mirror/mCaptcha
1
0
Fork 1
mirror of https://github.com/mCaptcha/mCaptcha.git synced 2026-02-11 18:15:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

auth and migration util

Browse Source
This commit is contained in:
realaravinth
2021-03-10 20:43:25 +05:30
parent e500a84c09
commit 328fe5ed3a
20 changed files with 3618 additions and 303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

248
src/routes.rs
View File

@@ -1,248 +0,0 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_identity::Identity;
use actix_web::{
get, post,
web::{self, Path as WebPath, ServiceConfig},
HttpResponse, Responder,
};
use log::debug;
use serde::{Deserialize, Serialize};
use crate::errors::*;
use crate::Data;
#[derive(Clone, Debug, Deserialize, Serialize)]
struct SomeData {
pub a: String,
}
#[derive(Clone, Debug, Deserialize, Serialize)]
struct Creds {
pub username: String,
pub password: String,
}
#[post("/api/signup")]
async fn signup(payload: web::Json<Creds>, data: web::Data<Data>) -> ServiceResult<impl Responder> {
let username = data.creds.username(&payload.username)?;
let hash = data.creds.password(&payload.password)?;
sqlx::query!(
"INSERT INTO users (name , password) VALUES ($1, $2)",
username,
hash
)
.execute(&data.db)
.await?;
Ok(HttpResponse::Ok())
}
struct Password {
password: String,
}
#[post("/api/signin")]
async fn signin(
id: Identity,
payload: web::Json<Creds>,
data: web::Data<Data>,
) -> ServiceResult<impl Responder> {
use argon2_creds::Config;
let rec = sqlx::query_as!(
Password,
"SELECT password FROM users WHERE name = ($1)",
&payload.username
)
.fetch_one(&data.db)
.await?;
if Config::verify(&rec.password, &payload.password)? {
debug!("remembered {}", payload.username);
id.remember(payload.into_inner().username);
return Ok(HttpResponse::Ok());
} else {
return Err(ServiceError::InvalidCredentials);
}
}
#[get("/api/signout")]
async fn signout(id: Identity) -> impl Responder {
if let Some(_) = id.identity() {
id.forget();
}
HttpResponse::Ok()
}
#[get("/questions/{id}")]
async fn get_question(
//session: Session,
id: Identity,
path: WebPath<(u32,)>,
) -> ServiceResult<impl Responder> {
is_authenticated(&id)?;
Ok(HttpResponse::Ok().body(format!("User detail: {}", path.into_inner().0)))
}
struct LevelScore {
level: i32,
points: i32,
}
#[derive(Clone, Debug, Deserialize, Serialize)]
struct Answer {
answer: String,
}
#[derive(Clone, Debug, Deserialize, Serialize)]
struct AnswerDatabaseFetch {
answer: String,
points: i32,
}
#[derive(Clone, Debug, Deserialize, Serialize)]
struct AnswerVerifyResp {
correct: bool,
points: i32,
}
#[post("/api/answer/verify/{id}")]
async fn verify_answer(
//session: Session,
payload: web::Json<Answer>,
data: web::Data<Data>,
id: Identity,
path: WebPath<(u32,)>,
) -> ServiceResult<impl Responder> {
is_authenticated(&id)?;
let name = id.identity().unwrap();
let rec = sqlx::query_as!(
LevelScore,
"SELECT level, points FROM users WHERE name = ($1)",
&name
)
.fetch_one(&data.db)
.await?;
let current = path.into_inner().0 as i32;
if rec.level == current {
// TODO
// check answer
let answer = sqlx::query_as!(
AnswerDatabaseFetch,
"SELECT answer, points FROM answers WHERE question_num = ($1)",
&current
)
.fetch_one(&data.db)
.await?;
let resp;
// TODO all answers lowercase?
if payload.answer.trim().to_lowercase() == answer.answer {
let points = rec.points + answer.points;
resp = AnswerVerifyResp {
correct: true,
points,
};
sqlx::query!(
"UPDATE users SET points = $1, level = $2 WHERE name = $3",
points,
rec.level + 1,
name
)
.execute(&data.db)
.await?;
} else {
resp = AnswerVerifyResp {
correct: false,
points: rec.points,
};
}
return Ok(HttpResponse::Ok().json(resp));
} else if rec.level > current {
return Err(ServiceError::AlreadyAnswered);
} else {
return Err(ServiceError::AuthorizationRequired);
}
}
#[get("/api/score")]
async fn score(
//session: Session,
// payload: web::Json<SomeData>,
data: web::Data<Data>,
id: Identity,
) -> ServiceResult<impl Responder> {
debug!("{:?}", id.identity());
is_authenticated(&id)?;
let recs = sqlx::query_as!(
Leader,
"SELECT name, points FROM users ORDER BY points DESC"
)
.fetch_all(&data.db)
.await?;
Ok(HttpResponse::Ok().json(recs))
}
#[derive(Clone, Debug, Deserialize, Serialize)]
struct Leader {
name: String,
points: i32,
}
#[get("/api/leaderboard")]
async fn leaderboard(
//session: Session,
// payload: web::Json<SomeData>,
data: web::Data<Data>,
id: Identity,
) -> ServiceResult<impl Responder> {
is_authenticated(&id)?;
let recs = sqlx::query_as!(
Leader,
"SELECT name, points FROM users ORDER BY points DESC"
)
.fetch_all(&data.db)
.await?;
debug!("{:?}", &recs);
Ok(HttpResponse::Ok().json(recs))
}
pub fn services(cfg: &mut ServiceConfig) {
cfg.service(get_question);
cfg.service(verify_answer);
cfg.service(score);
cfg.service(leaderboard);
cfg.service(signout);
cfg.service(signin);
cfg.service(signup);
}
fn is_authenticated(id: &Identity) -> ServiceResult<bool> {
debug!("{:?}", id.identity());
// access request identity
if let Some(_) = id.identity() {
Ok(true)
} else {
Err(ServiceError::AuthorizationRequired)
}
}