diff options
Diffstat (limited to 'backend/src/routes')
-rw-r--r-- | backend/src/routes/bots.rs | 87 | ||||
-rw-r--r-- | backend/src/routes/users.rs | 118 |
2 files changed, 80 insertions, 125 deletions
diff --git a/backend/src/routes/bots.rs b/backend/src/routes/bots.rs index 413c145..da09669 100644 --- a/backend/src/routes/bots.rs +++ b/backend/src/routes/bots.rs @@ -1,16 +1,14 @@ +use axum::extract::{Path, RawBody}; +use axum::http::StatusCode; +use axum::Json; use rand::Rng; -use rocket::data::ToByteUnit; -use rocket::fs::TempFile; -use rocket::Data; -use rocket::{response::status, serde::json::Json}; use serde::{Deserialize, Serialize}; use std::io::Cursor; -use std::path::Path; - -use crate::DbConn; +use std::path; use crate::db::bots::{self, CodeBundle}; use crate::db::users::User; +use crate::DatabaseConnection; use bots::Bot; #[derive(Serialize, Deserialize, Debug)] @@ -18,52 +16,36 @@ pub struct BotParams { name: String, } -// TODO: handle errors -#[post("/bots", data = "<params>")] pub async fn create_bot( - db_conn: DbConn, + conn: DatabaseConnection, user: User, params: Json<BotParams>, -) -> status::Created<Json<Bot>> { - db_conn - .run(move |conn| { - let bot_params = bots::NewBot { - owner_id: user.id, - name: ¶ms.name, - }; - let bot = bots::create_bot(&bot_params, conn).unwrap(); - let bot_url = uri!(get_bot(bot.id)).to_string(); - status::Created::new(bot_url).body(Json(bot)) - }) - .await +) -> (StatusCode, Json<Bot>) { + let bot_params = bots::NewBot { + owner_id: user.id, + name: ¶ms.name, + }; + let bot = bots::create_bot(&bot_params, &conn).unwrap(); + (StatusCode::CREATED, Json(bot)) } // TODO: handle errors -#[get("/bots/<bot_id>")] -pub async fn get_bot(db_conn: DbConn, bot_id: i32) -> Json<Bot> { - db_conn - .run(move |conn| { - let bot = bots::find_bot(bot_id, conn).unwrap(); - Json(bot) - }) - .await +pub async fn get_bot(conn: DatabaseConnection, Path(bot_id): Path<i32>) -> Json<Bot> { + let bot = bots::find_bot(bot_id, &conn).unwrap(); + Json(bot) } // TODO: proper error handling -#[post("/bots/<bot_id>/upload", data = "<data>")] pub async fn upload_bot_code( - db_conn: DbConn, + conn: DatabaseConnection, user: User, - bot_id: i32, - data: Data<'_>, -) -> status::Created<Json<CodeBundle>> { + Path(bot_id): Path<i32>, + RawBody(body): RawBody, +) -> (StatusCode, Json<CodeBundle>) { // TODO: put in config somewhere let data_path = "./data/bots"; - let bot = db_conn - .run(move |conn| bots::find_bot(bot_id, conn)) - .await - .expect("Bot not found"); + let bot = bots::find_bot(bot_id, &conn).expect("Bot not found"); assert_eq!(user.id, bot.owner_id); @@ -71,26 +53,23 @@ pub async fn upload_bot_code( let token: [u8; 16] = rand::thread_rng().gen(); let name = base64::encode(&token); - let path = Path::new(data_path).join(name); - let capped_buf = data.open(10usize.megabytes()).into_bytes().await.unwrap(); - assert!(capped_buf.is_complete()); - let buf = capped_buf.into_inner(); + let path = path::Path::new(data_path).join(name); + // let capped_buf = data.open(10usize.megabytes()).into_bytes().await.unwrap(); + // assert!(capped_buf.is_complete()); + // let buf = capped_buf.into_inner(); + let buf = hyper::body::to_bytes(body).await.unwrap(); zip::ZipArchive::new(Cursor::new(buf)) .unwrap() .extract(&path) .unwrap(); - let code_bundle = db_conn - .run(move |conn| { - let bundle = bots::NewCodeBundle { - bot_id: bot.id, - path: path.to_str().unwrap(), - }; - bots::create_code_bundle(&bundle, conn).expect("Failed to create code bundle") - }) - .await; + let bundle = bots::NewCodeBundle { + bot_id: bot.id, + path: path.to_str().unwrap(), + }; + let code_bundle = + bots::create_code_bundle(&bundle, &conn).expect("Failed to create code bundle"); - // TODO: proper location - status::Created::new("").body(Json(code_bundle)) + (StatusCode::CREATED, Json(code_bundle)) } diff --git a/backend/src/routes/users.rs b/backend/src/routes/users.rs index 45a94b9..fc77d7b 100644 --- a/backend/src/routes/users.rs +++ b/backend/src/routes/users.rs @@ -1,48 +1,32 @@ +use