Browse Source

Create basic user auth.

Lee Morgan 1 năm trước cách đây
mục cha
commit
5bae0beb06
8 tập tin đã thay đổi với 51 bổ sung5 xóa
  1. 6 2
      src/app_error.rs
  2. 14 0
      src/auth.rs
  3. 12 2
      src/controllers/account.rs
  4. 7 0
      src/dto/account.rs
  5. 1 0
      src/dto/mod.rs
  6. 1 0
      src/main.rs
  7. 1 1
      src/models/account.rs
  8. 9 0
      src/models/user.rs

+ 6 - 2
src/app_error.rs

@@ -22,7 +22,10 @@ pub enum AppError {
     InvalidInput(String),
 
     #[error("{0}")]
-    InternalError(String)
+    InternalError(String),
+
+    #[error("Unauthorized")]
+    Auth
 }
 
 impl ResponseError for AppError {
@@ -30,7 +33,8 @@ impl ResponseError for AppError {
         match self {
             AppError::Database(_) => StatusCode::INTERNAL_SERVER_ERROR,
             AppError::InvalidInput(_) => StatusCode::BAD_REQUEST,
-            AppError::InternalError(_) => StatusCode::INTERNAL_SERVER_ERROR
+            AppError::InternalError(_) => StatusCode::INTERNAL_SERVER_ERROR,
+            AppError::Auth => StatusCode::UNAUTHORIZED
         }
     }
 

+ 14 - 0
src/auth.rs

@@ -0,0 +1,14 @@
+use mongodb::Database;
+use actix_web::{HttpRequest, cookie::Cookie};
+
+use crate::models::user::User;
+use crate::app_error::AppError;
+
+pub async fn user_auth(
+    db: &Database,
+    req: &HttpRequest
+) -> Result<Cookie, AppError> {
+    let user_id = req.cookie("user")?.into_owned().value();
+    let user_collection = db.collection::<User>("users");
+    User::find_by_id(&user_collection, user_id).await?
+}

+ 12 - 2
src/controllers/account.rs

@@ -1,8 +1,18 @@
-use actix_web::{post, web, HttpResponse};
+use actix_web::{post, web, HttpResponse, HttpRequest};
+use mongodb::Database;
+
+use crate::models::account::{Account};
+use crate::auth::user_auth;
+use crate::app_error::AppError;
+use crate::dto::account;
 
 #[post("/api/account")]
 pub async fn create_route(
     db: web::Data<Database>,
-    payload: web::Json<NewUserInput>
+    req: HttpRequest,
+    body: web::Json<account::CreateInput>
 ) -> Result<HttpResponse, AppError> {
+    let user = user_auth(&db, &req).await?;
+    let account_collection = db.collection::<Account>("accounts");
+    Ok(HttpResponse::Ok().body("Ok"))
 }

+ 7 - 0
src/dto/account.rs

@@ -0,0 +1,7 @@
+use serde::Deserialize;
+
+#[derive(Deserialize)]
+pub struct CreateInput {
+    pub user: String,
+    pub data: String,
+}

+ 1 - 0
src/dto/mod.rs

@@ -1 +1,2 @@
 pub mod user;
+pub mod account;

+ 1 - 0
src/main.rs

@@ -7,6 +7,7 @@ mod models;
 mod controllers;
 mod dto;
 mod app_error;
+mod auth;
 
 pub static HTML: OnceLock<String> = OnceLock::new();
 

+ 1 - 1
src/models/account.rs

@@ -7,5 +7,5 @@ pub struct Account {
     pub _id: Option<ObjectId>,
     pub user: ObjectId,
     pub data: String,
-    pub created_date: bson::DateTime
+    pub created_date: DateTime
 }

+ 9 - 0
src/models/user.rs

@@ -41,4 +41,13 @@ impl User {
             Err(e) => Err(AppError::Database(e.into()))
         }
     }
+
+    pub async fn find_by_id(collection: &Collection<User>, user_id: String) -> Result<User, AppError> {
+        let object_id = ObjectId::parse_str(id_str)?;
+        match collection.find_one(doc!{"_id", object_id}) {
+            Ok(Some(u)) => Ok(u),
+            Ok(None) => Err(AppError::auth),
+            Err(e) => Err(AppError::Database(e.into()))
+        }
+    }
 }