gorb/backend
4
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

Compare commits

base: gorb:beb9fc10bae87c332c4c6e03edd7d8c944ed947a
Branches Tags
gorb:main
gorb:wip/messaging
gorb:wip/messaging-test
..
compare: gorb:c9d3b2cd12b5c3a0eb44d5bcaa533b4d3e5abc33
Branches Tags
gorb:wip/messaging
gorb:main
gorb:wip/messaging-test

No commits in common. "beb9fc10bae87c332c4c6e03edd7d8c944ed947a" and "c9d3b2cd12b5c3a0eb44d5bcaa533b4d3e5abc33" have entirely different histories.
beb9fc10ba ... c9d3b2cd12

2 changed files with 36 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

32
src/api/v1/servers/mod.rs
View file

@ -1,4 +1,4 @@
use actix_web::{error, post, web, Error, HttpRequest, HttpResponse, Scope}; use actix_web::{error, post, web, Error, HttpResponse, Scope};
use futures::StreamExt; use futures::StreamExt;
use log::error; use log::error;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@ -7,10 +7,11 @@ use std::time::{SystemTime, UNIX_EPOCH};
mod uuid; mod uuid;
use crate::{api::v1::auth::check_access_token, utils::get_auth_header, Data}; use crate::{api::v1::auth::check_access_token, Data};
#[derive(Deserialize)] #[derive(Deserialize)]
struct Request { struct Request {
access_token: String,
name: String, name: String,
description: Option<String>, description: Option<String>,
} }
@ -37,25 +38,8 @@ pub fn web() -> Scope {
} }
#[post("")] #[post("")]
pub async fn res(req: HttpRequest, mut payload: web::Payload, data: web::Data<Data>) -> Result<HttpResponse, Error> { pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let headers = req.headers();
let auth_header = get_auth_header(headers);
if let Err(error) = auth_header {
return Ok(error)
}
let authorized = check_access_token(auth_header.unwrap(), &data.pool).await;
if let Err(error) = authorized {
return Ok(error)
}
let uuid = authorized.unwrap();
let mut body = web::BytesMut::new(); let mut body = web::BytesMut::new();
while let Some(chunk) = payload.next().await { while let Some(chunk) = payload.next().await {
let chunk = chunk?; let chunk = chunk?;
// limit max size of in-memory payload // limit max size of in-memory payload
@ -67,6 +51,14 @@ pub async fn res(req: HttpRequest, mut payload: web::Payload, data: web::Data<Da
let request = serde_json::from_slice::<Request>(&body)?; let request = serde_json::from_slice::<Request>(&body)?;
let authorized = check_access_token(request.access_token, &data.pool).await;
if let Err(error) = authorized {
return Ok(error)
}
let uuid = authorized.unwrap();
let guild_uuid = Uuid::now_v7(); let guild_uuid = Uuid::now_v7();
let row = sqlx::query(&format!("INSERT INTO guilds (uuid, owner_uuid, name, description) VALUES ('{}', '{}', $1, $2)", guild_uuid, uuid)) let row = sqlx::query(&format!("INSERT INTO guilds (uuid, owner_uuid, name, description) VALUES ('{}', '{}', $1, $2)", guild_uuid, uuid))

36
src/api/v1/servers/uuid/mod.rs
View file

@ -1,13 +1,19 @@
use actix_web::{get, web, Error, HttpRequest, HttpResponse, Scope}; use actix_web::{error, post, web, Error, HttpResponse, Scope};
use futures::StreamExt;
use log::error; use log::error;
use serde::Serialize; use serde::{Deserialize, Serialize};
use sqlx::FromRow; use sqlx::FromRow;
use uuid::Uuid; use uuid::Uuid;
use std::str::FromStr; use std::str::FromStr;
mod channels; mod channels;
use crate::{api::v1::auth::check_access_token, utils::get_auth_header, Data}; use crate::{api::v1::auth::check_access_token, Data};
#[derive(Deserialize)]
struct Request {
access_token: String,
}
#[derive(Serialize)] #[derive(Serialize)]
struct Response { struct Response {
@ -29,25 +35,31 @@ struct Role {
permissions: i64, permissions: i64,
} }
const MAX_SIZE: usize = 262_144;
pub fn web() -> Scope { pub fn web() -> Scope {
web::scope("/") web::scope("/")
.service(res) .service(res)
.service(channels::web()) .service(channels::web())
} }
#[get("{uuid}")] #[post("{uuid}")]
pub async fn res(req: HttpRequest, path: web::Path<(Uuid,)>, data: web::Data<Data>) -> Result<HttpResponse, Error> { pub async fn res(mut payload: web::Payload, path: web::Path<(Uuid,)>, data: web::Data<Data>) -> Result<HttpResponse, Error> {
let headers = req.headers(); let mut body = web::BytesMut::new();
while let Some(chunk) = payload.next().await {
let auth_header = get_auth_header(headers); let chunk = chunk?;
// limit max size of in-memory payload
if let Err(error) = auth_header { if (body.len() + chunk.len()) > MAX_SIZE {
return Ok(error) return Err(error::ErrorBadRequest("overflow"));
}
body.extend_from_slice(&chunk);
} }
let guild_uuid = path.into_inner().0; let guild_uuid = path.into_inner().0;
let authorized = check_access_token(auth_header.unwrap(), &data.pool).await; let request = serde_json::from_slice::<Request>(&body)?;
let authorized = check_access_token(request.access_token, &data.pool).await;
if let Err(error) = authorized { if let Err(error) = authorized {
return Ok(error) return Ok(error)