diff --git a/server/src/auth.rs b/server/src/auth.rs index f02eb07..7739094 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -1,14 +1,21 @@ // Handlers for the base auth routes -use crate::users{self, Member}; -use crate::rand_utils::new_key; +use crate::{ + DBConn, schema, + models::{ + Invite, + User + } +}; use rocket::http::Status; +use rocket::response::{self, Responder, Response}; +use rocket::request::{Form, Request}; +use rocket_contrib::json::Json; +use diesel::{self, prelude::*}; use std::{error, fmt}; -use diesel; - #[derive(FromForm)] -struct JoinParams { +pub struct JoinParams { code: u64, name: String, } @@ -21,7 +28,7 @@ pub struct AuthKey { pub type AuthResult = std::result::Result; -#[derive(Clone)] +#[derive(Debug, Clone)] pub struct AuthErr { msg: &'static str, status: u16, @@ -48,73 +55,78 @@ impl<'r> Responder<'r> for AuthErr { } } -/* -#[post("/login")] -pub fn login() { -} -*/ - -#[post("/join", data="")] -pub fn join(conn: DBConn, params: JoinParams) -> AuthResult, AuthErr>{ +pub fn join(conn: DBConn, params: Form, hashcode: u64) -> AuthResult, AuthErr>{ /* * Requires -> body * Requires -> body * Struct JoinParams enforces this for us so if something is missing then rocket should 404 */ + use schema::invites::{self, dsl::*}; + const expired: &'static str = "Invite expired"; const negate: &'static str = "Malformed request"; + let diesel_result: Result = invites - .filter(id.eq(code)) + .filter(invites::dsl::id.eq(params.code)) .first(&conn.0); if let Ok(data) = diesel_result { match data.uses { - 1 ... std::i32::MAX => { - let new_user = users::new_member(conn): + 1 ..= std::i32::MAX => { + let new_user = crate::users::create_new_user(conn, params.name); // update the uses counter - diesel::update(users.filter(userid.eq(user.userid))) + let _ignored = diesel::update(invites.filter(invites::dsl::id.eq(hashcode))) .set(uses.eq(data.uses - 1)) - .execute(&conn.0) + .execute(&conn.0); - AuthResult(Json(new_user)) + Ok(Json(new_user)) } // The invite has been used up and thus should be removed - std::i32::MIN ... 0 => { - let _ = diesel::delete(invites.filter(id.eq(data.id))) + std::i32::MIN ..= 0 => { + let _ = diesel::delete(invites.filter(invites::dsl::id.eq(data.id))) .execute(&conn.0) .expect("Could not delete invite"); - AuthResult(AuthErr{msg: expired}) + Err(AuthErr{msg: expired, status: 404}) } } } else { - AuthResult(AuthErr{msg:negate}) + Err(AuthErr{msg:negate, status: 500}) } } #[post("/leave", data = "")] -pub fn leave(conn: DBConn, api_key: AuthKey) -> Status { +pub fn leave(conn: DBConn, api_key: Form) -> Status { /* * Basic removal of the user from our users table */ - diesel::delete(users.filter(id.eq(api_key.id), )) - let db_result = diesel::delete(users) + use crate::schema::users::dsl::*; + use crate::diesel::ExpressionMethods; + let db_result = diesel::delete(users .filter(id.eq(api_key.id)) - .filter(secret.eq(api_key.secret)) - .execute(&conn.0); - if let result = Ok(db_result) { - Status::Accepted - } - else { - Status::BadRequst - } -} -/* - -#[pust("/close")] -pub fn close() { + .filter(secret.eq(api_key.secret))) + .execute(&conn.0).unwrap(); + + + Status::Accepted } -*/ \ No newline at end of file +#[cfg(test)] +mod auth_tests { + use super::*; + use rocket; + use diesel::mysql::MysqlConnection; + + fn feed_n_leave() { + // Create an invite in our db manually + // Use that invite to join + // Then leave using our neato /auth/leave route + let app = rocket::ignite() + .mount("/auth", routes![crate::invites::use_invite, leave]) + .attach(super::DBConn::fairing()); + + let conn = MysqlConnection::establish("mysql://freechat_dev:password@localhost:3306/freechat"); + } +} \ No newline at end of file