1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
use crate::database::user::{User, UserForm};
use crate::AppState;
use actix_web::{delete, post, web, HttpResponse, Scope};
use chrono::{Duration, Utc};
use jsonwebtoken::{encode, EncodingKey, Header};
use serde::{Deserialize, Serialize};
pub fn auth_scope() -> Scope {
web::scope("/auth")
.service(register)
.service(login)
.service(delete_user)
}
#[derive(Serialize, Deserialize)]
pub struct Claims {
pub id: usize,
pub exp: usize,
}
#[derive(Serialize, Deserialize)]
struct Response {
message: String,
}
#[derive(Serialize, Deserialize)]
struct EncodeResponse {
message: String,
token: String,
}
#[derive(Serialize, Deserialize)]
struct DecodeResponse {
message: String,
id: usize,
}
#[derive(Serialize, Deserialize)]
struct DecodeBody {
token: String,
}
#[post("/register")]
pub async fn register(
app_state: web::Data<AppState>,
request_data: web::Json<UserForm>,
) -> HttpResponse {
let query = app_state.database.register(request_data.into_inner()).await;
match query {
Ok(_) => HttpResponse::Ok().json(Response {
message: "Registration executed with no errors".to_owned(),
}),
Err(e) => HttpResponse::BadRequest().json(Response {
message: format!("There was an issue in the request: {}", e).to_owned(),
}),
}
}
#[post("/login")]
pub async fn login(
app_state: web::Data<AppState>,
request_data: web::Json<UserForm>,
) -> HttpResponse {
let query = app_state.database.login(request_data.into_inner()).await;
let result = match query {
Ok(res) => res,
Err(e) => {
return HttpResponse::BadRequest().json(Response {
message: format!("There was an issue in the request: {}", e).to_owned(),
})
}
};
let user: User = match result {
Some(user) => user,
None => {
return HttpResponse::BadRequest().json(Response {
message: "Username/Password incorrect!".to_owned(),
})
}
};
let id: usize = match user.id {
Some(res) => res as usize,
None => {
return HttpResponse::BadRequest().json(Response {
message: "Internal error: user id not found".to_owned(),
})
}
};
return match encode_token(id, &app_state.secret).await {
Ok(token) => HttpResponse::Ok().json(EncodeResponse {
message: format!("Successfully logged in as {}", user.name.unwrap()).to_owned(),
token: token.to_owned(),
}),
Err(response) => response,
};
}
async fn encode_token(id: usize, secret: &String) -> Result<String, HttpResponse> {
let exp: usize = (Utc::now() + Duration::days(365)).timestamp() as usize;
let claims: Claims = Claims { id, exp };
match encode(
&Header::default(),
&claims,
&EncodingKey::from_secret(secret.as_str().as_ref()),
) {
Ok(token) => return Ok(token),
Err(_) => return Err(HttpResponse::Ok().body("Token encoding didn't work\n")),
};
}
// todo! tell if the user has been deleted or not
#[delete("/user")]
pub async fn delete_user(
app_state: web::Data<AppState>,
request_data: web::Json<UserForm>,
) -> HttpResponse {
let query = app_state
.database
.delete_user(request_data.into_inner())
.await;
match query {
Ok(_) => HttpResponse::Ok().json(Response {
message: "Deletion executed with no errors".to_owned(),
}),
Err(e) => {
return HttpResponse::BadRequest().json(Response {
message: format!("There was an issue in the request: {}", e).to_owned(),
})
}
}
}
|
