mCaptcha/survey
2
0
Fork 0
Code Issues 4 Pull requests 10 Projects Releases Packages Wiki Activity

get admin functions into admin scope

Browse source
This commit is contained in:
Aravinth Manivannan 2021-10-11 13:41:36 +05:30
parent f5d9094149
commit f1bc63d2c1
Signed by: realaravinth
GPG key ID: AD9F0F08E855ED88
24 changed files with 163 additions and 180 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
migrations/20211005151526_survey_surveys.sql
View file

@ -1,20 +0,0 @@
--CREATE TYPE survey_bench AS (
-- difficulty INTEGER,
-- duration FLOAT(8)
--);
CREATE EXTENSION IF NOT EXISTS hstore;
CREATE TABLE IF NOT EXISTS survey_responses (
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
device_user_provided VARCHAR(400) NOT NULL,
device_software_recognised VARCHAR(400) NOT NULL,
ID SERIAL PRIMARY KEY NOT NULL,
threads INTEGER
);
CREATE TABLE IF NOT EXISTS survey_benches (
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
difficulty INTEGER NOT NULL,
duration FLOAT(8) NOT NULL
);

5
migrations/20211010134814_survey_response_tokens.sql
View file

@ -1,5 +0,0 @@
CREATE TABLE IF NOT EXISTS survey_response_tokens (
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
ID UUID PRIMARY KEY NOT NULL UNIQUE
);

26
migrations/20211011041634_survey_admins.sql
View file

@ -8,10 +8,32 @@ CREATE TABLE IF NOT EXISTS survey_admins (
ID SERIAL PRIMARY KEY NOT NULL
);
CREATE TABLE IF NOT EXISTS survey_challenges (
CREATE TABLE IF NOT EXISTS survey_campaigns (
ID UUID PRIMARY KEY NOT NULL UNIQUE,
user_id INTEGER NOT NULL references survey_admins(ID) ON DELETE CASCADE,
name VARCHAR(200) NOT NULL,
difficulties INTEGER[] NOT NULL,
created_at TIMESTAMPTZ NOT NULL
)
);
CREATE TABLE IF NOT EXISTS survey_responses (
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
campaign_id UUID NOT NULL references survey_campaigns(ID) ON DELETE CASCADE,
device_user_provided VARCHAR(400) NOT NULL,
device_software_recognised VARCHAR(400) NOT NULL,
ID SERIAL PRIMARY KEY NOT NULL,
threads INTEGER
);
CREATE TABLE IF NOT EXISTS survey_benches (
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
difficulty INTEGER NOT NULL,
duration FLOAT(8) NOT NULL
);
CREATE TABLE IF NOT EXISTS survey_response_tokens (
resp_id INTEGER NOT NULL references survey_responses(ID) ON DELETE CASCADE,
user_id UUID NOT NULL references survey_users(ID) ON DELETE CASCADE,
ID UUID PRIMARY KEY NOT NULL UNIQUE
);

4
src/api/v1/account/delete.rs → src/api/v1/admin/account/delete.rs
View file

@ -23,8 +23,8 @@ use crate::errors::*;
use crate::AppData;
#[my_codegen::post(
path = "crate::V1_API_ROUTES.account.delete",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.delete",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn delete_account(
id: Identity,

6
src/api/v1/account/email.rs → src/api/v1/admin/account/email.rs
View file

@ -29,7 +29,7 @@ pub struct Email {
pub email: String,
}
#[my_codegen::post(path = "crate::V1_API_ROUTES.account.email_exists")]
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.account.email_exists")]
pub async fn email_exists(
payload: web::Json<AccountCheckPayload>,
data: AppData,
@ -54,8 +54,8 @@ pub async fn email_exists(
/// update email
#[my_codegen::post(
path = "crate::V1_API_ROUTES.account.update_email",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.update_email",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn set_email(
id: Identity,

