gorb/backend
4
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: gorb:346121802594bcc1c1651d445b79ecedeb151c37
Branches Tags
gorb:main
gorb:wip/messaging
gorb:wip/messaging-test
..
compare: gorb:bda9f85b86a07a9acb91392e869662e073d0e38d
Branches Tags
gorb:wip/messaging
gorb:main
gorb:wip/messaging-test

No commits in common. "346121802594bcc1c1651d445b79ecedeb151c37" and "bda9f85b86a07a9acb91392e869662e073d0e38d" have entirely different histories.
3461218025 ... bda9f85b86

3 changed files with 1 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

70
src/api/v1/login.rs
View file

@ -1,70 +0,0 @@
use actix_web::{error, post, web, Error, HttpResponse};
use regex::Regex;
use serde::{Deserialize, Serialize};
use futures::StreamExt;
use crate::Data;
#[derive(Deserialize)]
struct LoginInformation {
username: String,
password: String,
device_name: String,
}
#[derive(Serialize)]
struct Response {
access_token: String,
expires_in: u64,
refresh_token: String,
}
const MAX_SIZE: usize = 262_144;
#[post("/login")]
pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let mut body = web::BytesMut::new();
while let Some(chunk) = payload.next().await {
let chunk = chunk?;
// limit max size of in-memory payload
if (body.len() + chunk.len()) > MAX_SIZE {
return Err(error::ErrorBadRequest("overflow"));
}
body.extend_from_slice(&chunk);
}
let login_information = serde_json::from_slice::<LoginInformation>(&body)?;
let email_regex = Regex::new(r"[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+(?:\.[-A-Za-z0-9!#$%&'*+/=?^_`{|}~]+)*@(?:[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?\.)+[A-Za-z0-9](?:[-A-Za-z0-9]*[A-Za-z0-9])?").unwrap();
// FIXME: This regex doesnt seem to be working
let username_regex = Regex::new(r"[a-zA-Z0-9.-_]").unwrap();
if email_regex.is_match(&login_information.username) {
if let Ok(password) = sqlx::query_scalar("SELECT password FROM users WHERE email = $1").bind(login_information.username).fetch_one(&data.pool).await {
return Ok(login(login_information.password, password))
}
return Ok(HttpResponse::Unauthorized().finish())
} else if username_regex.is_match(&login_information.username) {
if let Ok(password) = sqlx::query_scalar("SELECT password FROM users WHERE username = $1").bind(login_information.username).fetch_one(&data.pool).await {
return Ok(login(login_information.password, password))
}
return Ok(HttpResponse::Unauthorized().finish())
}
Ok(HttpResponse::Unauthorized().finish())
}
fn login(request_password: String, database_password: String) -> HttpResponse {
if request_password == database_password {
return HttpResponse::Ok().json(Response {
access_token: "bogus".to_string(),
expires_in: 0,
refresh_token: "bogus".to_string(),
})
}
HttpResponse::Unauthorized().finish()
}

2
src/api/v1/mod.rs
View file

@ -2,11 +2,9 @@ use actix_web::{Scope, web};
mod stats; mod stats;
mod register; mod register;
mod login;
pub fn web() -> Scope { pub fn web() -> Scope {
web::scope("/v1") web::scope("/v1")
.service(stats::res) .service(stats::res)
.service(register::res) .service(register::res)
.service(login::res)
} }

1
src/api/v1/register.rs
View file

@ -2,6 +2,7 @@ use actix_web::{error, post, web, Error, HttpResponse};
use regex::Regex; use regex::Regex;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use futures::StreamExt; use futures::StreamExt;
use sqlx::Executor;
use uuid::Uuid; use uuid::Uuid;
use crate::Data; use crate::Data;