restrict admin functions to /admin
This commit is contained in:
parent
a8c6912c25
commit
115b096008
9 changed files with 27 additions and 25 deletions
2
Makefile
2
Makefile
|
@ -1,5 +1,5 @@
|
|||
default: frontend ## Debug build
|
||||
cargo build
|
||||
cargo run
|
||||
|
||||
clean: ## Clean all build artifacts and dependencies
|
||||
@cargo clean
|
||||
|
|
|
@ -42,14 +42,14 @@ pub mod routes {
|
|||
|
||||
impl Account {
|
||||
pub const fn new() -> Account {
|
||||
let get_secret = "/api/v1/admin/account/secret/get";
|
||||
let update_secret = "/api/v1/admin/account/secret/update";
|
||||
let delete = "/api/v1/admin/account/delete";
|
||||
let email_exists = "/api/v1/admin/account/email/exists";
|
||||
let username_exists = "/api/v1/admin/account/username/exists";
|
||||
let update_username = "/api/v1/admin/account/username/update";
|
||||
let update_email = "/api/v1/admin/account/email/update";
|
||||
let update_password = "/api/v1/admin/account/password/update";
|
||||
let get_secret = "/admin/api/v1/account/secret/get";
|
||||
let update_secret = "/admin/api/v1/account/secret/update";
|
||||
let delete = "/admin/api/v1/account/delete";
|
||||
let email_exists = "/admin/api/v1/account/email/exists";
|
||||
let username_exists = "/admin/api/v1/account/username/exists";
|
||||
let update_username = "/admin/api/v1/account/username/update";
|
||||
let update_email = "/admin/api/v1/account/email/update";
|
||||
let update_password = "/admin/api/v1/account/password/update";
|
||||
Account {
|
||||
delete,
|
||||
email_exists,
|
||||
|
|
|
@ -36,10 +36,10 @@ pub mod routes {
|
|||
|
||||
impl Campaign {
|
||||
pub const fn new() -> Campaign {
|
||||
let add = "/api/v1/admin/campaign/add";
|
||||
let delete = "/api/v1/admin/campaign/{uuid}/delete";
|
||||
let add = "/admin/api/v1/campaign/add";
|
||||
let delete = "/admin/api/v1/campaign/{uuid}/delete";
|
||||
// let get_feedback = "/api/v1/campaign/{uuid}/feedback";
|
||||
let list = "/api/v1/admin/campaign/list";
|
||||
let list = "/admin/api/v1/campaign/list";
|
||||
|
||||
Campaign { add, delete, list }
|
||||
}
|
||||
|
|
|
@ -149,16 +149,16 @@ pub fn get_identity_service() -> IdentityService<CookieIdentityPolicy> {
|
|||
let cookie_secret = &SETTINGS.server.cookie_secret;
|
||||
IdentityService::new(
|
||||
CookieIdentityPolicy::new(cookie_secret.as_bytes())
|
||||
.path("/api/v1/admin")
|
||||
.name("survey-auth")
|
||||
.max_age_secs(60 * 24)
|
||||
.path("/admin/")
|
||||
.name("survey-admin-auth")
|
||||
.max_age_secs(60 * 60 * 24 * 365)
|
||||
.domain(&SETTINGS.server.domain)
|
||||
.secure(false),
|
||||
)
|
||||
}
|
||||
|
||||
pub fn services(cfg: &mut actix_web::web::ServiceConfig) {
|
||||
pages::services(cfg);
|
||||
api::v1::services(cfg);
|
||||
pages::services(cfg);
|
||||
static_assets::services(cfg);
|
||||
}
|
||||
|
|
|
@ -52,8 +52,8 @@ pub mod routes {
|
|||
impl Auth {
|
||||
pub const fn new() -> Auth {
|
||||
Auth {
|
||||
login: "/api/v1/admin/page/login",
|
||||
join: "/api/v1/admin/page/join",
|
||||
login: "/admin/login",
|
||||
join: "/admin/join",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -64,7 +64,7 @@ mod tests {
|
|||
let app = get_app!(data).await;
|
||||
|
||||
let urls = vec![
|
||||
//PAGES.home.into(),
|
||||
PAGES.home.into(),
|
||||
PAGES.panel.campaigns.home.into(),
|
||||
PAGES.panel.campaigns.new.into(),
|
||||
// PAGES.panel.campaigns.get_feedback_route(&campaign.uuid),
|
||||
|
|
|
@ -38,10 +38,10 @@ pub mod routes {
|
|||
impl Campaigns {
|
||||
pub const fn new() -> Campaigns {
|
||||
Campaigns {
|
||||
home: "/api/v1/admin/page/campaigns",
|
||||
new: "/api/v1/admin/page/campaigns/new",
|
||||
get_feedback: "/api/v1/admin/page/campaigns/{uuid}/feedback",
|
||||
delete: "/api/v1/admin/page/campaigns/{uuid}/delete",
|
||||
home: "/admin/campaigns",
|
||||
new: "/admin/campaigns/new",
|
||||
get_feedback: "/admin/campaigns/{uuid}/feedback",
|
||||
delete: "/admin/campaigns/{uuid}/delete",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -29,9 +29,10 @@ pub mod routes {
|
|||
}
|
||||
impl Panel {
|
||||
pub const fn new() -> Panel {
|
||||
let campaigns = Campaigns::new();
|
||||
Panel {
|
||||
home: "/api/v1/admin/home/",
|
||||
campaigns: Campaigns::new(),
|
||||
home: "/admin/home",
|
||||
campaigns,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -88,6 +88,7 @@ macro_rules! get_app {
|
|||
actix_web::App::new()
|
||||
.app_data(crate::get_json_err())
|
||||
.wrap(crate::get_identity_service())
|
||||
.wrap(get_survey_identity_service())
|
||||
.wrap(actix_web::middleware::NormalizePath::new(
|
||||
actix_web::middleware::TrailingSlash::Trim,
|
||||
))
|
||||
|
|
Loading…
Reference in a new issue