16
src/api/v1/account/mod.rs → src/api/v1/admin/account/mod.rs
View file

@ -42,14 +42,14 @@ pub mod routes {
impl Account {
pub const fn new() -> Account {
let get_secret = "/api/v1/account/secret/get";
let update_secret = "/api/v1/account/secret/update";
let delete = "/api/v1/account/delete";
let email_exists = "/api/v1/account/email/exists";
let username_exists = "/api/v1/account/username/exists";
let update_username = "/api/v1/account/username/update";
let update_email = "/api/v1/account/email/update";
let update_password = "/api/v1/account/password/update";
let get_secret = "/api/v1/admin/account/secret/get";
let update_secret = "/api/v1/admin/account/secret/update";
let delete = "/api/v1/admin/account/delete";
let email_exists = "/api/v1/admin/account/email/exists";
let username_exists = "/api/v1/admin/account/username/exists";
let update_username = "/api/v1/admin/account/username/update";
let update_email = "/api/v1/admin/account/email/update";
let update_password = "/api/v1/admin/account/password/update";
Account {
delete,
email_exists,

12
src/api/v1/account/password.rs → src/api/v1/admin/account/password.rs
View file

@ -20,7 +20,7 @@ use argon2_creds::Config;
use serde::{Deserialize, Serialize};
use sqlx::Error::RowNotFound;
use crate::api::v1::auth::runners::Password;
use crate::api::v1::admin::auth::runners::Password;
use crate::errors::*;
use crate::*;
@ -69,8 +69,8 @@ async fn update_password_runner(
}
#[my_codegen::post(
path = "crate::V1_API_ROUTES.account.update_password",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.update_password",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn update_user_password(
id: Identity,
@ -167,7 +167,7 @@ mod tests {
bad_post_req_test(
NAME,
new_password,
ROUTES.account.update_password,
ROUTES.admin.account.update_password,
&update_password,
ServiceError::PasswordsDontMatch,
)
@ -182,7 +182,7 @@ mod tests {
bad_post_req_test(
NAME,
new_password,
ROUTES.account.update_password,
ROUTES.admin.account.update_password,
&update_password,
ServiceError::WrongPassword,
)
@ -196,7 +196,7 @@ mod tests {
let update_password_resp = test::call_service(
&app,
post_request!(&update_password, ROUTES.account.update_password)
post_request!(&update_password, ROUTES.admin.account.update_password)
.cookie(cookies)
.to_request(),
)

8
src/api/v1/account/secret.rs → src/api/v1/admin/account/secret.rs
View file

@ -30,8 +30,8 @@ pub struct Secret {
}
#[my_codegen::get(
path = "crate::V1_API_ROUTES.account.get_secret",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.get_secret",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn get_secret(id: Identity, data: AppData) -> ServiceResult<impl Responder> {
let username = id.identity().unwrap();
@ -48,8 +48,8 @@ async fn get_secret(id: Identity, data: AppData) -> ServiceResult<impl Responder
}
#[my_codegen::post(
path = "crate::V1_API_ROUTES.account.update_secret",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.update_secret",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn update_user_secret(
id: Identity,

