new route to create users
still requires some kind of auth however
This commit is contained in:
shockrah
parent
2fe1bb878e
commit
54f5b1bbe1
@ -6,7 +6,18 @@ use chrono::{Duration, Utc};
|
|||||||
use crate::DBConn;
|
use crate::DBConn;
|
||||||
use crate::models::Invite;
|
use crate::models::Invite;
|
||||||
use crate::schema;
|
use crate::schema;
|
||||||
|
use crate::payload::NewUserInfo;
|
||||||
|
use crate::rand_utils::{newUserID, newKeyHash};
|
||||||
|
|
||||||
|
macro_rules! blankNewUser {
|
||||||
|
() => {
|
||||||
|
NewUserInfo {
|
||||||
|
userid: 0,
|
||||||
|
key_hash: None,
|
||||||
|
valid: false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
TODO: both the generation and usage endpoints for invites need the following
|
TODO: both the generation and usage endpoints for invites need the following
|
||||||
* meaningful responses
|
* meaningful responses
|
||||||
@ -27,10 +38,10 @@ pub fn generate_invite(conn: DBConn) -> Json<Invite> {
|
|||||||
.execute(&conn.0);
|
.execute(&conn.0);
|
||||||
|
|
||||||
match result {
|
match result {
|
||||||
Ok(val) => {
|
Ok(_val) => {
|
||||||
Json(new_invite)
|
Json(new_invite)
|
||||||
}
|
}
|
||||||
Err(e) => {
|
Err(_e) => {
|
||||||
new_invite.id = 0;
|
new_invite.id = 0;
|
||||||
new_invite.uses = Some(0);
|
new_invite.uses = Some(0);
|
||||||
new_invite.expires = 0;
|
new_invite.expires = 0;
|
||||||
@ -40,30 +51,42 @@ pub fn generate_invite(conn: DBConn) -> Json<Invite> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[get("/<hash>")]
|
#[get("/<hash>")]
|
||||||
pub fn use_invite(hash: u64, conn: DBConn) -> Result<String, String> {
|
pub fn use_invite(hash: u64, conn: DBConn) -> Json<NewUserInfo> {
|
||||||
|
// Grab the token from our table to make sure it's even there to begin with
|
||||||
|
use schema::invites::dsl::*;
|
||||||
use rand::{thread_rng, Rng};
|
use rand::{thread_rng, Rng};
|
||||||
use rand::distributions::Alphanumeric;
|
use rand::distributions::Alphanumeric;
|
||||||
|
|
||||||
// NOTE: collection of 1 item from the table could be done cleaner
|
// NOTE: collection of 1 item from the table could be done cleaner
|
||||||
use schema::invites::dsl::*;
|
let data = invites.select((id, expires, uses))
|
||||||
let data: Vec<Invite> = invites.select((id, expires, uses))
|
|
||||||
.filter(id.eq(hash))
|
.filter(id.eq(hash))
|
||||||
.load(&conn.0)
|
.first::<Invite>(&conn.0)
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
if data.is_empty() {
|
let _data: Result<Invite, diesel::result::Error> = invites.filter(id.eq(hash)).first(&conn.0);
|
||||||
Err("invite does not exist".into())
|
// We're going to need more secure random numbers but for now this will do
|
||||||
|
match data {
|
||||||
|
Ok(d) => {
|
||||||
|
if d.id == hash {
|
||||||
|
// create the new user
|
||||||
|
let new = NewUserInfo {
|
||||||
|
userid: newUserID(),
|
||||||
|
key_hash: newKeyHash(),
|
||||||
|
valid: true
|
||||||
|
};
|
||||||
|
// save the user info and finally return it back to the caller
|
||||||
|
diesel::insert_into(users)
|
||||||
|
.values(&new)
|
||||||
|
.execute(&conn.0);
|
||||||
|
Json(new)
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
let invite_id = data[0].id;
|
Json(blankNewUser!())
|
||||||
// generating the field data we need for the random token
|
}
|
||||||
let nu_token: String = thread_rng()
|
}
|
||||||
.sample_iter(&Alphanumeric)
|
Err(_e) => {
|
||||||
.take(30)
|
Json(blankNewUser!())
|
||||||
.collect();
|
}
|
||||||
|
|
||||||
let row = diesel::delete(invites.filter(id.eq(hash))).execute(&conn.0);
|
|
||||||
Ok(format!("Invite used successfully {:?} random fields[{}]", row, nu_token))
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -8,6 +8,7 @@ extern crate chrono;
|
|||||||
extern crate dotenv;
|
extern crate dotenv;
|
||||||
extern crate serde;
|
extern crate serde;
|
||||||
extern crate rand;
|
extern crate rand;
|
||||||
|
extern crate getrandom;
|
||||||
|
|
||||||
|
|
||||||
use rocket_contrib::serve::StaticFiles;
|
use rocket_contrib::serve::StaticFiles;
|
||||||
|
|||||||
@ -6,10 +6,8 @@
|
|||||||
// the server without having to go through a sign in process everytime
|
// the server without having to go through a sign in process everytime
|
||||||
|
|
||||||
#[derive(Serialize)]
|
#[derive(Serialize)]
|
||||||
pub struct NewUserResponse {
|
pub struct NewUserInfo {
|
||||||
// passkey-value
|
pub userid: u64, // userid which later will be discoverable via the
|
||||||
// userid-value
|
pub key_hash: Option<String>,
|
||||||
pub userid: u64,
|
pub valid: bool
|
||||||
pub username: String,
|
|
||||||
pub email: String,
|
|
||||||
}
|
}
|
||||||
27
server/src/rand_utils.rs
Normal file
27
server/src/rand_utils.rs
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
// This modules mainly deals with creating various types of random data
|
||||||
|
|
||||||
|
pub fn newUserID() -> u64 {
|
||||||
|
let mut buf = [0u8; 8];
|
||||||
|
match getrandom::getrandom(&mut buf) { // honestly if this fails idk wtf you want
|
||||||
|
Ok(_val) => {u64::from_ne_bytes(buf)}
|
||||||
|
Err(_e) => {0} // if this really happens we're fucked anyway
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn newKey() -> String {
|
||||||
|
let mut buf = [0u8; 32];
|
||||||
|
getrandom::getrandom(&mut buf)?;
|
||||||
|
let mut string = String::new();
|
||||||
|
for i in buf.iter() {
|
||||||
|
// if the value isn't in the proper range then we place it in the proper range
|
||||||
|
// [33-126]
|
||||||
|
if i < 33 {
|
||||||
|
i += 33;
|
||||||
|
}
|
||||||
|
else if i > 126 {
|
||||||
|
i %= 126;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
string
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user