Roflin
/
gamenight
1
0
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity

Adds user authorization to the actix backend.

This commit is contained in:
Dennis Brentjes 2023-03-25 19:20:38 +01:00
parent 1c8110cdb0
commit 534e6867d8
11 changed files with 142 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
backend-actix/Cargo.lock generated
View File

@ -393,6 +393,7 @@ dependencies = [
"js-sys",
"num-integer",
"num-traits",
"serde",
"time 0.1.45",
"wasm-bindgen",
"winapi",
@ -433,9 +434,9 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc"
[[package]]
name = "cpufeatures"
version = "0.2.5"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320"
checksum = "280a9f2d8b3a38871a3c8a46fb80db65e5e5ed97da80c4d08bf27fb63e35e181"
dependencies = [
"libc",
]
@ -483,7 +484,7 @@ dependencies = [
"proc-macro2",
"quote",
"scratch",
"syn 2.0.9",
"syn 2.0.10",
]
[[package]]
@ -500,7 +501,7 @@ checksum = "631569015d0d8d54e6c241733f944042623ab6df7bc3be7466874b05fcdb1c5f"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.9",
"syn 2.0.10",
]
[[package]]
@ -524,6 +525,7 @@ checksum = "4391a22b19c916e50bec4d6140f29bdda3e3bb187223fe6e3ea0b6e4d1021c04"
dependencies = [
"bitflags",
"byteorder",
"chrono",
"diesel_derives",
"itoa",
"pq-sys",
@ -767,9 +769,9 @@ checksum = "cb56e1aa765b4b4f3aadfab769793b7087bb03a4ea4920644a6d238e2df5b9ed"
[[package]]
name = "indexmap"
version = "1.9.2"
version = "1.9.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399"
checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
dependencies = [
"autocfg",
"hashbrown",
@ -1144,9 +1146,9 @@ dependencies = [
[[package]]
name = "regex"
version = "1.7.2"
version = "1.7.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cce168fea28d3e05f158bda4576cf0c844d5045bc2cc3620fa0292ed5bb5814c"
checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d"
dependencies = [
"aho-corasick",
"memchr",
@ -1233,7 +1235,7 @@ checksum = "e801c1712f48475582b7696ac71e0ca34ebb30e09338425384269d9717c62cad"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.9",
"syn 2.0.10",
]
[[package]]
@ -1341,9 +1343,9 @@ dependencies = [
[[package]]
name = "syn"
version = "2.0.9"
version = "2.0.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0da4a3c17e109f700685ec577c0f85efd9b19bcf15c913985f14dc1ac01775aa"
checksum = "5aad1363ed6d37b84299588d62d3a7d95b5a5c2d9aad5c85609fda12afaa1f40"
dependencies = [
"proc-macro2",
"quote",
@ -1376,7 +1378,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.9",
"syn 2.0.10",
]
[[package]]

4
backend-actix/Cargo.toml
View File

@ -10,9 +10,9 @@ actix-web = "4"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
uuid = { version = "1.3.0", features = ["serde", "v4"] }
diesel = { version = "2.0", features = ["postgres", "r2d2", "uuid"] }
diesel = { version = "2.0", features = ["postgres", "r2d2", "uuid", "chrono"] }
diesel-derive-enum = { version = "2.0", features = ["postgres"] }
argon2 = "0.5"
chrono = "0.4"
chrono = { version = "0.4", features = ["serde"] }
jsonwebtoken = "8.1"
validator = { version = "0.16", features = ["derive"] }

3
backend-actix/src/main.rs
View File

@ -5,7 +5,7 @@ use actix_web::HttpServer;
use actix_web::App;
use actix_web::web;
use diesel::PgConnection;
use request::{login, register};
use request::{login, register, gamenights};
use diesel::r2d2::ConnectionManager;
use diesel::r2d2::Pool;
@ -28,6 +28,7 @@ async fn main() -> std::io::Result<()> {
.app_data(web::Data::new(pool.clone()))
.service(login)
.service(register)
.service(gamenights)
})
.bind(("::1", 8080))?
.run()

65
backend-actix/src/request/authorization.rs Normal file
View File

@ -0,0 +1,65 @@
use std::future::{Ready, ready};
use actix_web::{FromRequest, http, HttpRequest, dev::Payload, web::Data};
use chrono::Utc;
use jsonwebtoken::{encode, Header, EncodingKey, decode, DecodingKey, Validation};
use serde::{Serialize, Deserialize};
use uuid::Uuid;
use crate::{schema::user::{User, get_user}, DbPool};
use super::error::ApiError;
#[derive(Debug, Serialize, Deserialize)]
pub struct Claims {
exp: i64,
uid: Uuid
}
fn get_claims(req: &HttpRequest) -> Result<Claims, ApiError> {
let token = req.headers()
.get(http::header::AUTHORIZATION)
.map(|h| h.to_str().unwrap().split_at(7).1.to_string());
let token = token.ok_or(ApiError{
status: 400,
message: "JWT-token was not specified in the Authorization header as Bearer: token".to_string()
})?;
println!("{:?}", token);
let secret = "secret";
Ok(decode::<Claims>(token.as_str(), &DecodingKey::from_secret(secret.as_bytes()), &Validation::default())?.claims)
}
pub fn get_token(user: &User) -> Result<String, ApiError> {
let claims = Claims {
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
uid: user.id,
};
println!("{:?}", claims);
let secret = "secret";
Ok(encode(
&Header::default(),
&claims,
&EncodingKey::from_secret(secret.as_bytes()))?)
}
impl FromRequest for User {
type Error = ApiError;
type Future = Ready<Result<Self, Self::Error>>;
fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future {
ready(
(|| -> Result<User, ApiError>{
let pool = req.app_data::<Data<DbPool>>().expect("No database configured");
let mut conn = pool.get().expect("couldn't get db connection from pool");
let uid = get_claims(req)?.uid;
Ok(get_user(&mut conn, uid)?)
})()
)
}
}

