Added auth to endpoints
This commit is contained in:
Benjamin Sherriff
@@ -79,9 +79,30 @@ impl InsertUser {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct ResponseUser {
|
||||
pub email: String,
|
||||
pub role: String,
|
||||
pub first_name: String,
|
||||
pub last_name: String,
|
||||
}
|
||||
|
||||
impl From<QueryUser> for ResponseUser {
|
||||
fn from(user: QueryUser) -> Self {
|
||||
ResponseUser {
|
||||
email: user.email,
|
||||
role: user.role,
|
||||
first_name: user.first_name,
|
||||
last_name: user.last_name,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Deserialize)]
|
||||
pub struct JwtAuth {
|
||||
pub access_token_uuid: uuid::Uuid
|
||||
pub access_token_uuid: uuid::Uuid,
|
||||
pub email: String,
|
||||
pub role: String,
|
||||
}
|
||||
|
||||
impl FromRequest for JwtAuth {
|
||||
@@ -140,8 +161,8 @@ impl FromRequest for JwtAuth {
|
||||
};
|
||||
|
||||
match QueryUser::get_by_email(&user_email) {
|
||||
Ok(_) => {
|
||||
ready(Ok(JwtAuth { access_token_uuid }))
|
||||
Ok(user) => {
|
||||
ready(Ok(JwtAuth { access_token_uuid, email: user.email, role: user.role }))
|
||||
}
|
||||
Err(err) => return ready(Err(ActixError::from(ServiceError {
|
||||
status: 500,
|
||||
|
||||
@@ -5,7 +5,7 @@ use log::error;
|
||||
use redis::AsyncCommands;
|
||||
use siren::ServiceError;
|
||||
|
||||
use crate::{auth::{LoginRequest, RegisterUser, InsertUser, QueryUser, verify_password, generate_token, JwtAuth}, db};
|
||||
use crate::{auth::{LoginRequest, RegisterUser, InsertUser, QueryUser, verify_password, generate_token, JwtAuth, ResponseUser}, db};
|
||||
|
||||
#[post("/register")]
|
||||
async fn register(user: web::Json<RegisterUser>) -> HttpResponse {
|
||||
@@ -96,17 +96,17 @@ async fn login(request: web::Json<LoginRequest>) -> HttpResponse {
|
||||
|
||||
let access_cookie = Cookie::build("access_token", access_token_details.token.clone().unwrap())
|
||||
.path("/")
|
||||
.max_age(Duration::new(access_token_max_age, 0))
|
||||
.max_age(Duration::new(access_token_max_age * 60, 0))
|
||||
.http_only(true)
|
||||
.finish();
|
||||
let refresh_cookie = Cookie::build("refresh_token", refresh_token_details.token.clone().unwrap())
|
||||
.path("/")
|
||||
.max_age(Duration::new(refresh_token_max_age, 0))
|
||||
.max_age(Duration::new(refresh_token_max_age * 60, 0))
|
||||
.http_only(true)
|
||||
.finish();
|
||||
let logged_in_cookie = Cookie::build("logged_in", "true")
|
||||
.path("/")
|
||||
.max_age(Duration::new(access_token_max_age, 0))
|
||||
.max_age(Duration::new(access_token_max_age * 60, 0))
|
||||
.http_only(false)
|
||||
.finish();
|
||||
|
||||
@@ -135,10 +135,24 @@ async fn logout(req: HttpRequest, auth: JwtAuth) -> HttpResponse {
|
||||
|
||||
#[get("/me")]
|
||||
async fn me(auth: JwtAuth) -> HttpResponse {
|
||||
HttpResponse::Ok().json(auth)
|
||||
let query_user = match QueryUser::get_by_email(&auth.email) {
|
||||
Ok(user) => user,
|
||||
Err(err) => return ResponseError::error_response(&err)
|
||||
};
|
||||
let user: ResponseUser = query_user.into();
|
||||
HttpResponse::Ok().json(user)
|
||||
}
|
||||
|
||||
pub fn init_routes(config: &mut web::ServiceConfig) {
|
||||
let r = RegisterUser {
|
||||
email: "admin".to_string(),
|
||||
password: "admin".to_string(),
|
||||
first_name: "Admin".to_string(),
|
||||
last_name: "Admin".to_string(),
|
||||
};
|
||||
let mut u = r.convert_to_insert().unwrap();
|
||||
u.role = "admin".to_string();
|
||||
let _ = InsertUser::insert(u);
|
||||
config.service(web::scope("auth")
|
||||
.service(register)
|
||||
.service(login)
|
||||
|
||||
@@ -6,10 +6,10 @@ use serde::{Serialize, Deserialize};
|
||||
use serenity::model::prelude::{GuildChannel, ChannelType};
|
||||
use siren::ServiceError;
|
||||
|
||||
