fight unuseds, sessions endpoint
This commit is contained in:
@@ -4,18 +4,19 @@ use axum::{
|
|||||||
routing::get,
|
routing::get,
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::{
|
use crate::users::{UserError, auth::AuthError, sessions::SessionError};
|
||||||
api::users::{get_by_id, get_me},
|
|
||||||
users::{UserError, auth::AuthError, sessions::SessionError},
|
|
||||||
};
|
|
||||||
|
|
||||||
|
mod sessions;
|
||||||
mod users;
|
mod users;
|
||||||
|
|
||||||
|
// TODO: PERMISSIONS FOR ENDPOINTS & ACTIONS
|
||||||
pub fn api_router() -> Router {
|
pub fn api_router() -> Router {
|
||||||
Router::new()
|
Router::new()
|
||||||
.route("/api/live", get(async || "Mnemosyne lives"))
|
.route("/api/live", get(async || "Mnemosyne lives"))
|
||||||
.route("/api/users/me", get(get_me))
|
.route("/api/users/me", get(users::get_me))
|
||||||
.route("/api/users/{id}", get(get_by_id))
|
.route("/api/users/{id}", get(users::get_by_id))
|
||||||
|
.route("/api/users/@{handle}", get(users::get_by_handle))
|
||||||
|
.route("/api/sessions/{id}", get(sessions::get_by_id))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct CompositeError(Response);
|
pub struct CompositeError(Response);
|
||||||
|
|||||||
24
src/api/sessions.rs
Normal file
24
src/api/sessions.rs
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
use axum::{
|
||||||
|
Json,
|
||||||
|
extract::Path,
|
||||||
|
http::HeaderMap,
|
||||||
|
response::{IntoResponse, Response},
|
||||||
|
};
|
||||||
|
use uuid::Uuid;
|
||||||
|
|
||||||
|
use crate::{
|
||||||
|
api::CompositeError,
|
||||||
|
users::{
|
||||||
|
User,
|
||||||
|
auth::{UserAuthRequired, UserAuthenticate},
|
||||||
|
sessions::Session,
|
||||||
|
},
|
||||||
|
};
|
||||||
|
|
||||||
|
pub async fn get_by_id(
|
||||||
|
Path(id): Path<Uuid>,
|
||||||
|
headers: HeaderMap,
|
||||||
|
) -> Result<Response, CompositeError> {
|
||||||
|
User::authenticate(&headers)?.required()?;
|
||||||
|
Ok(Json(Session::get_by_id(id)?).into_response())
|
||||||
|
}
|
||||||
@@ -1,7 +1,7 @@
|
|||||||
use axum::{
|
use axum::{
|
||||||
Json,
|
Json,
|
||||||
extract::Path,
|
extract::Path,
|
||||||
http::{HeaderMap, StatusCode},
|
http::HeaderMap,
|
||||||
response::{IntoResponse, Response},
|
response::{IntoResponse, Response},
|
||||||
};
|
};
|
||||||
use uuid::Uuid;
|
use uuid::Uuid;
|
||||||
@@ -11,14 +11,26 @@ use crate::{
|
|||||||
users::{
|
users::{
|
||||||
User,
|
User,
|
||||||
auth::{UserAuthRequired, UserAuthenticate},
|
auth::{UserAuthRequired, UserAuthenticate},
|
||||||
|
handle::UserHandle,
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
pub async fn get_me(h: HeaderMap) -> Result<Response, CompositeError> {
|
pub async fn get_me(headers: HeaderMap) -> Result<Response, CompositeError> {
|
||||||
Ok(Json(User::authenticate(&h)?.required()?).into_response())
|
Ok(Json(User::authenticate(&headers)?.required()?).into_response())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn get_by_id(Path(id): Path<Uuid>, h: HeaderMap) -> Result<Response, CompositeError> {
|
pub async fn get_by_id(
|
||||||
User::authenticate(&h)?.required()?;
|
Path(id): Path<Uuid>,
|
||||||
|
headers: HeaderMap,
|
||||||
|
) -> Result<Response, CompositeError> {
|
||||||
|
User::authenticate(&headers)?.required()?;
|
||||||
Ok(Json(User::get_by_id(id)?).into_response())
|
Ok(Json(User::get_by_id(id)?).into_response())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn get_by_handle(
|
||||||
|
Path(handle): Path<UserHandle>,
|
||||||
|
headers: HeaderMap,
|
||||||
|
) -> Result<Response, CompositeError> {
|
||||||
|
User::authenticate(&headers)?.required()?;
|
||||||
|
Ok(Json(User::get_by_handle(handle)?).into_response())
|
||||||
|
}
|
||||||
|
|||||||
@@ -36,7 +36,6 @@ async fn main() -> Result<(), Box<dyn Error>> {
|
|||||||
let r = api::api_router();
|
let r = api::api_router();
|
||||||
let l = TcpListener::bind(format!("0.0.0.0:{port}")).await?;
|
let l = TcpListener::bind(format!("0.0.0.0:{port}")).await?;
|
||||||
