Skeleton code for login route handler
Helper functions to be written in next commits
This commit is contained in:
shockrah
parent
2b9635a2b1
commit
dcb9e9641e
@ -27,6 +27,10 @@ pub struct AuthKey {
|
|||||||
secret: String,
|
secret: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Serialize)]
|
||||||
|
pub struct SessionToken {
|
||||||
|
pub data: String
|
||||||
|
}
|
||||||
pub type AuthResult<T, AuthErr> = std::result::Result<T, AuthErr>;
|
pub type AuthResult<T, AuthErr> = std::result::Result<T, AuthErr>;
|
||||||
|
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone)]
|
||||||
@ -73,7 +77,7 @@ pub fn join(conn: DBConn, hashcode: u64, name: String) -> AuthResult<Json<User>,
|
|||||||
match data.uses {
|
match data.uses {
|
||||||
1 ..= std::i32::MAX => {
|
1 ..= std::i32::MAX => {
|
||||||
let new_user = crate::users::create_new_user(name);
|
let new_user = crate::users::create_new_user(name);
|
||||||
// update the uses counter
|
// At this point we don't really care about the return
|
||||||
let _ignore = diesel::update(invites.filter(invites::dsl::id.eq(hashcode)))
|
let _ignore = diesel::update(invites.filter(invites::dsl::id.eq(hashcode)))
|
||||||
.set(uses.eq(data.uses - 1))
|
.set(uses.eq(data.uses - 1))
|
||||||
.execute(&conn.0);
|
.execute(&conn.0);
|
||||||
@ -95,6 +99,44 @@ pub fn join(conn: DBConn, hashcode: u64, name: String) -> AuthResult<Json<User>,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn confirm_user_api_access(conn: &MysqlConnection, user_id: u64, user_secret: &str) -> bool {
|
||||||
|
use schema::users::{self, dsl::*};
|
||||||
|
let result = users
|
||||||
|
.filter(id.eq(user_id))
|
||||||
|
.filter(secret.eq(user_secret))
|
||||||
|
.first::<User>(conn);
|
||||||
|
|
||||||
|
match result {
|
||||||
|
Ok(_data) => true,
|
||||||
|
Err(_e) => false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn blind_remove_session(conn: &MysqlConnection, sesh_secret: &str) {
|
||||||
|
}
|
||||||
|
|
||||||
|
#[post("/login", data = "<api_key>")]
|
||||||
|
pub fn login(conn: DBConn, api_key: Form<AuthKey>) -> AuthResult<Json<SessionToken>, AuthErr>{
|
||||||
|
/*
|
||||||
|
* Session Tokens are used to key into a subset of online users
|
||||||
|
* This is what should make queries faster per instance as we'll have less data to sift through w/ diesel
|
||||||
|
*/
|
||||||
|
|
||||||
|
if confirm_user_api_access(&conn.0, api_key.id, &api_key.secret) {
|
||||||
|
// Dump any tokens from before and make a new one
|
||||||
|
blind_remove_session(&conn.0, &api_key.secret);
|
||||||
|
Ok(Json(SessionToken {
|
||||||
|
data: "skeleton code".to_string()
|
||||||
|
}))
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
Err(AuthErr {
|
||||||
|
msg: "Nothing found",
|
||||||
|
status: 400
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[post("/leave", data = "<api_key>")]
|
#[post("/leave", data = "<api_key>")]
|
||||||
pub fn leave(conn: DBConn, api_key: Form<AuthKey>) -> Status {
|
pub fn leave(conn: DBConn, api_key: Form<AuthKey>) -> Status {
|
||||||
/*
|
/*
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user