use crate::{AppState, bot::commands::audio::{play::play_track, join}, db::guilds::{InsertGuild, QueryGuild}};
|
||||
use crate::{AppState, bot::commands::audio::{play::play_track, join}, db::guilds::{InsertGuild, QueryGuild}, auth::JwtAuth};
|
||||
|
||||
#[get("/guilds")]
|
||||
async fn get_guilds(data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn get_guilds(data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_results = &data.http.get_guilds(None, None).await;
|
||||
let guilds = match guild_results {
|
||||
Ok(guilds) => guilds,
|
||||
@@ -22,7 +22,7 @@ async fn get_guilds(data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
}
|
||||
|
||||
#[get("/{id}/text")]
|
||||
async fn get_text_channels(id: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn get_text_channels(id: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let channel_results = &data.http.get_channels(id.parse::<u64>().unwrap()).await;
|
||||
let channels = match channel_results {
|
||||
Ok(channels) => channels.iter().filter(|c| c.kind == ChannelType::Text).collect::<Vec<&GuildChannel>>(),
|
||||
@@ -35,7 +35,7 @@ async fn get_text_channels(id: web::Path<String>, data: web::Data<Arc<AppState>>
|
||||
}
|
||||
|
||||
#[get("/{id}/voice")]
|
||||
async fn get_voice_channels(id: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn get_voice_channels(id: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let channel_results = &data.http.get_channels(id.parse::<u64>().unwrap()).await;
|
||||
let channels = match channel_results {
|
||||
Ok(channels) => channels.iter().filter(|c| c.kind == ChannelType::Voice).collect::<Vec<&GuildChannel>>(),
|
||||
@@ -53,7 +53,7 @@ struct ChannelMessage {
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/text/{channel_id}/message")]
|
||||
async fn send_message(path: web::Path<(String, String)>, text: web::Json<ChannelMessage>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn send_message(path: web::Path<(String, String)>, text: web::Json<ChannelMessage>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let (guild_id, channel_id) = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -115,7 +115,7 @@ struct PlayRequest {
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/{channel_id}/play")]
|
||||
async fn play(path: web::Path<(String, String)>, play_request: web::Json<PlayRequest>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn play(path: web::Path<(String, String)>, play_request: web::Json<PlayRequest>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let (guild_id, channel_id) = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -167,7 +167,7 @@ async fn play(path: web::Path<(String, String)>, play_request: web::Json<PlayReq
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/stop")]
|
||||
async fn stop(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn stop(path: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -189,7 +189,7 @@ async fn stop(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpRe
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/resume")]
|
||||
async fn resume(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn resume(path: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -217,7 +217,7 @@ async fn resume(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> Http
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/pause")]
|
||||
async fn pause(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn pause(path: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -250,7 +250,7 @@ struct SetVolume {
|
||||
}
|
||||
|
||||
#[get("/{guild_id}/voice/volume")]
|
||||
async fn get_volume(path: web::Path<String>) -> HttpResponse {
|
||||
async fn get_volume(path: web::Path<String>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -278,7 +278,7 @@ async fn get_volume(path: web::Path<String>) -> HttpResponse {
