Add support for API keys

This is mainly useful for CLI-based login automation.

src/db/models/user.rs

@@ -44,8 +44,9 @@ db_object! {
 
         pub client_kdf_type: i32,
         pub client_kdf_iter: i32,
-    }
 
+        pub api_key: Option<String>,
+    }
 
     #[derive(Identifiable, Queryable, Insertable)]
     #[table_name = "invitations"]
@@ -110,6 +111,8 @@ impl User {
 
             client_kdf_type: Self::CLIENT_KDF_TYPE_DEFAULT,
             client_kdf_iter: Self::CLIENT_KDF_ITER_DEFAULT,
+
+            api_key: None,
         }
     }
 
@@ -130,6 +133,10 @@ impl User {
         }
     }
 
+    pub fn check_valid_api_key(&self, key: &str) -> bool {
+        matches!(self.api_key, Some(ref api_key) if crate::crypto::ct_eq(api_key, key))
+    }
+
     /// Set the password hash generated
     /// And resets the security_stamp. Based upon the allow_next_route the security_stamp will be different.
     ///

src/db/schemas/mysql/schema.rs

@@ -178,6 +178,7 @@ table! {
         excluded_globals -> Text,
         client_kdf_type -> Integer,
         client_kdf_iter -> Integer,
+        api_key -> Nullable<Text>,
     }
 }
 

src/db/schemas/postgresql/schema.rs

@@ -178,6 +178,7 @@ table! {
         excluded_globals -> Text,
         client_kdf_type -> Integer,
         client_kdf_iter -> Integer,
+        api_key -> Nullable<Text>,
     }
 }
 

src/db/schemas/sqlite/schema.rs

@@ -178,6 +178,7 @@ table! {
         excluded_globals -> Text,
         client_kdf_type -> Integer,
         client_kdf_iter -> Integer,
+        api_key -> Nullable<Text>,
     }
 }