C8!X009sH0T2Lze<ToJFsQjV83uWjL=ojl;>8iB4xja<9v_xRN4aag
z_i<~}mv}+&=L1d2tl?77i<O^>-h-X<MT8ftrMQyi_M^KQsEMo@PB2vNx3n!$ce68g
zFZqZn2A-~~=ZM>zA&u7VAHzD~BEX}}+v33X%s`oqpR8=ak6nMN`9)|=(?pw@6LsQh
zX{@h%)=W=z^(_%R<N0+ij%=~~$Tr7?B%!fQY@3w*ZLPsvAqmSJ2G!51sM#Qqlepyf
JChvY<{{Z(_Reb;e

diff --git a/src/client/mod.rs b/src/client/mod.rs
index a6fe033..dd6c3de 100644
--- a/src/client/mod.rs
+++ b/src/client/mod.rs
@@ -4,7 +4,9 @@ pub(crate) mod handlers {
         Aes256Gcm, Key, Nonce,
     };
 
-    use crate::db::users::{check_for_account, create_user, hash_password, verify_password};
+    use crate::db::users::{
+        check_ban, check_for_account, create_user, get_ban_reason, hash_password, verify_password,
+    };
     use base64::{engine::general_purpose::STANDARD as BASE64, Engine as _};
     use log::{debug, error, info};
     use serde::Deserialize;
@@ -89,6 +91,38 @@ pub(crate) mod handlers {
 
         // Check if the user already exists in the database
         if check_for_account(&username).await? {
+            // Check if the user is banned
+            if check_ban(&username).await? == true {
+                let ban_reason_result = get_ban_reason(&username).await;
+
+                let message: String = match ban_reason_result {
+                    Ok(Some(reason)) => {
+                        info!("User {} is banned, Reason: {}", username, reason);
+                        format!("User {} is banned, Reason: {}", username, reason).to_string()
+                    }
+                    Ok(None) => {
+                        info!("User {} is banned, but no reason provided", username);
+                        format!("User {} is banned, but no reason provided", username).to_string()
+                    }
+                    Err(e) => {
+                        error!("Error fetching ban reason: {}", e);
+                        format!("You are banned").to_string();
+                        return Ok(());
+                    }
+                };
+
+                let encrypted = match cipher_writer.encrypt(&nonce_writer, message.as_bytes()) {
+                    Ok(encrypted) => encrypted,
+                    Err(e) => {
+                        error!("Encryption error: {}", e);
+                        return Ok(());
+                    }
+                };
+                let message = format!("{}\n", BASE64.encode(&encrypted));
+                writer.write_all(message.as_bytes()).await?;
+                return Ok(());
+            }
+
             info!("User {} already exists", username);
             // Send a message to the client
             let message = format!("User {} is registered, input your password", username);
diff --git a/src/db/mod.rs b/src/db/mod.rs
index 5b17473..bb6b225 100644
--- a/src/db/mod.rs
+++ b/src/db/mod.rs
@@ -93,6 +93,74 @@ pub(crate) mod users {
         password_hash.to_string()
     }
 
+    pub async fn check_ban(username: &str) -> Result<bool, sqlx::Error> {
+        let pool = create_db_pool().await?;
+
+        let is_banned = sqlx::query(
+            r#"
+            SELECT EXISTS(
+                SELECT 1
+                FROM users
+                WHERE username = ?
+            )
+            "#,
+        )
+        .bind(username)
+        .fetch_one(&pool)
+        .await?
+        .get::<i64, _>(0);
+
+        // Check if the user is banned
+        if is_banned == 1 {
+            info!("User {} is banned", username);
+        } else {
+            info!("User {} is not banned", username);
+        }
+
+        Ok(is_banned == 1)
+    }
+
+    pub async fn get_ban_reason(username: &str) -> Result<Option<String>, sqlx::Error> {
+        let pool = create_db_pool().await?;
+        info!("Attempting to fetch ban reason for user: {}", username);
+
+        let row_option = sqlx::query(
+            r#"
+            SELECT ban_reason
+            FROM users
+            WHERE username = ?
+            "#,
+        )
+        .bind(username)
+        .fetch_optional(&pool)
+        .await?;
+
+        // Process the result
+        match row_option {
+            Some(row) => {
+                // Row found, now get the ban_reason (which might be NULL)
+                let reason: Option<String> = row.get(0); // Type annotation clarifies intent
+                if let Some(ref r) = reason {
+                    info!("User {} found. Ban reason: {}", username, r);
+                } else {
+                    // User exists, but ban_reason is NULL in the database
+                    info!(
+                        "User {} found, but ban_reason is NULL (not banned)",
+                        username
+                    );
+                }
+                Ok(reason)
+            }
+            None => {
+                // No row found for the username
+                info!("User {} not found in the database", username);
+                // Return Ok(None) as per the function signature, indicating no ban reason found
+                // because the user doesn't exist.
+                Ok(None)
+            }
+        }
+    }
+
     pub async fn verify_password(
         // Use clearer argument names
         username: &str,