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/volume")]
|
||||
async fn set_volume(path: web::Path<String>, volume: web::Json::<SetVolume>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn set_volume(path: web::Path<String>, volume: web::Json::<SetVolume>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
@@ -307,7 +307,7 @@ async fn set_volume(path: web::Path<String>, volume: web::Json::<SetVolume>, dat
|
||||
}
|
||||
|
||||
#[post("/{guild_id}/voice/skip")]
|
||||
async fn skip(path: web::Path<String>, data: web::Data<Arc<AppState>>) -> HttpResponse {
|
||||
async fn skip(path: web::Path<String>, data: web::Data<Arc<AppState>>, auth: JwtAuth) -> HttpResponse {
|
||||
let guild_id = path.into_inner();
|
||||
let guild_id = match guild_id.parse::<u64>() {
|
||||
Ok(id) => id,
|
||||
|
||||
@@ -3,7 +3,7 @@ use log::error;
|
||||
use serde::{Serialize, Deserialize};
|
||||
use siren::{GetResponse, Metadata, ServiceError};
|
||||
|
||||
use crate::db::messages::{QueryMessage, QueryFilters, InsertMessage};
|
||||
use crate::{db::messages::{QueryMessage, QueryFilters, InsertMessage}, auth::JwtAuth};
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
struct GetAllParams {
|
||||
@@ -21,7 +21,7 @@ struct GetAllParams {
|
||||
}
|
||||
|
||||
#[get("/messages")]
|
||||
async fn get_all(req: HttpRequest) -> HttpResponse {
|
||||
async fn get_all(req: HttpRequest, auth: JwtAuth) -> HttpResponse {
|
||||
let params = match web::Query::<GetAllParams>::from_query(req.query_string()) {
|
||||
Ok(params) => params,
|
||||
Err(err) => return ResponseError::error_response(&ServiceError {
|
||||
@@ -64,7 +64,7 @@ async fn get_all(req: HttpRequest) -> HttpResponse {
|
||||
}
|
||||
|
||||
#[post("/messages")]
|
||||
async fn create(message: web::Json<InsertMessage>) -> HttpResponse {
|
||||
async fn create(message: web::Json<InsertMessage>, auth: JwtAuth) -> HttpResponse {
|
||||
match InsertMessage::insert(message.into_inner()) {
|
||||
Ok(message) => HttpResponse::Created().json(message),
|
||||
Err(err) => {
|
||||
|
||||
@@ -3,7 +3,7 @@ use log::error;
|
||||
use serde::{Serialize, Deserialize};
|
||||
use siren::{GetResponse, Metadata, ServiceError};
|
||||
|
||||
use crate::db::spells::{QuerySpell, QueryFilters};
|
||||
use crate::{db::spells::{QuerySpell, QueryFilters}, auth::JwtAuth};
|
||||
|
||||
use super::{Spell, InsertSpell};
|
||||
|
||||
@@ -134,7 +134,7 @@ async fn get_by_id(id: web::Path<String>) -> HttpResponse {
|
||||
}
|
||||
|
||||
#[post("/spells")]
|
||||
async fn create(spell: web::Json<Spell>) -> HttpResponse {
|
||||
async fn create(spell: web::Json<Spell>, auth: JwtAuth) -> HttpResponse {
|
||||
match InsertSpell::insert(spell.into_inner().into()) {
|
||||
Ok(spell) => HttpResponse::Created().json(Spell::from(spell)),
|
||||
Err(err) => {
|
||||
@@ -145,7 +145,7 @@ async fn create(spell: web::Json<Spell>) -> HttpResponse {
|
||||
}
|
||||
|
||||
#[put("/spells/{id}")]
|
||||
async fn update(id: web::Path<String>, spell: web::Json<Spell>) -> HttpResponse {
|
||||
async fn update(id: web::Path<String>, spell: web::Json<Spell>, auth: JwtAuth) -> HttpResponse {
|
||||
let id = match id.parse::<i32>() {
|
||||
Ok(id) => id,
|
||||
Err(err) => return ResponseError::error_response(&ServiceError {
|
||||
@@ -163,7 +163,7 @@ async fn update(id: web::Path<String>, spell: web::Json<Spell>) -> HttpResponse
|
||||
}
|
||||
|
||||
#[delete("/spells/{id}")]
|
||||
async fn delete(id: web::Path<String>) -> HttpResponse {
|
||||
async fn delete(id: web::Path<String>, auth: JwtAuth) -> HttpResponse {
|
||||
let id = match id.parse::<i32>() {
|
||||
Ok(id) => id,
|
||||
Err(err) => return ResponseError::error_response(&ServiceError {
|
||||
|
||||
Reference in New Issue
Block a user