28
src/api/v1/account/test.rs → src/api/v1/admin/account/test.rs
View file

@ -21,7 +21,7 @@ use actix_web::test;
use super::email::*;
use super::username::Username;
use super::*;
use crate::api::v1::auth::runners::Password;
use crate::api::v1::admin::auth::runners::Password;
use crate::api::v1::ROUTES;
use crate::data::Data;
use crate::*;
@ -49,7 +49,7 @@ async fn uname_email_exists_works() {
&app,
test::TestRequest::get()
.cookie(cookies.clone())
.uri(ROUTES.account.get_secret)
.uri(ROUTES.admin.account.get_secret)
.to_request(),
)
.await;
@ -60,7 +60,7 @@ async fn uname_email_exists_works() {
&app,
test::TestRequest::post()
.cookie(cookies.clone())
.uri(ROUTES.account.update_secret)
.uri(ROUTES.admin.account.update_secret)
.to_request(),
)
.await;
@ -70,7 +70,7 @@ async fn uname_email_exists_works() {
let user_exists_resp = test::call_service(
&app,
post_request!(&payload, ROUTES.account.username_exists)
post_request!(&payload, ROUTES.admin.account.username_exists)
.cookie(cookies.clone())
.to_request(),
)
@ -83,7 +83,7 @@ async fn uname_email_exists_works() {
let user_doesnt_exist = test::call_service(
&app,
post_request!(&payload, ROUTES.account.username_exists)
post_request!(&payload, ROUTES.admin.account.username_exists)
.cookie(cookies.clone())
.to_request(),
)
@ -94,7 +94,7 @@ async fn uname_email_exists_works() {
let email_doesnt_exist = test::call_service(
&app,
post_request!(&payload, ROUTES.account.email_exists)
post_request!(&payload, ROUTES.admin.account.email_exists)
.cookie(cookies.clone())
.to_request(),
)
@ -107,7 +107,7 @@ async fn uname_email_exists_works() {
let email_exist = test::call_service(
&app,
post_request!(&payload, ROUTES.account.email_exists)
post_request!(&payload, ROUTES.admin.account.email_exists)
.cookie(cookies.clone())
.to_request(),
)
@ -142,7 +142,7 @@ async fn email_udpate_password_validation_del_userworks() {
};
let email_update_resp = test::call_service(
&app,
post_request!(&email_payload, ROUTES.account.update_email)
post_request!(&email_payload, ROUTES.admin.account.update_email)
//post_request!(&email_payload, EMAIL_UPDATE)
.cookie(cookies.clone())
.to_request(),
@ -155,7 +155,7 @@ async fn email_udpate_password_validation_del_userworks() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.account.update_email,
ROUTES.admin.account.update_email,
&email_payload,
ServiceError::EmailTaken,
)
@ -168,7 +168,7 @@ async fn email_udpate_password_validation_del_userworks() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.account.delete,
ROUTES.admin.account.delete,
&payload,
ServiceError::WrongPassword,
)
@ -178,7 +178,7 @@ async fn email_udpate_password_validation_del_userworks() {
payload.password = PASSWORD.into();
let delete_user_resp = test::call_service(
&app,
post_request!(&payload, ROUTES.account.delete)
post_request!(&payload, ROUTES.admin.account.delete)
.cookie(cookies.clone())
.to_request(),
)
@ -189,7 +189,7 @@ async fn email_udpate_password_validation_del_userworks() {
// try to delete an account that doesn't exist
let account_not_found_resp = test::call_service(
&app,
post_request!(&payload, ROUTES.account.delete)
post_request!(&payload, ROUTES.admin.account.delete)
.cookie(cookies)
.to_request(),
)
@ -229,7 +229,7 @@ async fn username_update_works() {
};
let username_update_resp = test::call_service(
&app,
post_request!(&username_udpate, ROUTES.account.update_username)
post_request!(&username_udpate, ROUTES.admin.account.update_username)
.cookie(cookies)
.to_request(),
)
@ -241,7 +241,7 @@ async fn username_update_works() {
bad_post_req_test(
NAME_CHANGE,
PASSWORD,
ROUTES.account.update_username,
ROUTES.admin.account.update_username,
&username_udpate,
ServiceError::UsernameTaken,
)

6
src/api/v1/account/username.rs → src/api/v1/admin/account/username.rs
View file

@ -24,7 +24,7 @@ use super::{AccountCheckPayload, AccountCheckResp};
use crate::errors::*;
use crate::AppData;
#[my_codegen::post(path = "crate::V1_API_ROUTES.account.username_exists")]
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.account.username_exists")]
async fn username_exists(
payload: web::Json<AccountCheckPayload>,
data: AppData,
@ -66,8 +66,8 @@ pub struct Username {
/// update username
#[my_codegen::post(
path = "crate::V1_API_ROUTES.account.update_username",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.account.update_username",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn set_username(
id: Identity,

14
src/api/v1/auth.rs → src/api/v1/admin/auth.rs
View file

@ -33,9 +33,9 @@ pub mod routes {
impl Auth {
pub const fn new() -> Auth {
let login = "/api/v1/signin";
let login = "/api/v1/admin/signin";
let logout = "/logout";
let register = "/api/v1/signup";
let register = "/api/v1/admin/signup";
Auth {
logout,
login,
@ -201,7 +201,7 @@ pub fn services(cfg: &mut web::ServiceConfig) {
cfg.service(login);
cfg.service(signout);
}
#[my_codegen::post(path = "crate::V1_API_ROUTES.auth.register")]
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.auth.register")]
async fn register(
payload: web::Json<runners::Register>,
data: AppData,
@ -210,7 +210,7 @@ async fn register(
Ok(HttpResponse::Ok())
}
#[my_codegen::post(path = "crate::V1_API_ROUTES.auth.login")]
#[my_codegen::post(path = "crate::V1_API_ROUTES.admin.auth.login")]
async fn login(
id: Identity,
payload: web::Json<runners::Login>,
@ -222,14 +222,14 @@ async fn login(
Ok(HttpResponse::Ok())
}
#[my_codegen::get(
path = "crate::V1_API_ROUTES.auth.logout",
wrap = "crate::api::v1::get_admin_check_login()"
path = "crate::V1_API_ROUTES.admin.auth.logout",
wrap = "crate::api::v1::admin::get_admin_check_login()"
)]
async fn signout(id: Identity) -> impl Responder {
if id.identity().is_some() {
id.forget();
}
HttpResponse::Found()
.append_header((header::LOCATION, crate::middleware::auth::AUTH))
.append_header((header::LOCATION, crate::V1_API_ROUTES.admin.auth.register))
.finish()
}

