gamenight/backend/src/api.rs

356 lines
12 KiB
Rust
Raw Normal View History

use crate::schema::gamenight::*;
2022-05-28 18:32:00 +02:00
use crate::schema::users::*;
2022-04-21 19:12:16 +02:00
use crate::schema::DbConn;
use crate::AppConfig;
2022-04-21 19:12:16 +02:00
use chrono::Utc;
2022-05-28 18:32:00 +02:00
use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation};
2022-04-21 19:12:16 +02:00
use rocket::http::Status;
2022-05-28 18:32:00 +02:00
use rocket::request::{FromRequest, Outcome, Request};
2022-04-21 19:12:16 +02:00
use rocket::serde::json::{json, Json, Value};
use rocket::State;
2022-04-21 19:12:16 +02:00
use serde::{Deserialize, Serialize};
use std::borrow::Cow;
2022-05-28 18:32:00 +02:00
use uuid::Uuid;
2022-04-21 19:12:16 +02:00
use validator::ValidateArgs;
#[derive(Debug, Responder)]
pub enum ApiResponseVariant {
Status(Status),
Value(Value),
}
#[derive(Serialize, Deserialize, Debug)]
struct ApiResponse {
result: Cow<'static, str>,
#[serde(skip_serializing_if = "Option::is_none")]
2022-04-21 19:12:16 +02:00
message: Option<Cow<'static, str>>,
#[serde(skip_serializing_if = "Option::is_none")]
user: Option<UserWithToken>,
#[serde(skip_serializing_if = "Option::is_none")]
gamenights: Option<Vec<GameNight>>,
#[serde(skip_serializing_if = "Option::is_none")]
games: Option<Vec<Game>>,
}
impl ApiResponse {
const SUCCES_RESULT: Cow<'static, str> = Cow::Borrowed("Ok");
const FAILURE_RESULT: Cow<'static, str> = Cow::Borrowed("Failure");
const SUCCES: Self = Self {
result: Self::SUCCES_RESULT,
message: None,
user: None,
gamenights: None,
games: None,
};
fn error(message: String) -> Self {
2022-04-21 19:12:16 +02:00
Self {
result: Self::FAILURE_RESULT,
message: Some(Cow::Owned(message)),
user: None,
gamenights: None,
games: None,
}
}
fn login_response(user: User, jwt: String) -> Self {
Self {
result: Self::SUCCES_RESULT,
message: None,
user: Some(UserWithToken {
user: user,
2022-05-28 18:32:00 +02:00
jwt: jwt,
}),
gamenights: None,
games: None,
}
}
fn gamenight_response(gamenights: Vec<GameNight>) -> Self {
Self {
result: Self::SUCCES_RESULT,
message: None,
user: None,
gamenights: Some(gamenights),
games: None,
}
}
fn games_response(games: Vec<Game>) -> Self {
Self {
result: Self::SUCCES_RESULT,
message: None,
user: None,
gamenights: None,
games: Some(games),
}
}
}
#[derive(Debug)]
pub enum ApiError {
RequestError(String),
}
const AUTH_HEADER: &str = "Authorization";
const BEARER: &str = "Bearer ";
#[rocket::async_trait]
impl<'r> FromRequest<'r> for User {
type Error = ApiError;
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
let header = match req.headers().get_one(AUTH_HEADER) {
Some(header) => header,
2022-05-28 18:32:00 +02:00
None => return Outcome::Forward(()),
};
if !header.starts_with(BEARER) {
return Outcome::Forward(());
};
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
let jwt = header.trim_start_matches(BEARER).to_owned();
2022-04-21 19:12:16 +02:00
let token = match decode::<Claims>(
&jwt,
&DecodingKey::from_secret(app_config.jwt_secret.as_bytes()),
&Validation::default(),
) {
Ok(token) => token,
2022-05-28 18:32:00 +02:00
Err(_) => return Outcome::Forward(()),
};
let id = token.claims.uid;
2022-04-21 19:12:16 +02:00
let conn = req.guard::<DbConn>().await.unwrap();
return match get_user(conn, id).await {
Ok(o) => Outcome::Success(o),
2022-05-28 18:32:00 +02:00
Err(_) => Outcome::Forward(()),
};
}
}
#[get("/gamenights")]
pub async fn gamenights(conn: DbConn, _user: User) -> ApiResponseVariant {
match get_all_gamenights(conn).await {
2022-05-28 18:32:00 +02:00
Ok(gamenights) => {
ApiResponseVariant::Value(json!(ApiResponse::gamenight_response(gamenights)))
}
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string()))),
}
}
#[get("/gamenights", rank = 2)]
pub async fn gamenights_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct GameNightInput {
pub name: String,
pub datetime: String,
pub owner_id: Option<Uuid>,
pub game_list: Vec<Game>,
}
impl Into<GameNight> for GameNightInput {
2022-05-28 18:32:00 +02:00
fn into(self) -> GameNight {
GameNight {
id: Uuid::new_v4(),
name: self.name,
datetime: self.datetime,
2022-05-28 18:32:00 +02:00
owner_id: self.owner_id.unwrap(),
}
}
}
#[post("/gamenights", format = "application/json", data = "<gamenight_json>")]
pub async fn gamenights_post_json(
2022-04-21 19:12:16 +02:00
conn: DbConn,
user: User,
gamenight_json: Json<GameNightInput>,
2022-04-21 19:12:16 +02:00
) -> ApiResponseVariant {
let mut gamenight = gamenight_json.into_inner();
gamenight.owner_id = Some(user.id);
let mut mutable_game_list = gamenight.game_list.clone();
match add_unknown_games(&conn, &mut mutable_game_list).await {
Ok(_) => (),
2022-05-28 18:32:00 +02:00
Err(err) => return ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
};
2022-05-28 19:28:58 +02:00
let gamenight_id = match insert_gamenight(&conn, gamenight.clone().into(), mutable_game_list).await {
Ok(id) => id,
Err(err) => return ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
};
let participant = GamenightParticipantsEntry{gamenight_id: gamenight_id, user_id: user.id};
match insert_participant(&conn, participant).await {
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
2022-05-28 18:32:00 +02:00
