Formatting code
This commit is contained in:
Benjamin Sherriff
@@ -1,11 +1,18 @@
|
||||
use std::env;
|
||||
|
||||
use actix_web::{get, post, web, HttpResponse, ResponseError, cookie::{Cookie, time::Duration}, HttpRequest};
|
||||
use actix_web::{
|
||||
get, post, web, HttpResponse, ResponseError,
|
||||
cookie::{Cookie, time::Duration},
|
||||
HttpRequest,
|
||||
};
|
||||
use log::error;
|
||||
use redis::AsyncCommands;
|
||||
use siren::ServiceError;
|
||||
|
||||
use crate::{auth::{InsertUser, Auth, LoginRequest, QueryUser, RegisterUser, Session, SESSION_COOKIE_NAME}, storage::{self}};
|
||||
use crate::{
|
||||
auth::{InsertUser, Auth, LoginRequest, QueryUser, RegisterUser, Session, SESSION_COOKIE_NAME},
|
||||
storage::{self},
|
||||
};
|
||||
|
||||
use super::verify_hash;
|
||||
|
||||
@@ -14,12 +21,10 @@ async fn register(user: web::Json<RegisterUser>) -> HttpResponse {
|
||||
let register_user = user.0;
|
||||
let insert_user: InsertUser = match register_user.convert_to_insert() {
|
||||
Ok(user) => user,
|
||||
Err(err) => return ResponseError::error_response(&err)
|
||||
Err(err) => return ResponseError::error_response(&err),
|
||||
};
|
||||
match InsertUser::insert(insert_user) {
|
||||
Ok(_) => {
|
||||
HttpResponse::Created().finish()
|
||||
},
|
||||
Ok(_) => HttpResponse::Created().finish(),
|
||||
Err(err) => {
|
||||
// Obfuscate the service error message to prevent leaking database details
|
||||
if err.status == 409 {
|
||||
@@ -39,10 +44,12 @@ async fn login(request: HttpRequest, login_request: web::Json<LoginRequest>) ->
|
||||
|
||||
let query_user = match QueryUser::get_by_email(&email) {
|
||||
Ok(query_user) => query_user,
|
||||
Err(_) => return ResponseError::error_response(&ServiceError {
|
||||
status: 401,
|
||||
message: "The email or password was incorrect.".to_string()
|
||||
})
|
||||
Err(_) => {
|
||||
return ResponseError::error_response(&ServiceError {
|
||||
status: 401,
|
||||
message: "The email or password was incorrect.".to_string(),
|
||||
})
|
||||
}
|
||||
};
|
||||
// Verify password
|
||||
if verify_hash(&login_request.password, &query_user.hash) {
|
||||
@@ -52,7 +59,7 @@ async fn login(request: HttpRequest, login_request: web::Json<LoginRequest>) ->
|
||||
Ok(conn) => conn,
|
||||
Err(err) => {
|
||||
error!("Failed to get redis connection: {}", err);
|
||||
return ResponseError::error_response(&err)
|
||||
return ResponseError::error_response(&err);
|
||||
}
|
||||
};
|
||||
|
||||
@@ -61,10 +68,16 @@ async fn login(request: HttpRequest, login_request: web::Json<LoginRequest>) ->
|
||||
.parse::<i64>()
|
||||
.expect("SESSION_TTL must be an integer");
|
||||
|
||||
let session_result: redis::RedisResult<()> = conn.set_ex(session.id.to_string(), &serde_json::to_string(&session).unwrap(), (session_ttl * 60) as usize).await;
|
||||
let session_result: redis::RedisResult<()> = conn
|
||||
.set_ex(
|
||||
session.id.to_string(),
|
||||
&serde_json::to_string(&session).unwrap(),
|
||||
(session_ttl * 60) as usize,
|
||||
)
|
||||
.await;
|
||||
if let Err(err) = session_result {
|
||||
error!("Failed to set access token in redis: {}", err);
|
||||
return ResponseError::error_response(&ServiceError::from(err))
|
||||
return ResponseError::error_response(&ServiceError::from(err));
|
||||
};
|
||||
|
||||
let session_cookie = Cookie::build(SESSION_COOKIE_NAME, session.id.clone())
|
||||
@@ -82,12 +95,15 @@ async fn login(request: HttpRequest, login_request: web::Json<LoginRequest>) ->
|
||||
HttpResponse::Ok()
|
||||
.cookie(session_cookie)
|
||||
.cookie(user_id_cookie)
|
||||