2
src/api/v1/challenges.rs → src/api/v1/admin/challenges.rs
View file

@ -31,7 +31,7 @@ pub mod routes {
impl Challenges {
pub const fn new() -> Challenges {
let add = "/api/v1/challenges/add";
let add = "/api/v1/admin/challenges/add";
Challenges { add }
}
}

52
src/api/v1/admin/mod.rs Normal file
View file

@ -0,0 +1,52 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_web::web::ServiceConfig;
pub mod account;
pub mod auth;
#[cfg(test)]
mod tests;
pub use super::{get_random, get_uuid};
pub fn services(cfg: &mut ServiceConfig) {
auth::services(cfg);
account::services(cfg);
}
pub fn get_admin_check_login() -> crate::CheckLogin {
crate::CheckLogin::new(crate::V1_API_ROUTES.admin.auth.register)
}
pub mod routes {
use super::account::routes::Account;
use super::auth::routes::Auth;
pub struct Admin {
pub auth: Auth,
pub account: Account,
}
impl Admin {
pub const fn new() -> Admin {
Admin {
account: Account::new(),
auth: Auth::new(),
}
}
}
}

26
src/api/v1/tests/auth.rs → src/api/v1/admin/tests/auth.rs
View file

@ -18,7 +18,7 @@
use actix_web::http::{header, StatusCode};
use actix_web::test;
use crate::api::v1::auth::runners::{Login, Register};
use crate::api::v1::admin::auth::runners::{Login, Register};
use crate::api::v1::ROUTES;
use crate::data::Data;
use crate::errors::*;
@ -44,9 +44,11 @@ async fn auth_works() {
confirm_password: PASSWORD.into(),
email: None,
};
let resp =
test::call_service(&app, post_request!(&msg, ROUTES.auth.register).to_request())
.await;
let resp = test::call_service(
&app,
post_request!(&msg, ROUTES.admin.auth.register).to_request(),
)
.await;
assert_eq!(resp.status(), StatusCode::OK);
// delete user
delete_user(NAME, &data).await;
@ -68,7 +70,7 @@ async fn auth_works() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.auth.register,
ROUTES.admin.auth.register,
&msg,
ServiceError::UsernameTaken,
)
@ -79,7 +81,7 @@ async fn auth_works() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.auth.register,
ROUTES.admin.auth.register,
&msg,
ServiceError::EmailTaken,
)
@ -93,7 +95,7 @@ async fn auth_works() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.auth.login,
ROUTES.admin.auth.login,
&creds,
ServiceError::AccountNotFound,
)
@ -103,7 +105,7 @@ async fn auth_works() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.auth.login,
ROUTES.admin.auth.login,
&creds,
ServiceError::AccountNotFound,
)
@ -116,7 +118,7 @@ async fn auth_works() {
bad_post_req_test(
NAME,
PASSWORD,
ROUTES.auth.login,
ROUTES.admin.auth.login,
&creds,
ServiceError::WrongPassword,
)
@ -126,7 +128,7 @@ async fn auth_works() {
let signout_resp = test::call_service(
&app,
test::TestRequest::get()
.uri(ROUTES.auth.logout)
.uri(ROUTES.admin.auth.logout)
.cookie(cookies)
.to_request(),
)
@ -135,7 +137,7 @@ async fn auth_works() {
let headers = signout_resp.headers();
assert_eq!(
headers.get(header::LOCATION).unwrap(),
crate::middleware::auth::AUTH
crate::V1_API_ROUTES.admin.auth.register,
)
}
@ -159,7 +161,7 @@ async fn serverside_password_validation_works() {
};
let resp = test::call_service(
&app,
post_request!(&register_msg, ROUTES.auth.register).to_request(),
post_request!(&register_msg, ROUTES.admin.auth.register).to_request(),
)
.await;
assert_eq!(resp.status(), StatusCode::BAD_REQUEST);

