Makes seperate function for authorized and unauthorized request.

2022-04-21 21:35:14 +02:00 · 2022-04-21 21:35:14 +02:00 · b5e9420c1f
commit b5e9420c1f
parent 5f73d556c6
3 changed files with 17 additions and 24 deletions
--- a/backend/src/api.rs
+++ b/backend/src/api.rs
@ -76,18 +76,12 @@ impl<'r> FromRequest<'r> for schema::User {
        let header = match req.headers().get_one(AUTH_HEADER) {
            Some(header) => header,
            None => {
-                return Outcome::Failure((
-                    Status::BadRequest,
-                    ApiError::RequestError("No authorization header found".to_string()),
-                ))
+                return Outcome::Forward(())
            }
        };

        if !header.starts_with(BEARER) {
-            return Outcome::Failure((
-                Status::BadRequest,
-                ApiError::RequestError("Invalid Authorization header.".to_string()),
-            ));
+            return Outcome::Forward(());
        };

        let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
@ -98,11 +92,8 @@ impl<'r> FromRequest<'r> for schema::User {
            &Validation::default(),
        ) {
            Ok(token) => token,
-            Err(error) => {
-                return Outcome::Failure((
-                    Status::BadRequest,
-                    ApiError::RequestError(error.to_string()),
-                ))
+            Err(_) => {
+                return Outcome::Forward(())
            }
        };
        let id = token.claims.uid;
@ -113,13 +104,14 @@ impl<'r> FromRequest<'r> for schema::User {
 }

 #[get("/gamenights")]
-pub async fn gamenights(conn: DbConn, user: Option<schema::User>) -> ApiResponseVariant {
-    if user.is_some() {
+pub async fn gamenights(conn: DbConn, _user: schema::User) -> ApiResponseVariant {
    let gamenights = schema::get_all_gamenights(conn).await;
    ApiResponseVariant::Value(json!(gamenights))
-    } else {
+}
+
+#[get("/gamenights", rank = 2)]
+pub async fn gamenights_unauthorized() -> ApiResponseVariant {
    ApiResponseVariant::Status(Status::Unauthorized)
-    }
 }

 #[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@ -58,6 +58,7 @@ fn rocket() -> _ {
            "/api",
            routes![
                api::gamenights,
+                api::gamenights_unauthorized,
                api::gamenight_post_json,
                api::register_post_json,
                api::login_post_json
--- a/backend/src/schema.rs
+++ b/backend/src/schema.rs
@ -57,8 +57,8 @@ table! {
 }

 table! {
-    pwd(id) {
-        id -> Integer,
+    pwd(user_id) {
+        user_id -> Integer,
        password -> Text,
    }
 }
@ -129,7 +129,7 @@ pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), Databas
                };

                diesel::insert_into(pwd::table)
-                    .values((pwd::id.eq(ids[0]), pwd::password.eq(&password_hash)))
+                    .values((pwd::user_id.eq(ids[0]), pwd::password.eq(&password_hash)))
                    .execute(c)
            })
        })
@ -154,7 +154,7 @@ pub async fn login(conn: DbConn, login: Login) -> Result<LoginResult, DatabaseEr
        };

        let pwd: String = match pwd::table
-            .filter(pwd::id.eq(id))
+            .filter(pwd::user_id.eq(id))
            .select(pwd::password)
            .get_results::<String>(c)
        {