14
backend-actix/src/request/gamenight_handlers.rs Normal file
View File

@ -0,0 +1,14 @@
use actix_web::{get, web, Responder, http::header::ContentType, HttpResponse};
use crate::{DbPool, request::{error::ApiError, responses::GameNightResponse}, schema::{self, user::User}};
#[get("/gamenights")]
pub async fn gamenights(pool: web::Data<DbPool>, _user: User) -> Result<impl Responder, ApiError> {
let mut conn = pool.get().expect("couldn't get db connection from pool");
let gamenights = schema::gamenights(&mut conn)?;
Ok(HttpResponse::Ok()
.content_type(ContentType::json())
.body(serde_json::to_string(&GameNightResponse { gamenights })?)
)
}

9
backend-actix/src/request/mod.rs
View File

@ -1,8 +1,11 @@
mod requests;
mod responses;
mod handler;
mod user_handlers;
mod gamenight_handlers;
mod error;
mod authorization;
pub use handler::login;
pub use handler::register;
pub use user_handlers::login;
pub use user_handlers::register;
pub use gamenight_handlers::gamenights;

7
backend-actix/src/request/responses.rs
View File

@ -1,6 +1,8 @@
use serde::{Serialize, Deserialize};
use uuid::Uuid;
use crate::schema::gamenight::Gamenight;
#[derive(Serialize, Deserialize)]
pub struct LoginResponse {
pub login_result: bool,
@ -27,4 +29,9 @@ impl LoginResponse {
jwt_token: None
}
}
}
#[derive(Serialize, Deserialize)]
pub struct GameNightResponse {
pub gamenights: Vec::<Gamenight>
}

32
backend-actix/src/request/handler.rs → backend-actix/src/request/user_handlers.rs
View File

@ -1,18 +1,14 @@
use actix_web::http::header::ContentType;
use actix_web::{web, post, HttpResponse, Responder};
use chrono::Utc;
use serde::{Serialize, Deserialize};
use uuid::Uuid;
use actix_web::{web, post, HttpResponse, Responder, get};
use validator::ValidateArgs;
use crate::DbPool;
use crate::request::requests::{Login, Register};
use crate::request::error::ApiError;
use crate::request::responses::LoginResponse;
use crate::schema::user::Role;
use crate::request::authorization::get_token;
use crate::schema::{self};
use serde_json;
use jsonwebtoken::{encode, EncodingKey, Header};
impl Into<schema::user::LoginUser> for Login {
fn into(self) -> schema::user::LoginUser {
@ -33,14 +29,9 @@ impl Into<schema::user::Register> for Register {
}
}
#[derive(Debug, Serialize, Deserialize)]
struct Claims {
exp: i64,
uid: Uuid,
role: Role,
}
#[post("/login")]
#[get("/token")]
pub async fn login(pool: web::Data<DbPool>, login_data: web::Json<Login>) -> Result<impl Responder, ApiError> {
let data = login_data.into_inner();
@ -50,18 +41,7 @@ pub async fn login(pool: web::Data<DbPool>, login_data: web::Json<Login>) -> Res
})
.await??
{
let my_claims = Claims {
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
uid: user.id,
role: user.role,
};
let secret = "secret";
let token = encode(
&Header::default(),
&my_claims,
&EncodingKey::from_secret(secret.as_bytes()))?;
let token = get_token(&user)?;
LoginResponse::success(user.id, token)
}
else {
@ -74,7 +54,7 @@ pub async fn login(pool: web::Data<DbPool>, login_data: web::Json<Login>) -> Res
)
}
#[post("/register")]
#[post("/user")]
pub async fn register(pool: web::Data<DbPool>, register_data: web::Json<Register>) -> Result<impl Responder, ApiError> {
let data1 = register_data.clone();
let data2 = register_data.clone();

20
backend-actix/src/schema/gamenight.rs Normal file
View File

@ -0,0 +1,20 @@
use chrono::{DateTime, Utc};
use diesel::{Insertable, Queryable, PgConnection, RunQueryDsl};
use serde::{Serialize, Deserialize};
use uuid::Uuid;
use crate::schema::schema::gamenight;
use super::error::DatabaseError;
#[derive(Serialize, Deserialize, Debug, Insertable, Queryable)]
#[diesel(table_name = gamenight)]
pub struct Gamenight {
pub id: Uuid,
pub name: String,
pub datetime: DateTime<Utc>,
pub owner_id: Uuid,
}
pub fn gamenights(conn: &mut PgConnection, ) -> Result<Vec::<Gamenight>, DatabaseError> {
Ok(gamenight::table.load::<Gamenight>(conn)?)
}

2
backend-actix/src/schema/mod.rs
View File

@ -1,6 +1,8 @@
pub mod user;
pub mod error;
pub mod schema;
pub mod gamenight;
pub use user::login;
pub use user::register;
pub use gamenight::gamenights;

4
backend-actix/src/schema/user.rs
View File

@ -85,6 +85,10 @@ pub fn login(conn: &mut PgConnection, user: LoginUser) -> Result<Option<User>, D
}
}
pub fn get_user(conn: &mut PgConnection, id: Uuid) -> Result<User, DatabaseError> {
Ok(users::table.find(id).first(conn)?)
}
pub fn unique_username(username: &String, conn: &mut PgConnection) -> Result<(), ValidationError> {
match users::table
.count()