diff options
| author | Joel Klinghed <the_jk@spawned.biz> | 2024-12-30 22:54:26 +0100 |
|---|---|---|
| committer | Joel Klinghed <the_jk@spawned.biz> | 2024-12-30 22:54:26 +0100 |
| commit | 48e199eff5fca8f5e4aa71a4091d3ae7acc82b9b (patch) | |
| tree | 7658a4b55b10293ead1f69e628e9c2731ce6b9f8 /server/src/auth.rs | |
| parent | 74538f6e3050e67bd06916a111d55933108036d2 (diff) | |
Add methods for modifying projects
While doing that I realized I had forgotten to declare maintainers
for projects. Also added default roles and changed so that review_users
only contains overrides, so that changes to the project users is
instantly applied to all reviews (unless there is an override).
Diffstat (limited to 'server/src/auth.rs')
| -rw-r--r-- | server/src/auth.rs | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/server/src/auth.rs b/server/src/auth.rs index c827126..f1b8f70 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -1,5 +1,6 @@ use core::net::IpAddr; -use rocket::fairing::AdHoc; +use futures::future::TryFutureExt; +use rocket::fairing::{self, AdHoc}; use rocket::form::Form; use rocket::http::{Cookie, CookieJar, Status}; use rocket::outcome::{try_outcome, IntoOutcome}; @@ -7,7 +8,8 @@ use rocket::request::{FromRequest, Outcome, Request}; use rocket::response::status::Unauthorized; use rocket::serde::json::{self, Json}; use rocket::serde::{Deserialize, Serialize}; -use rocket::State; +use rocket::{Build, Rocket, State}; +use rocket_db_pools::{sqlx, Connection, Database}; use std::collections::BTreeMap; use std::sync::Mutex; use std::time::Instant; @@ -16,6 +18,7 @@ use utoipa::openapi::security::{ApiKey, ApiKeyValue, SecurityScheme}; use utoipa::{Modify, OpenApi, ToSchema}; use crate::api_model; +use crate::Db; #[derive(OpenApi)] #[openapi( @@ -164,16 +167,24 @@ fn new_session( ), )] #[post("/login", data = "<login>")] -fn login( +async fn login( auth_config: &State<AuthConfig>, sessions: &State<Sessions>, ipaddr: IpAddr, cookies: &CookieJar<'_>, + mut db: Connection<Db>, login: Form<Login<'_>>, ) -> Result<Json<api_model::StatusResponse>, Unauthorized<&'static str>> { if login.username == "user" && login.password == "password" { + let user_id = sqlx::query!("SELECT id FROM users WHERE username=?", login.username) + .fetch_one(&mut **db) + .map_ok(|r| r.id) + .map_err(|_| Unauthorized("Unknown username or password")) + .await + .unwrap(); + let max_age = Duration::days(i64::from(auth_config.session_max_age_days)); - let session = new_session(sessions, 1u64, ipaddr.to_string(), max_age); + let session = new_session(sessions, user_id, ipaddr.to_string(), max_age); let cookie = Cookie::build((SESSION_COOKIE, json::to_string(&session).unwrap())) .path("/api") @@ -237,6 +248,19 @@ fn unauthorized() -> Json<api_model::StatusResponse> { Json(STATUS_UNAUTHORIZED) } +async fn run_import(rocket: Rocket<Build>) -> fairing::Result { + match Db::fetch(&rocket) { + Some(db) => match sqlx::query!("INSERT IGNORE INTO users (username) VALUES (?)", "user") + .execute(&**db) + .await + { + Ok(_) => Ok(rocket), + Err(_) => Err(rocket), + }, + None => Err(rocket), + } +} + pub fn stage(basepath: &str) -> AdHoc { let l_basepath = basepath.to_string(); AdHoc::on_ignite("Auth Stage", |rocket| async { @@ -248,6 +272,7 @@ pub fn stage(basepath: &str) -> AdHoc { }), }) .attach(AdHoc::config::<AuthConfig>()) + .attach(AdHoc::try_on_ignite("Auth Import", run_import)) .mount(l_basepath.clone(), routes![login, logout, status]) .register(l_basepath, catchers![unauthorized]) }) |