Compare commits

...

6 Commits

Author SHA1 Message Date
Lars Jellema
8df5fff105
Use boolean ok field for api 2022-04-21 23:02:14 +02:00
Lars Jellema
ced7d83fd9
Gitignore more sqlite files 2022-04-21 23:01:46 +02:00
Lars Jellema
73c9ad61a7
Make test scripts verbose about HTTP codes and headers 2022-04-21 23:01:35 +02:00
Lars Jellema
52647759cc
Fix test login script to work with test register script 2022-04-21 22:57:01 +02:00
Lars Jellema
9d1e3539a8
Rework api errors 2022-04-21 22:51:08 +02:00
Lars Jellema
5fca980af9
Replace ApiResponseVariant with Result 2022-04-21 22:51:06 +02:00
5 changed files with 97 additions and 75 deletions

2
backend/.gitignore vendored
View File

@ -2,3 +2,5 @@
.vscode .vscode
App.toml App.toml
*.sqlite *.sqlite
*.sqlite-shm
*.sqlite-wal

View File

@ -1,3 +1,3 @@
echo $JWT echo $JWT
curl -X GET -H "Authorization: Bearer ${JWT}" localhost:8000/api/gamenights curl -v -X GET -H "Authorization: Bearer ${JWT}" localhost:8000/api/gamenights

View File

@ -1 +1 @@
curl -X POST -H "Content-Type: application/json" -d '{"username": "a", "password": "c"}' localhost:8000/api/login curl -v -X POST -H "Content-Type: application/json" -d '{"username": "roflin", "password": "oreokoekje123"}' localhost:8000/api/login

View File

@ -1 +1 @@
curl -X POST -H "Content-Type: application/json" -d '{"username": "roflin", "email": "user@example.com", "password": "oreokoekje123", "password_repeat": "oreokoekje123"}' localhost:8000/api/register curl -v -X POST -H "Content-Type: application/json" -d '{"username": "roflin", "email": "user@example.com", "password": "oreokoekje123", "password_repeat": "oreokoekje123"}' localhost:8000/api/register

