forked from Roflin/gamenight
216 lines
5.9 KiB
Rust
216 lines
5.9 KiB
Rust
use crate::schema;
|
|
use crate::schema::DbConn;
|
|
use crate::AppConfig;
|
|
use chrono::Utc;
|
|
use jsonwebtoken::decode;
|
|
use jsonwebtoken::encode;
|
|
use jsonwebtoken::DecodingKey;
|
|
use jsonwebtoken::Validation;
|
|
use jsonwebtoken::{EncodingKey, Header};
|
|
use rocket::http::Status;
|
|
use rocket::request::Outcome;
|
|
use rocket::request::{FromRequest, Request};
|
|
use rocket::response;
|
|
use rocket::serde::json;
|
|
use rocket::serde::json::{json, Json};
|
|
use rocket::State;
|
|
use serde::{Deserialize, Serialize};
|
|
use serde::ser::{SerializeStruct, Serializer};
|
|
use std::borrow::Cow;
|
|
use std::fmt;
|
|
use validator::{ValidateArgs, ValidationErrors};
|
|
|
|
#[derive(Serialize, Deserialize, Debug)]
|
|
struct ApiResponse {
|
|
ok: bool,
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
message: Option<Cow<'static, str>>,
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
jwt: Option<Cow<'static, str>>,
|
|
}
|
|
|
|
impl ApiResponse {
|
|
const SUCCES: Self = Self {
|
|
ok: true,
|
|
message: None,
|
|
jwt: None,
|
|
};
|
|
|
|
fn login_response(jwt: String) -> Self {
|
|
Self {
|
|
ok: true,
|
|
message: None,
|
|
jwt: Some(Cow::Owned(jwt)),
|
|
}
|
|
}
|
|
}
|
|
|
|
#[derive(Debug)]
|
|
pub enum ApiError {
|
|
RequestError(String),
|
|
ValidationErrors(ValidationErrors),
|
|
Unauthorized,
|
|
}
|
|
|
|
impl fmt::Display for ApiError {
|
|
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
|
use ApiError::*;
|
|
write!(f, "{}", match &self {
|
|
RequestError(e) => e,
|
|
ValidationErrors(_) => "???",
|
|
Unauthorized => "username and password didn't match",
|
|
})
|
|
}
|
|
}
|
|
|
|
impl From<schema::DatabaseError> for ApiError {
|
|
fn from(e: schema::DatabaseError) -> Self {
|
|
ApiError::RequestError(e.to_string())
|
|
}
|
|
}
|
|
|
|
impl From<ValidationErrors> for ApiError {
|
|
fn from(e: ValidationErrors) -> Self {
|
|
ApiError::ValidationErrors(e)
|
|
}
|
|
}
|
|
|
|
impl Serialize for ApiError {
|
|
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
|
|
where
|
|
S: Serializer,
|
|
{
|
|
let mut state = serializer.serialize_struct("ApiError", 2)?;
|
|
state.serialize_field("ok", &false)?;
|
|
state.serialize_field("message", &self.to_string())?;
|
|
state.end()
|
|
}
|
|
}
|
|
|
|
impl<'r> response::Responder<'r, 'static> for ApiError {
|
|
fn respond_to(self, req: &'r Request<'_>) -> response::Result<'static> {
|
|
use ApiError::*;
|
|
let status = match self {
|
|
RequestError(_) => Status::BadRequest,
|
|
ValidationErrors(_) => Status::BadRequest,
|
|
Unauthorized => Status::Unauthorized,
|
|
};
|
|
|
|
response::Response::build()
|
|
.merge(json!(self).respond_to(req)?)