.json(Auth { id: session.id, user: query_user.into() })
|
||||
.json(Auth {
|
||||
id: session.id,
|
||||
user: query_user.into(),
|
||||
})
|
||||
} else {
|
||||
return ResponseError::error_response(&ServiceError {
|
||||
status: 401,
|
||||
message: "The email or password was incorrect.".to_string()
|
||||
})
|
||||
message: "The email or password was incorrect.".to_string(),
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@@ -99,7 +115,7 @@ async fn refresh(req: HttpRequest, auth: Auth) -> HttpResponse {
|
||||
Ok(conn) => conn,
|
||||
Err(err) => {
|
||||
error!("Failed to get redis connection: {}", err);
|
||||
return ResponseError::error_response(&err)
|
||||
return ResponseError::error_response(&err);
|
||||
}
|
||||
};
|
||||
|
||||
@@ -113,10 +129,16 @@ async fn refresh(req: HttpRequest, auth: Auth) -> HttpResponse {
|
||||
|
||||
// Create new session
|
||||
let session = Session::new(&auth.user.email, &ip_address);
|
||||
let session_result: redis::RedisResult<()> = conn.set_ex(session.id.to_string(), &serde_json::to_string(&session).unwrap(), (session_ttl * 60) as usize).await;
|
||||
let session_result: redis::RedisResult<()> = conn
|
||||
.set_ex(
|
||||
session.id.to_string(),
|
||||
&serde_json::to_string(&session).unwrap(),
|
||||
(session_ttl * 60) as usize,
|
||||
)
|
||||
.await;
|
||||
if let Err(err) = session_result {
|
||||
error!("Failed to set session id in redis: {}", err);
|
||||
return ResponseError::error_response(&ServiceError::from(err))
|
||||
return ResponseError::error_response(&ServiceError::from(err));
|
||||
};
|
||||
|
||||
// Create cookies
|
||||
@@ -130,7 +152,10 @@ async fn refresh(req: HttpRequest, auth: Auth) -> HttpResponse {
|
||||
HttpResponse::Ok()
|
||||
.cookie(session_cookie)
|
||||
.cookie(user_id_cookie)
|
||||
.json(Auth { id: session.id, user: auth.user })
|
||||
.json(Auth {
|
||||
id: session.id,
|
||||
user: auth.user,
|
||||
})
|
||||
}
|
||||
|
||||
#[post("/logout")]
|
||||
@@ -139,14 +164,14 @@ async fn logout(auth: Auth) -> HttpResponse {
|
||||
Ok(conn) => conn,
|
||||
Err(err) => {
|
||||
error!("Failed to get redis connection: {}", err);
|
||||
return ResponseError::error_response(&err)
|
||||
return ResponseError::error_response(&err);
|
||||
}
|
||||
};
|
||||
|
||||
let session_result: redis::RedisResult<()> = conn.del(&auth.id.to_string()).await;
|
||||
if let Err(err) = session_result {
|
||||
error!("Failed to remove session id in redis: {}", err);
|
||||
return ResponseError::error_response(&ServiceError::from(err))
|
||||
return ResponseError::error_response(&ServiceError::from(err));
|
||||
};
|
||||
|
||||
let session_cookie = Cookie::build(SESSION_COOKIE_NAME, "")
|
||||
@@ -160,7 +185,7 @@ async fn logout(auth: Auth) -> HttpResponse {
|
||||
.max_age(Duration::new(-1, 0))
|
||||
.http_only(true)
|
||||
.finish();
|
||||
|
||||
|
||||
HttpResponse::Ok()
|
||||
.cookie(session_cookie)
|
||||
.cookie(user_id_cookie)
|
||||
@@ -189,12 +214,13 @@ pub fn init_routes(config: &mut web::ServiceConfig) {
|
||||
u.role = "admin".to_string();
|
||||
u.verified = true;
|
||||
let _ = InsertUser::insert(u);
|
||||
config.service(web::scope("auth")
|
||||
.service(register)
|
||||
.service(login)
|
||||
.service(refresh)
|
||||
.service(logout)
|
||||
.service(me)
|
||||
.service(roles)
|
||||
);
|
||||
}
|
||||
config.service(
|
||||
web::scope("auth")
|
||||
.service(register)
|
||||
.service(login)
|
||||
.service(refresh)
|
||||
.service(logout)
|
||||
.service(me)
|
||||
.service(roles),
|
||||
);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user