0
src/api/v1/tests/mod.rs → src/api/v1/admin/tests/mod.rs
View file

8
src/api/v1/tests/protected.rs → src/api/v1/admin/tests/protected.rs
View file

@ -29,12 +29,6 @@ async fn protected_routes_work() {
const PASSWORD: &str = "longpassword2";
const EMAIL: &str = "testuser119@a.com2";
let _post_protected_urls = [
"/api/v1/account/secret/",
"/api/v1/account/email/",
"/api/v1/account/delete",
];
let get_protected_urls = ["/logout"];
{
@ -61,7 +55,7 @@ async fn protected_routes_work() {
)
.await;
if url == &V1_API_ROUTES.auth.logout {
if url == &V1_API_ROUTES.admin.auth.logout {
assert_eq!(authenticated_resp.status(), StatusCode::FOUND);
} else {
assert_eq!(authenticated_resp.status(), StatusCode::OK);

12
src/api/v1/bench.rs
View file

@ -37,7 +37,7 @@ pub mod routes {
impl Benches {
pub const fn new() -> Benches {
let submit = "/api/v1/benches/submit";
let submit = "/api/v1/benches/{campaign_id}/submit";
let register = "/api/v1/benches/register";
let scope = "/api/v1/benches/";
Benches {
@ -46,6 +46,9 @@ pub mod routes {
scope,
}
}
pub fn submit_route(&self, campaign_id: &str) -> String {
self.submit.replace("{campaign_id}", &campaign_id)
}
}
}
@ -128,8 +131,11 @@ async fn submit(
data: AppData,
id: Identity,
payload: web::Json<Submission>,
path: web::Path<String>,
) -> ServiceResult<impl Responder> {
let username = id.identity().unwrap();
let path = path.into_inner();
let campaign_id = Uuid::parse_str(&path).map_err(|_| ServiceError::NotAnId)?;
let user_id = Uuid::from_str(&username).unwrap();
let payload = payload.into_inner();
@ -137,11 +143,13 @@ async fn submit(
sqlx::query!(
"INSERT INTO survey_responses (
user_id,
campaign_id,
device_user_provided,
device_software_recognised,
threads
) VALUES ($1, $2, $3, $4);",
) VALUES ($1, $2, $3, $4, $5);",
&user_id,
&campaign_id,
&payload.device_user_provided,
&payload.device_software_recognised,
&payload.threads

62
src/api/v1/cache.rs
View file

@ -1,62 +0,0 @@
/*
* Copyright (C) 2021 Aravinth Manivannan <realaravinth@batsense.net>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use std::collections::HashMap;
use std::sync::Arc;
use sqlx::PgPool;
use uuid::Uuid;
#[derive(Clone, Debug)]
pub struct ChallengeCache {
store: HashMap<Uuid, Arc<Vec<i32>>>,
db: PgPool,
}
impl ChallengeCache {
pub fn new(db: PgPool) -> Self {
let store = HashMap::default();
Self { db, store }
}
async fn get_db(&self, id: &Uuid) -> Vec<i32> {
struct Foo {
challenges: Vec<i32>,
}
let res = sqlx::query_as!(
Foo,
"SELECT challenges FROM survey_surveys WHERE id = $1",
&id
)
.fetch_one(&self.db)
.await
.unwrap();
res.challenges
}
pub async fn get(&mut self, k: &Uuid) -> Arc<Vec<i32>> {
match self.store.get(k) {
Some(val) => val.clone(),
None => {
let resp = self.get_db(k).await;
let resp = Arc::new(resp);
self.store.insert(k.clone(), resp.clone());
resp
}
}
}
}

