gorb/backend
4
0
Fork 1
Code Issues 1 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

style: cargo clippy && cargo fmt
All checks were successful
ci/woodpecker/push/build-and-publish Pipeline was successful
Details
ci/woodpecker/push/publish-docs Pipeline was successful
Details

Browse source
This commit is contained in:
Radical 2025-05-30 21:17:30 +02:00
parent c9a3e8c6c4
commit d615f1392e
31 changed files with 288 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/api/v1/auth/login.rs
View file

@ -11,8 +11,8 @@ use crate::{
error::Error,
schema::*,
utils::{
PASSWORD_REGEX, generate_access_token, generate_refresh_token,
refresh_token_cookie, user_uuid_from_identifier
PASSWORD_REGEX, generate_access_token, generate_refresh_token, refresh_token_cookie,
user_uuid_from_identifier,
},
};

2
src/api/v1/auth/mod.rs
View file

@ -11,9 +11,9 @@ use crate::{Conn, error::Error, schema::access_tokens::dsl};
mod login;
mod refresh;
mod register;
mod reset_password;
mod revoke;
mod verify_email;
mod reset_password;
#[derive(Serialize)]
struct Response {

2
src/api/v1/auth/refresh.rs
View file

@ -61,8 +61,6 @@ pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse
if lifetime > 1987200 {
let new_refresh_token = generate_refresh_token()?;
let new_refresh_token = new_refresh_token;
match update(refresh_tokens::table)
.filter(rdsl::token.eq(&refresh_token))
.set((

40
src/api/v1/auth/reset_password.rs
View file

@ -4,9 +4,7 @@ use actix_web::{HttpResponse, get, post, web};
use chrono::{Duration, Utc};
use serde::Deserialize;
use crate::{
error::Error, structs::PasswordResetToken, Data
};
use crate::{Data, error::Error, structs::PasswordResetToken};
#[derive(Deserialize)]
struct Query {
@ -14,30 +12,31 @@ struct Query {
}
/// `GET /api/v1/auth/reset-password` Sends password reset email to user
///
///
/// requires auth? no
///
///
/// ### Query Parameters
/// identifier: Email or username
///
///
/// ### Responses
/// 200 Email sent
/// 429 Too Many Requests
/// 404 Not found
/// 400 Bad request
///
///
#[get("/reset-password")]
pub async fn get(
query: web::Query<Query>,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
pub async fn get(query: web::Query<Query>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
if let Ok(password_reset_token) = PasswordResetToken::get_with_identifier(&mut conn, query.identifier.clone()).await {
if let Ok(password_reset_token) =
PasswordResetToken::get_with_identifier(&mut conn, query.identifier.clone()).await
{
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(1) {
password_reset_token.delete(&mut conn).await?;
} else {
return Err(Error::TooManyRequests("Please allow 1 hour before sending a new email".to_string()))
return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(),
));
}
}
@ -53,9 +52,9 @@ struct ResetPassword {
}
/// `POST /api/v1/auth/reset-password` Resets user password
///
///
/// requires auth? no
///
///
/// ### Request Example:
/// ```
/// json!({
@ -63,13 +62,13 @@ struct ResetPassword {
/// "token": "a3f7e29c1b8d0456e2c9f83b7a1d6e4f5028c3b9a7e1f2d5c6b8a0d3e7f4a2b"
/// });
/// ```
///
///
/// ### Responses
/// 200 Success
/// 410 Token Expired
/// 404 Not Found
/// 400 Bad Request
///
///
#[post("/reset-password")]
pub async fn post(
reset_password: web::Json<ResetPassword>,
@ -77,14 +76,17 @@ pub async fn post(
) -> Result<HttpResponse, Error> {
let mut conn = data.pool.get().await?;
let password_reset_token = PasswordResetToken::get(&mut conn, reset_password.token.clone()).await?;
let password_reset_token =
PasswordResetToken::get(&mut conn, reset_password.token.clone()).await?;
if Utc::now().signed_duration_since(password_reset_token.created_at) > Duration::hours(24) {
password_reset_token.delete(&mut conn).await?;
return Ok(HttpResponse::Gone().finish());
}
password_reset_token.set_password(&data, reset_password.password.clone()).await?;
password_reset_token
.set_password(&data, reset_password.password.clone())
.await?;
Ok(HttpResponse::Ok().finish())
}

31
src/api/v1/auth/verify_email.rs
View file

@ -5,7 +5,11 @@ use chrono::{Duration, Utc};
use serde::Deserialize;
use crate::{
api::v1::auth::check_access_token, error::Error, structs::{EmailToken, Me}, utils::get_auth_header, Data
Data,
api::v1::auth::check_access_token,
error::Error,
structs::{EmailToken, Me},
utils::get_auth_header,
};
#[derive(Deserialize)]
@ -14,18 +18,18 @@ struct Query {
}
/// `GET /api/v1/auth/verify-email` Verifies user email address
///
///
/// requires auth? yes
///
///
/// ### Query Parameters
/// token
///
///
/// ### Responses
/// 200 Success
/// 410 Token Expired
/// 404 Not Found
/// 401 Unauthorized
///
///
#[get("/verify-email")]
pub async fn get(
req: HttpRequest,
@ -61,20 +65,17 @@ pub async fn get(
}
/// `POST /api/v1/auth/verify-email` Sends user verification email
///
///
/// requires auth? yes
///
///
/// ### Responses
/// 200 Email sent
/// 204 Already verified
/// 429 Too Many Requests
/// 401 Unauthorized
///
///
#[post("/verify-email")]
pub async fn post(
req: HttpRequest,
data: web::Data<Data>,
) -> Result<HttpResponse, Error> {
pub async fn post(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let headers = req.headers();
let auth_header = get_auth_header(headers)?;
@ -86,14 +87,16 @@ pub async fn post(
let me = Me::get(&mut conn, uuid).await?;
if me.email_verified {
return Ok(HttpResponse::NoContent().finish())
return Ok(HttpResponse::NoContent().finish());
}
if let Ok(email_token) = EmailToken::get(&mut conn, me.uuid).await {
if Utc::now().signed_duration_since(email_token.created_at) > Duration::hours(1) {
email_token.delete(&mut conn).await?;
} else {
return Err(Error::TooManyRequests("Please allow 1 hour before sending a new email".to_string()))
return Err(Error::TooManyRequests(
"Please allow 1 hour before sending a new email".to_string(),
));
}
}