crate::db::users::{Credentials, User}; use crate::db::{sessions, users}; -use crate::{ - db::users::{Credentials, User}, - DbConn, -}; -use rocket::serde::json::Json; +use crate::DatabaseConnection; +use axum::extract::{FromRequest, RequestParts, TypedHeader}; +use axum::headers::authorization::Bearer; +use axum::headers::Authorization; +use axum::http::StatusCode; +use axum::{async_trait, Json}; use serde::{Deserialize, Serialize}; -use rocket::http::Status; -use rocket::request::{FromRequest, Outcome, Request}; -use rocket::response::status; +type AuthorizationHeader = TypedHeader<Authorization<Bearer>>; -#[derive(Debug)] -pub enum AuthTokenError { - BadCount, - Missing, - Invalid, -} - -// TODO: error handling and proper lifetimes -#[rocket::async_trait] -impl<'r> FromRequest<'r> for User { - type Error = AuthTokenError; +#[async_trait] +impl<B> FromRequest<B> for User +where + B: Send, +{ + type Rejection = (StatusCode, String); - async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> { - let keys: Vec<_> = request.headers().get("Authorization").collect(); - let auth_header = match keys.len() { - 0 => return Outcome::Failure((Status::BadRequest, AuthTokenError::Missing)), - 1 => keys[0], - _ => return Outcome::Failure((Status::BadRequest, AuthTokenError::BadCount)), - }; + async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> { + let conn = DatabaseConnection::from_request(req).await?; + let TypedHeader(Authorization(bearer)) = AuthorizationHeader::from_request(req) + .await + .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - let token = match auth_header.strip_prefix("Bearer ") { - Some(token) => token.to_string(), - None => return Outcome::Failure((Status::BadRequest, AuthTokenError::Invalid)), - }; + let (_session, user) = sessions::find_user_by_session(bearer.token(), &conn) + .map_err(|_| (StatusCode::UNAUTHORIZED, "".to_string()))?; - let db = request.guard::<DbConn>().await.unwrap(); - let res = db - .run(move |conn| sessions::find_user_by_session(&token, conn)) - .await; - match res { - Ok((_session, user)) => Outcome::Success(user), - Err(_) => Outcome::Failure((Status::Unauthorized, AuthTokenError::Invalid)), - } + Ok(user) } } @@ -67,18 +51,16 @@ pub struct RegistrationParams { pub password: String, } -#[post("/register", data = "<params>")] -pub async fn register(db_conn: DbConn, params: Json<RegistrationParams>) -> Json<UserData> { - db_conn - .run(move |conn| { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - let user = users::create_user(&credentials, conn).unwrap(); - Json(user.into()) - }) - .await +pub async fn register( + conn: DatabaseConnection, + params: Json<RegistrationParams>, +) -> Json<UserData> { + let credentials = Credentials { + username: ¶ms.username, + password: ¶ms.password, + }; + let user = users::create_user(&credentials, &conn).unwrap(); + Json(user.into()) } #[derive(Deserialize)] @@ -87,32 +69,26 @@ pub struct LoginParams { pub password: String, } -#[post("/login", data = "<params>")] pub async fn login( - db_conn: DbConn, + conn: DatabaseConnection, params: Json<LoginParams>, -) -> Result<String, status::Forbidden<&'static str>> { - db_conn - .run(move |conn| { - let credentials = Credentials { - username: ¶ms.username, - password: ¶ms.password, - }; - // TODO: handle failures - let authenticated = users::authenticate_user(&credentials, conn); +) -> Result<String, StatusCode> { + let credentials = Credentials { + username: ¶ms.username, + password: ¶ms.password, + }; + // TODO: handle failures + let authenticated = users::authenticate_user(&credentials, &conn); - match authenticated { - None => Err(status::Forbidden(Some("invalid auth"))), - Some(user) => { - let session = sessions::create_session(&user, conn); - Ok(session.token) - } - } - }) - .await + match authenticated { + None => Err(StatusCode::FORBIDDEN), + Some(user) => { + let session = sessions::create_session(&user, &conn); + Ok(session.token) + } + } } -#[get("/users/me")] pub async fn current_user(user: User) -> Json<UserData> { Json(user.into()) } |