feat: add user lookup to api

lets you use an access token and a uuid to look up users on the instance
2025-05-01 07:06:58 +02:00 · 2025-05-01 07:06:58 +02:00 · 0b25e3fb87
commit 0b25e3fb87
parent 83872ed7a6
2 changed files with 68 additions and 0 deletions
--- a/src/api/v1/mod.rs
+++ b/src/api/v1/mod.rs
@ -2,9 +2,11 @@ use actix_web::{Scope, web};
 mod stats;
 mod auth;
 mod user;
 pub fn web() -> Scope {
    web::scope("/v1")
        .service(stats::res)
        .service(auth::web())
        .service(user::res)
 }
--- a/src/api/v1/user.rs
+++ b/src/api/v1/user.rs
@ -0,0 +1,66 @@
 use actix_web::{error, post, web, Error, HttpResponse};
 use serde::{Deserialize, Serialize};
 use futures::StreamExt;
 use crate::{api::v1::auth::check_access_token, Data};
 #[derive(Deserialize)]
 struct AuthenticationRequest {
    access_token: String,
 }
 #[derive(Serialize)]
 struct Response {
    uuid: String,
    username: String,
    display_name: String,
 }
 const MAX_SIZE: usize = 262_144;
 #[post("/user/{uuid}")]
 pub async fn res(mut payload: web::Payload, path: web::Path<(String,)>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
    let mut body = web::BytesMut::new();
    while let Some(chunk) = payload.next().await {
        let chunk = chunk?;
        // limit max size of in-memory payload
        if (body.len() + chunk.len()) > MAX_SIZE {
            return Err(error::ErrorBadRequest("overflow"));
        }
        body.extend_from_slice(&chunk);
    }
    let request = path.into_inner().0;
    let authentication_request = serde_json::from_slice::<AuthenticationRequest>(&body)?;
    let authorized = check_access_token(authentication_request.access_token, data.pool.clone()).await;
    if authorized.is_err() {
        return Ok(authorized.unwrap_err())
    }
    let uuid = authorized.unwrap();
    if request == "me" {
        let row = sqlx::query_as(&format!("SELECT username, display_name FROM users WHERE uuid = '{}'", uuid))
            .fetch_one(&data.pool)
            .await
            .unwrap();
        let (username, display_name): (String, Option<String>) = row;
        return Ok(HttpResponse::Ok().json(Response { uuid: uuid.to_string(), username, display_name: display_name.unwrap_or_default() }))
    } else {
        println!("{}", request);
        if let Ok(row) = sqlx::query_as(&format!("SELECT CAST(uuid as VARCHAR), username, display_name FROM users WHERE uuid = '{}'", request))
            .fetch_one(&data.pool)
            .await {
            let (uuid, username, display_name): (String, String, Option<String>) = row;
            return Ok(HttpResponse::Ok().json(Response { uuid, username, display_name: display_name.unwrap_or_default() }))
        }
        Ok(HttpResponse::NotFound().finish())
    }
 }