println!("Listener bound to {}", l.local_addr()?);
|
println!("Listener bound to {}", l.local_addr()?);
|
||||||
let port = l.local_addr()?.port();
|
|
||||||
|
|
||||||
axum::serve(l, r).await?;
|
axum::serve(l, r).await?;
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
pub mod names;
|
pub mod names;
|
||||||
|
|
||||||
|
#[allow(unused)]
|
||||||
pub struct Person;
|
pub struct Person;
|
||||||
|
|||||||
@@ -1 +1,2 @@
|
|||||||
|
#[allow(unused)]
|
||||||
pub struct Name;
|
pub struct Name;
|
||||||
|
|||||||
@@ -1 +1,2 @@
|
|||||||
|
#[allow(unused)]
|
||||||
pub struct QuoteLine;
|
pub struct QuoteLine;
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
pub mod lines;
|
pub mod lines;
|
||||||
|
|
||||||
|
#[allow(unused)]
|
||||||
pub struct Quote;
|
pub struct Quote;
|
||||||
|
|||||||
@@ -1 +1,2 @@
|
|||||||
|
#[allow(unused)]
|
||||||
pub struct Tag;
|
pub struct Tag;
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ use crate::{
|
|||||||
ISE_MSG,
|
ISE_MSG,
|
||||||
database::{self},
|
database::{self},
|
||||||
users::{
|
users::{
|
||||||
auth::{AuthError, UserPasswordHashing},
|
auth::UserPasswordHashing,
|
||||||
handle::{UserHandle, UserHandleError},
|
handle::{UserHandle, UserHandleError},
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
@@ -122,6 +122,7 @@ impl User {
|
|||||||
/// to do everything and probably should not be used as a regular account
|
/// to do everything and probably should not be used as a regular account
|
||||||
/// due to the ramifications of compromise. But it could be used for that,
|
/// due to the ramifications of compromise. But it could be used for that,
|
||||||
/// and have its name changed.
|
/// and have its name changed.
|
||||||
|
#[allow(unused)]
|
||||||
pub fn is_infradmin(&self) -> bool {
|
pub fn is_infradmin(&self) -> bool {
|
||||||
self.id == Uuid::max()
|
self.id == Uuid::max()
|
||||||
}
|
}
|
||||||
@@ -167,6 +168,7 @@ impl User {
|
|||||||
/// for actions performed by Mnemosyne internally.
|
/// for actions performed by Mnemosyne internally.
|
||||||
/// It shall not be available for log-in.
|
/// It shall not be available for log-in.
|
||||||
/// It should not have its name changed, and should be protected from that.
|
/// It should not have its name changed, and should be protected from that.
|
||||||
|
#[allow(unused)]
|
||||||
pub fn is_systemuser(&self) -> bool {
|
pub fn is_systemuser(&self) -> bool {
|
||||||
self.id == Uuid::nil()
|
self.id == Uuid::nil()
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -104,6 +104,7 @@ impl Session {
|
|||||||
None => Err(SessionError::NoSessionWithToken(token.to_string())),
|
None => Err(SessionError::NoSessionWithToken(token.to_string())),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#[allow(unused)]
|
||||||
pub fn new_for_user(user: &User) -> Result<(Session, String), SessionError> {
|
pub fn new_for_user(user: &User) -> Result<(Session, String), SessionError> {
|
||||||
let id = Uuid::now_v7();
|
let id = Uuid::now_v7();
|
||||||
let token = auth::generate_token(auth::TokenSize::Char64);
|
let token = auth::generate_token(auth::TokenSize::Char64);
|
||||||
@@ -139,6 +140,7 @@ impl Session {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[allow(unused)]
|
||||||
pub fn revoke(&mut self, actor: Option<&User>) -> Result<(), SessionError> {
|
pub fn revoke(&mut self, actor: Option<&User>) -> Result<(), SessionError> {
|
||||||
let now = Utc::now();
|
let now = Utc::now();
|
||||||
let id = actor.map(|u| u.id).unwrap_or(Uuid::nil());
|
let id = actor.map(|u| u.id).unwrap_or(Uuid::nil());
|
||||||
@@ -154,6 +156,7 @@ impl Session {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[allow(unused)]
|
||||||
pub fn issued(&self) -> DateTime<Utc> {
|
pub fn issued(&self) -> DateTime<Utc> {
|
||||||
// unwrapping here since we use UUIDv7
|
// unwrapping here since we use UUIDv7
|
||||||
// and since we assume we're not in 10k CE
|
// and since we assume we're not in 10k CE
|
||||||
|
|||||||
Reference in New Issue
Block a user