|
|
.status(status)
|
|
.ok()
|
|
}
|
|
}
|
|
|
|
const AUTH_HEADER: &str = "Authorization";
|
|
const BEARER: &str = "Bearer ";
|
|
|
|
#[rocket::async_trait]
|
|
impl<'r> FromRequest<'r> for schema::User {
|
|
type Error = ApiError;
|
|
|
|
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
|
let header = match req.headers().get_one(AUTH_HEADER) {
|
|
Some(header) => header,
|
|
None => {
|
|
return Outcome::Forward(())
|
|
}
|
|
};
|
|
|
|
if !header.starts_with(BEARER) {
|
|
return Outcome::Forward(());
|
|
};
|
|
|
|
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
|
|
let jwt = header.trim_start_matches(BEARER).to_owned();
|
|
let token = match decode::<Claims>(
|
|
&jwt,
|
|
&DecodingKey::from_secret(app_config.jwt_secret.as_bytes()),
|
|
&Validation::default(),
|
|
) {
|
|
Ok(token) => token,
|
|
Err(_) => {
|
|
return Outcome::Forward(())
|
|
}
|
|
};
|
|
let id = token.claims.uid;
|
|
|
|
let conn = req.guard::<DbConn>().await.unwrap();
|
|
return Outcome::Success(schema::get_user(conn, id).await);
|
|
}
|
|
}
|
|
|
|
#[get("/gamenights")]
|
|
pub async fn gamenights(conn: DbConn, _user: schema::User) -> json::Value {
|
|
json!(schema::get_all_gamenights(conn).await)
|
|
}
|
|
|
|
#[get("/gamenights", rank = 2)]
|
|
pub async fn gamenights_unauthorized() -> Status {
|
|
Status::Unauthorized
|
|
}
|
|
|
|
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
|
|
pub async fn gamenight_post_json(
|
|
conn: DbConn,
|
|
user: Option<schema::User>,
|
|
gamenight_json: Json<schema::GameNightNoId>,
|
|
) -> Result<json::Value, Status> {
|
|
if user.is_some() {
|
|
schema::insert_gamenight(conn, gamenight_json.into_inner()).await;
|
|
Ok(json!(ApiResponse::SUCCES))
|
|
} else {
|
|
Err(Status::Unauthorized)
|
|
}
|
|
}
|
|
|
|
#[post("/register", format = "application/json", data = "<register_json>")]
|
|
pub async fn register_post_json(
|
|
conn: DbConn,
|
|
register_json: Json<schema::Register>,
|
|
) -> Result<json::Value, ApiError> {
|
|
let register = register_json.into_inner();
|
|
let register_clone = register.clone();
|
|
conn.run(move |c| register_clone.validate_args((c, c)))
|
|
.await?;
|
|
|
|
schema::insert_user(conn, register).await?;
|
|
Ok(json!(ApiResponse::SUCCES))
|
|
}
|
|
|
|
#[derive(Debug, Serialize, Deserialize)]
|
|
struct Claims {
|
|
exp: i64,
|
|
uid: i32,
|
|
role: schema::Role,
|
|
}
|
|
|
|
#[post("/login", format = "application/json", data = "<login_json>")]
|
|
pub async fn login_post_json(
|
|
conn: DbConn,
|
|
config: &State<AppConfig>,
|
|
login_json: Json<schema::Login>,
|
|
) -> Result<json::Value, ApiError> {
|
|
let login_result = schema::login(conn, login_json.into_inner()).await?;
|
|
if !login_result.result {
|
|
return Err(ApiError::Unauthorized);
|
|
}
|
|
|
|
let my_claims = Claims {
|
|
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
|
|
uid: login_result.id.unwrap(),
|
|
role: login_result.role.unwrap(),
|
|
};
|
|
|
|
let secret = &config.inner().jwt_secret;
|
|
match encode(
|
|
&Header::default(),
|
|
&my_claims,
|
|
&EncodingKey::from_secret(secret.as_bytes()),
|
|
) {
|
|
Ok(token) => Ok(json!(ApiResponse::login_response(token))),
|
|
Err(error) => Err(ApiError::RequestError(error.to_string())),
|
|
}
|
|
}
|