From 48e199eff5fca8f5e4aa71a4091d3ae7acc82b9b Mon Sep 17 00:00:00 2001 From: Joel Klinghed Date: Mon, 30 Dec 2024 22:54:26 +0100 Subject: Add methods for modifying projects While doing that I realized I had forgotten to declare maintainers for projects. Also added default roles and changed so that review_users only contains overrides, so that changes to the project users is instantly applied to all reviews (unless there is an override). --- server/src/auth.rs | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) (limited to 'server/src/auth.rs') diff --git a/server/src/auth.rs b/server/src/auth.rs index c827126..f1b8f70 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -1,5 +1,6 @@ use core::net::IpAddr; -use rocket::fairing::AdHoc; +use futures::future::TryFutureExt; +use rocket::fairing::{self, AdHoc}; use rocket::form::Form; use rocket::http::{Cookie, CookieJar, Status}; use rocket::outcome::{try_outcome, IntoOutcome}; @@ -7,7 +8,8 @@ use rocket::request::{FromRequest, Outcome, Request}; use rocket::response::status::Unauthorized; use rocket::serde::json::{self, Json}; use rocket::serde::{Deserialize, Serialize}; -use rocket::State; +use rocket::{Build, Rocket, State}; +use rocket_db_pools::{sqlx, Connection, Database}; use std::collections::BTreeMap; use std::sync::Mutex; use std::time::Instant; @@ -16,6 +18,7 @@ use utoipa::openapi::security::{ApiKey, ApiKeyValue, SecurityScheme}; use utoipa::{Modify, OpenApi, ToSchema}; use crate::api_model; +use crate::Db; #[derive(OpenApi)] #[openapi( @@ -164,16 +167,24 @@ fn new_session( ), )] #[post("/login", data = "")] -fn login( +async fn login( auth_config: &State, sessions: &State, ipaddr: IpAddr, cookies: &CookieJar<'_>, + mut db: Connection, login: Form>, ) -> Result, Unauthorized<&'static str>> { if login.username == "user" && login.password == "password" { + let user_id = sqlx::query!("SELECT id FROM users WHERE username=?", login.username) + .fetch_one(&mut **db) + .map_ok(|r| r.id) + .map_err(|_| Unauthorized("Unknown username or password")) + .await + .unwrap(); + let max_age = Duration::days(i64::from(auth_config.session_max_age_days)); - let session = new_session(sessions, 1u64, ipaddr.to_string(), max_age); + let session = new_session(sessions, user_id, ipaddr.to_string(), max_age); let cookie = Cookie::build((SESSION_COOKIE, json::to_string(&session).unwrap())) .path("/api") @@ -237,6 +248,19 @@ fn unauthorized() -> Json { Json(STATUS_UNAUTHORIZED) } +async fn run_import(rocket: Rocket) -> fairing::Result { + match Db::fetch(&rocket) { + Some(db) => match sqlx::query!("INSERT IGNORE INTO users (username) VALUES (?)", "user") + .execute(&**db) + .await + { + Ok(_) => Ok(rocket), + Err(_) => Err(rocket), + }, + None => Err(rocket), + } +} + pub fn stage(basepath: &str) -> AdHoc { let l_basepath = basepath.to_string(); AdHoc::on_ignite("Auth Stage", |rocket| async { @@ -248,6 +272,7 @@ pub fn stage(basepath: &str) -> AdHoc { }), }) .attach(AdHoc::config::()) + .attach(AdHoc::try_on_ignite("Auth Import", run_import)) .mount(l_basepath.clone(), routes![login, logout, status]) .register(l_basepath, catchers![unauthorized]) }) -- cgit v1.2.3-70-g09d2