12
src/api/v1/mod.rs
View file

@ -17,20 +17,16 @@
use actix_web::web::ServiceConfig;
use uuid::Uuid;
pub mod account;
pub mod auth;
pub mod admin;
pub mod bench;
mod meta;
pub mod routes;
pub use routes::ROUTES;
#[cfg(test)]
mod tests;
pub fn services(cfg: &mut ServiceConfig) {
meta::services(cfg);
auth::services(cfg);
bench::services(cfg);
account::services(cfg);
admin::services(cfg);
}
pub fn get_random(len: usize) -> String {
@ -49,7 +45,3 @@ pub fn get_random(len: usize) -> String {
pub fn get_uuid() -> Uuid {
Uuid::new_v4()
}
pub fn get_admin_check_login() -> crate::CheckLogin {
crate::CheckLogin::new(crate::V1_API_ROUTES.auth.register)
}

9
src/api/v1/routes.rs
View file

@ -14,16 +14,14 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use super::account::routes::Account;
use super::auth::routes::Auth;
use super::admin::routes::Admin;
use super::bench::routes::Benches;
use super::meta::routes::Meta;
pub const ROUTES: Routes = Routes::new();
pub struct Routes {
pub auth: Auth,
pub account: Account,
pub admin: Admin,
pub meta: Meta,
pub benches: Benches,
}
@ -31,8 +29,7 @@ pub struct Routes {
impl Routes {
const fn new() -> Routes {
Routes {
account: Account::new(),
auth: Auth::new(),
admin: Admin::new(),
meta: Meta::new(),
benches: Benches::new(),
}

5
src/errors.rs
View file

@ -53,6 +53,10 @@ pub enum ServiceError {
#[display(fmt = "The value you entered for email is not an email")] //405j
NotAnEmail,
#[display(fmt = "The value you entered for campaign id is not a valid campaign ID")]
//405j
NotAnId,
/// when the a token name is already taken
/// token not found
#[display(fmt = "Token not found. Is token registered?")]
@ -117,6 +121,7 @@ impl ResponseError for ServiceError {
ServiceError::UsernameTaken => StatusCode::BAD_REQUEST,
ServiceError::EmailTaken => StatusCode::BAD_REQUEST,
ServiceError::NotAnEmail => StatusCode::BAD_REQUEST,
ServiceError::NotAnId => StatusCode::BAD_REQUEST,
ServiceError::WrongPassword => StatusCode::UNAUTHORIZED,
ServiceError::AccountNotFound => StatusCode::NOT_FOUND,

2
src/main.rs
View file

@ -142,7 +142,7 @@ pub fn get_identity_service() -> IdentityService<CookieIdentityPolicy> {
let cookie_secret = &SETTINGS.server.cookie_secret;
IdentityService::new(
CookieIdentityPolicy::new(cookie_secret.as_bytes())
.path("/admin")
.path("/api/v1/admin")
.name("survey-auth")
.max_age_secs(60 * 24)
.domain(&SETTINGS.server.domain)

2
src/middleware/auth.rs
View file

@ -24,8 +24,6 @@ use actix_web::{http, Error, FromRequest, HttpResponse};
use futures::future::{ok, Either, Ready};
pub const AUTH: &str = crate::V1_API_ROUTES.auth.register;
pub struct CheckLogin {
login: &'static str,
}

6
src/tests.rs
View file

@ -22,7 +22,7 @@ use actix_web::{dev::ServiceResponse, error::ResponseError, http::StatusCode};
use serde::Serialize;
use super::*;
use crate::api::v1::auth::runners::{Login, Register};
use crate::api::v1::admin::auth::runners::{Login, Register};
use crate::data::Data;
use crate::errors::*;
use crate::V1_API_ROUTES;
@ -121,7 +121,7 @@ pub async fn register(name: &str, email: &str, password: &str) {
};
let resp = test::call_service(
&app,
post_request!(&msg, V1_API_ROUTES.auth.register).to_request(),
post_request!(&msg, V1_API_ROUTES.admin.auth.register).to_request(),
)
.await;
assert_eq!(resp.status(), StatusCode::OK);
@ -139,7 +139,7 @@ pub async fn signin(name: &str, password: &str) -> (Arc<Data>, Login, ServiceRes
};
let signin_resp = test::call_service(
&app,
post_request!(&creds, V1_API_ROUTES.auth.login).to_request(),
post_request!(&creds, V1_API_ROUTES.admin.auth.login).to_request(),
)
.await;
assert_eq!(signin_resp.status(), StatusCode::OK);