From b5e9420c1fde909a8f24011cafb0b93b8c6f6a1f Mon Sep 17 00:00:00 2001 From: Dennis Brentjes Date: Thu, 21 Apr 2022 21:35:14 +0200 Subject: [PATCH] Makes seperate function for authorized and unauthorized request. --- backend/src/api.rs | 32 ++++++++++++-------------------- backend/src/main.rs | 1 + backend/src/schema.rs | 8 ++++---- 3 files changed, 17 insertions(+), 24 deletions(-) diff --git a/backend/src/api.rs b/backend/src/api.rs index 3558a8d..c04cb66 100644 --- a/backend/src/api.rs +++ b/backend/src/api.rs @@ -76,18 +76,12 @@ impl<'r> FromRequest<'r> for schema::User { let header = match req.headers().get_one(AUTH_HEADER) { Some(header) => header, None => { - return Outcome::Failure(( - Status::BadRequest, - ApiError::RequestError("No authorization header found".to_string()), - )) + return Outcome::Forward(()) } }; if !header.starts_with(BEARER) { - return Outcome::Failure(( - Status::BadRequest, - ApiError::RequestError("Invalid Authorization header.".to_string()), - )); + return Outcome::Forward(()); }; let app_config = req.guard::<&State>().await.unwrap().inner(); @@ -98,11 +92,8 @@ impl<'r> FromRequest<'r> for schema::User { &Validation::default(), ) { Ok(token) => token, - Err(error) => { - return Outcome::Failure(( - Status::BadRequest, - ApiError::RequestError(error.to_string()), - )) + Err(_) => { + return Outcome::Forward(()) } }; let id = token.claims.uid; @@ -113,13 +104,14 @@ impl<'r> FromRequest<'r> for schema::User { } #[get("/gamenights")] -pub async fn gamenights(conn: DbConn, user: Option) -> ApiResponseVariant { - if user.is_some() { - let gamenights = schema::get_all_gamenights(conn).await; - ApiResponseVariant::Value(json!(gamenights)) - } else { - ApiResponseVariant::Status(Status::Unauthorized) - } +pub async fn gamenights(conn: DbConn, _user: schema::User) -> ApiResponseVariant { + let gamenights = schema::get_all_gamenights(conn).await; + ApiResponseVariant::Value(json!(gamenights)) +} + +#[get("/gamenights", rank = 2)] +pub async fn gamenights_unauthorized() -> ApiResponseVariant { + ApiResponseVariant::Status(Status::Unauthorized) } #[post("/gamenight", format = "application/json", data = "")] diff --git a/backend/src/main.rs b/backend/src/main.rs index 6e10b8d..450ea69 100644 --- a/backend/src/main.rs +++ b/backend/src/main.rs @@ -58,6 +58,7 @@ fn rocket() -> _ { "/api", routes![ api::gamenights, + api::gamenights_unauthorized, api::gamenight_post_json, api::register_post_json, api::login_post_json diff --git a/backend/src/schema.rs b/backend/src/schema.rs index 28c4efb..613ae2a 100644 --- a/backend/src/schema.rs +++ b/backend/src/schema.rs @@ -57,8 +57,8 @@ table! { } table! { - pwd(id) { - id -> Integer, + pwd(user_id) { + user_id -> Integer, password -> Text, } } @@ -129,7 +129,7 @@ pub async fn insert_user(conn: DbConn, new_user: Register) -> Result<(), Databas }; diesel::insert_into(pwd::table) - .values((pwd::id.eq(ids[0]), pwd::password.eq(&password_hash))) + .values((pwd::user_id.eq(ids[0]), pwd::password.eq(&password_hash))) .execute(c) }) }) @@ -154,7 +154,7 @@ pub async fn login(conn: DbConn, login: Login) -> Result(c) {