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
}
}
#[post("/gamenights", rank = 2)]
pub async fn gamenights_post_json_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
2022-05-28 18:32:00 +02:00
#[delete(
"/gamenights",
format = "application/json",
data = "<delete_gamenight_json>"
)]
pub async fn gamenights_delete_json(
conn: DbConn,
user: User,
2022-05-28 18:32:00 +02:00
delete_gamenight_json: Json<DeleteGameNight>,
) -> ApiResponseVariant {
if user.role == Role::Admin {
if let Err(error) = delete_gamenight(&conn, delete_gamenight_json.game_id).await {
2022-05-28 18:32:00 +02:00
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())));
}
2022-05-28 18:32:00 +02:00
return ApiResponseVariant::Value(json!(ApiResponse::SUCCES));
}
2022-05-28 18:32:00 +02:00
match get_gamenight(&conn, delete_gamenight_json.game_id).await {
Ok(gamenight) => {
if user.id == gamenight.owner_id {
if let Err(error) = delete_gamenight(&conn, delete_gamenight_json.game_id).await {
2022-05-28 18:32:00 +02:00
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())));
}
2022-05-28 18:32:00 +02:00
return ApiResponseVariant::Value(json!(ApiResponse::SUCCES));
}
2022-05-28 18:32:00 +02:00
}
Err(error) => {
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
}
}
ApiResponseVariant::Status(Status::Unauthorized)
}
#[delete("/gamenights", rank = 2)]
pub async fn gamenights_delete_json_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
#[post("/register", format = "application/json", data = "<register_json>")]
2022-05-28 18:32:00 +02:00
pub async fn register_post_json(conn: DbConn, register_json: Json<Register>) -> ApiResponseVariant {
let register = register_json.into_inner();
let register_clone = register.clone();
2022-04-21 19:12:16 +02:00
match conn
.run(move |c| register_clone.validate_args((c, c)))
.await
{
Ok(()) => (),
2022-04-21 19:12:16 +02:00
Err(error) => {
return ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
}
}
2022-04-21 19:12:16 +02:00
match insert_user(conn, register).await {
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
2022-04-21 19:12:16 +02:00
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
}
}
#[derive(Debug, Serialize, Deserialize)]
struct Claims {
exp: i64,
uid: Uuid,
role: Role,
}
#[post("/login", format = "application/json", data = "<login_json>")]
2022-04-21 19:12:16 +02:00
pub async fn login_post_json(
conn: DbConn,
config: &State<AppConfig>,
login_json: Json<Login>,
2022-04-21 19:12:16 +02:00
) -> ApiResponseVariant {
match login(conn, login_json.into_inner()).await {
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
Ok(login_result) => {
2022-04-21 19:12:16 +02:00
if !login_result.result {
return ApiResponseVariant::Value(json!(ApiResponse::error(String::from(
"username and password didn't match"
))));
}
let user = login_result.user.unwrap();
let my_claims = Claims {
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
uid: user.id,
role: user.role,
};
2022-04-21 19:12:16 +02:00
let secret = &config.inner().jwt_secret;
2022-04-21 19:12:16 +02:00
match encode(
&Header::default(),
&my_claims,
&EncodingKey::from_secret(secret.as_bytes()),
) {
2022-05-28 18:32:00 +02:00
Ok(token) => {
ApiResponseVariant::Value(json!(ApiResponse::login_response(user, token)))
}
2022-04-21 19:12:16 +02:00
Err(error) => {
ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
}
}
}
}
2022-04-21 19:12:16 +02:00
}
#[get("/games")]
pub async fn games(conn: DbConn, _user: User) -> ApiResponseVariant {
match get_all_known_games(&conn).await {
Ok(games) => ApiResponseVariant::Value(json!(ApiResponse::games_response(games))),
2022-05-28 18:32:00 +02:00
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string()))),
}
}
#[get("/games", rank = 2)]
pub async fn games_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
2022-05-28 19:28:58 +02:00
#[get("/participants", format = "application/json", data = "<gamenight_id_json>")]
pub async fn get_participants(conn: DbConn, _user: User, gamenight_id_json: Json<GamenightId>) -> ApiResponseVariant {
match load_participants(&conn, gamenight_id_json.into_inner()).await {
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string()))),
}
}
#[get("/participants", rank = 2)]
pub async fn get_participants_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
#[post("/participants", format = "application/json", data = "<entry_json>")]
pub async fn post_participants(conn: DbConn, _user: User, entry_json: Json<GamenightParticipantsEntry>) -> ApiResponseVariant {
match insert_participant(&conn, entry_json.into_inner()).await {
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string()))),
}
}
#[post("/participants", rank = 2)]
pub async fn post_participants_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}
#[delete("/participants", format = "application/json", data = "<entry_json>")]
pub async fn delete_participants(conn: DbConn, _user: User, entry_json: Json<GamenightParticipantsEntry>) -> ApiResponseVariant {
match remove_participant(&conn, entry_json.into_inner()).await {
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string()))),
}
}
#[delete("/participants", rank = 2)]
pub async fn delete_participants_unauthorized() -> ApiResponseVariant {
ApiResponseVariant::Status(Status::Unauthorized)
}