View File

@ -10,23 +10,19 @@ use jsonwebtoken::{EncodingKey, Header};
use rocket::http::Status; use rocket::http::Status;
use rocket::request::Outcome; use rocket::request::Outcome;
use rocket::request::{FromRequest, Request}; use rocket::request::{FromRequest, Request};
use rocket::serde::json::{json, Json, Value}; use rocket::response;
use rocket::serde::json;
use rocket::serde::json::{json, Json};
use rocket::State; use rocket::State;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde::ser::{SerializeStruct, Serializer};
use std::borrow::Cow; use std::borrow::Cow;
use validator::ValidateArgs; use std::fmt;
use validator::{ValidateArgs, ValidationErrors};
#[derive(Debug, Responder)]
pub enum ApiResponseVariant {
Status(Status),
// Redirect(Redirect),
Value(Value),
// Flash(Flash<Redirect>)
}
#[derive(Serialize, Deserialize, Debug)] #[derive(Serialize, Deserialize, Debug)]
struct ApiResponse { struct ApiResponse {
result: Cow<'static, str>, ok: bool,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
message: Option<Cow<'static, str>>, message: Option<Cow<'static, str>>,
#[serde(skip_serializing_if = "Option::is_none")] #[serde(skip_serializing_if = "Option::is_none")]
@ -34,26 +30,15 @@ struct ApiResponse {
} }
impl ApiResponse { impl ApiResponse {
const SUCCES_RESULT: Cow<'static, str> = Cow::Borrowed("Ok");
const FAILURE_RESULT: Cow<'static, str> = Cow::Borrowed("Failure");
const SUCCES: Self = Self { const SUCCES: Self = Self {
result: Self::SUCCES_RESULT, ok: true,
message: None, message: None,
jwt: None, jwt: None,
}; };
fn error(message: String) -> Self {
Self {
result: Self::FAILURE_RESULT,
message: Some(Cow::Owned(message)),
jwt: None,
}
}
fn login_response(jwt: String) -> Self { fn login_response(jwt: String) -> Self {
Self { Self {
result: Self::SUCCES_RESULT, ok: true,
message: None, message: None,
jwt: Some(Cow::Owned(jwt)), jwt: Some(Cow::Owned(jwt)),
} }
@ -63,6 +48,59 @@ impl ApiResponse {
#[derive(Debug)] #[derive(Debug)]
pub enum ApiError { pub enum ApiError {
RequestError(String), RequestError(String),
ValidationErrors(ValidationErrors),
Unauthorized,
}
impl fmt::Display for ApiError {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
use ApiError::*;
write!(f, "{}", match &self {
RequestError(e) => e,
ValidationErrors(_) => "???",
Unauthorized => "username and password didn't match",
})
}
}
impl From<schema::DatabaseError> for ApiError {
fn from(e: schema::DatabaseError) -> Self {
ApiError::RequestError(e.to_string())
}
}
impl From<ValidationErrors> for ApiError {
fn from(e: ValidationErrors) -> Self {
ApiError::ValidationErrors(e)
}
}
impl Serialize for ApiError {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
let mut state = serializer.serialize_struct("ApiError", 2)?;
state.serialize_field("ok", &false)?;
state.serialize_field("message", &self.to_string())?;
state.end()
}
}
impl<'r> response::Responder<'r, 'static> for ApiError {
fn respond_to(self, req: &'r Request<'_>) -> response::Result<'static> {
use ApiError::*;
let status = match self {
RequestError(_) => Status::BadRequest,
ValidationErrors(_) => Status::BadRequest,
Unauthorized => Status::Unauthorized,
};
response::Response::build()
.merge(json!(self).respond_to(req)?)
.status(status)
.ok()
}
} }
const AUTH_HEADER: &str = "Authorization"; const AUTH_HEADER: &str = "Authorization";
@ -104,14 +142,13 @@ impl<'r> FromRequest<'r> for schema::User {
} }
#[get("/gamenights")] #[get("/gamenights")]
pub async fn gamenights(conn: DbConn, _user: schema::User) -> ApiResponseVariant { pub async fn gamenights(conn: DbConn, _user: schema::User) -> json::Value {
let gamenights = schema::get_all_gamenights(conn).await; json!(schema::get_all_gamenights(conn).await)
ApiResponseVariant::Value(json!(gamenights))
} }
#[get("/gamenights", rank = 2)] #[get("/gamenights", rank = 2)]
pub async fn gamenights_unauthorized() -> ApiResponseVariant { pub async fn gamenights_unauthorized() -> Status {
ApiResponseVariant::Status(Status::Unauthorized) Status::Unauthorized
} }
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")] #[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
@ -119,12 +156,12 @@ pub async fn gamenight_post_json(
conn: DbConn, conn: DbConn,
user: Option<schema::User>, user: Option<schema::User>,
gamenight_json: Json<schema::GameNightNoId>, gamenight_json: Json<schema::GameNightNoId>,
) -> ApiResponseVariant { ) -> Result<json::Value, Status> {
if user.is_some() { if user.is_some() {
schema::insert_gamenight(conn, gamenight_json.into_inner()).await; schema::insert_gamenight(conn, gamenight_json.into_inner()).await;
ApiResponseVariant::Value(json!(ApiResponse::SUCCES)) Ok(json!(ApiResponse::SUCCES))
} else { } else {
ApiResponseVariant::Status(Status::Unauthorized) Err(Status::Unauthorized)
} }
} }
@ -132,23 +169,14 @@ pub async fn gamenight_post_json(
pub async fn register_post_json( pub async fn register_post_json(
conn: DbConn, conn: DbConn,
register_json: Json<schema::Register>, register_json: Json<schema::Register>,
) -> ApiResponseVariant { ) -> Result<json::Value, ApiError> {
let register = register_json.into_inner(); let register = register_json.into_inner();
let register_clone = register.clone(); let register_clone = register.clone();
match conn conn.run(move |c| register_clone.validate_args((c, c)))
.run(move |c| register_clone.validate_args((c, c))) .await?;
.await
{
Ok(()) => (),
Err(error) => {
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
}
}
match schema::insert_user(conn, register).await { schema::insert_user(conn, register).await?;
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)), Ok(json!(ApiResponse::SUCCES))
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
}
} }
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
@ -163,14 +191,10 @@ pub async fn login_post_json(
conn: DbConn, conn: DbConn,
config: &State<AppConfig>, config: &State<AppConfig>,
login_json: Json<schema::Login>, login_json: Json<schema::Login>,
) -> ApiResponseVariant { ) -> Result<json::Value, ApiError> {
match schema::login(conn, login_json.into_inner()).await { let login_result = schema::login(conn, login_json.into_inner()).await?;
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
Ok(login_result) => {
if !login_result.result { if !login_result.result {
return ApiResponseVariant::Value(json!(ApiResponse::error(String::from( return Err(ApiError::Unauthorized);
"username and password didn't match"
))));
} }
let my_claims = Claims { let my_claims = Claims {
@ -185,11 +209,7 @@ pub async fn login_post_json(
&my_claims, &my_claims,
&EncodingKey::from_secret(secret.as_bytes()), &EncodingKey::from_secret(secret.as_bytes()),
) { ) {
Ok(token) => ApiResponseVariant::Value(json!(ApiResponse::login_response(token))), Ok(token) => Ok(json!(ApiResponse::login_response(token))),
Err(error) => { Err(error) => Err(ApiError::RequestError(error.to_string())),
ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
}
}
}
} }
} }