Makes seperate function for authorized and unauthorized request.

This commit is contained in:
Dennis Brentjes 2022-04-21 21:35:14 +02:00
parent 5f73d556c6
commit b5e9420c1f
3 changed files with 17 additions and 24 deletions

View File

@ -76,18 +76,12 @@ impl<'r> FromRequest<'r> for schema::User {
let header = match req.headers().get_one(AUTH_HEADER) { let header = match req.headers().get_one(AUTH_HEADER) {
Some(header) => header, Some(header) => header,
None => { None => {
return Outcome::Failure(( return Outcome::Forward(())
Status::BadRequest,
ApiError::RequestError("No authorization header found".to_string()),
))
} }
}; };
if !header.starts_with(BEARER) { if !header.starts_with(BEARER) {
return Outcome::Failure(( return Outcome::Forward(());
Status::BadRequest,
ApiError::RequestError("Invalid Authorization header.".to_string()),
));
}; };
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner(); let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
@ -98,11 +92,8 @@ impl<'r> FromRequest<'r> for schema::User {
&Validation::default(), &Validation::default(),
) { ) {
Ok(token) => token, Ok(token) => token,
Err(error) => { Err(_) => {
return Outcome::Failure(( return Outcome::Forward(())
Status::BadRequest,
ApiError::RequestError(error.to_string()),
))
} }
}; };
let id = token.claims.uid; let id = token.claims.uid;
@ -113,13 +104,14 @@ impl<'r> FromRequest<'r> for schema::User {
} }
#[get("/gamenights")] #[get("/gamenights")]
pub async fn gamenights(conn: DbConn, user: Option<schema::User>) -> ApiResponseVariant { pub async fn gamenights(conn: DbConn, _user: schema::User) -> ApiResponseVariant {
if user.is_some() {
let gamenights = schema::get_all_gamenights(conn).await; let gamenights = schema::get_all_gamenights(conn).await;
ApiResponseVariant::Value(json!(gamenights)) ApiResponseVariant::Value(json!(gamenights))
} else { }
#[get("/gamenights", rank = 2)]
pub async fn gamenights_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized) ApiResponseVariant::Status(Status::Unauthorized)
}
} }
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")] #[post("/gamenight", format = "application/json", data = "<gamenight_json>")]

View File

@ -58,6 +58,7 @@ fn rocket() -> _ {
"/api", "/api",
routes![ routes![
api::gamenights, api::gamenights,
api::gamenights_unauthorized,
api::gamenight_post_json, api::gamenight_post_json,
api::register_post_json, api::register_post_json,
api::login_post_json api::login_post_json

View File

@ -57,8 +57,8 @@ table! {
} }
table! { table! {
pwd(id) { pwd(user_id) {
id -> Integer, user_id -> Integer,
password -> Text, password -> Text,
} }
} }
@ -129,7 +129,7 @@ pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), Databas
}; };
diesel::insert_into(pwd::table) diesel::insert_into(pwd::table)
.values((pwd::id.eq(ids[0]), pwd::password.eq(&password_hash))) .values((pwd::user_id.eq(ids[0]), pwd::password.eq(&password_hash)))
.execute(c) .execute(c)
}) })
}) })
@ -154,7 +154,7 @@ pub async fn login(conn: DbConn, login: Login) -> Result<LoginResult, DatabaseEr
}; };
let pwd: String = match pwd::table let pwd: String = match pwd::table
.filter(pwd::id.eq(id)) .filter(pwd::user_id.eq(id))
.select(pwd::password) .select(pwd::password)
.get_results::<String>(c) .get_results::<String>(c)
{ {