This commit is contained in:
JMARyA 2024-08-11 02:57:16 +02:00
parent 9a9e77a3bb
commit e3a0d4075f
Signed by: jmarya
GPG key ID: 901B2ADDF27C2263
3 changed files with 42 additions and 4 deletions

View file

@ -9,6 +9,8 @@ use rand::RngCore;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::json; use serde_json::json;
use crate::route::ToAPI;
fn gen_token(token_length: usize) -> String { fn gen_token(token_length: usize) -> String {
let mut token_bytes = vec![0u8; token_length]; let mut token_bytes = vec![0u8; token_length];
@ -106,6 +108,15 @@ impl User {
} }
} }
impl ToAPI for User {
async fn api(&self) -> serde_json::Value {
json!({
"username": self.username,
"role": self.role
})
}
}
#[derive(Debug, Clone, Serialize, Deserialize, Model, Referencable)] #[derive(Debug, Clone, Serialize, Deserialize, Model, Referencable)]
pub struct Session { pub struct Session {
pub _id: String, pub _id: String,

View file

@ -5,6 +5,8 @@ mod library;
mod route; mod route;
use library::user::{User, UserRole}; use library::user::{User, UserRole};
use mongod::Model;
use mongodb::bson::doc;
use rocket::routes; use rocket::routes;
use rocket::{http::Method, launch}; use rocket::{http::Method, launch};
@ -29,7 +31,13 @@ async fn rocket() -> _ {
lib.rescan().await; lib.rescan().await;
User::create("admin", "admin", UserRole::Admin).await; // create initial admin user
if User::find(doc! { "username": "admin" }, None)
.await
.is_none()
{
User::create("admin", "admin", UserRole::Admin).await;
}
let cache = cache::RouteCache::new(); let cache = cache::RouteCache::new();
@ -50,6 +58,7 @@ async fn rocket() -> _ {
route::user::login_route, route::user::login_route,
route::user::passwd_route, route::user::passwd_route,
route::user::user_create_route, route::user::user_create_route,
route::user::users_route,
route::track::track_audio_opus128_route route::track::track_audio_opus128_route
], ],
) )

View file

@ -1,7 +1,10 @@
use crate::library::user::Session; use crate::library::user::Session;
use crate::library::user::User; use crate::library::user::User;
use crate::route::to_api;
use crate::route::ToAPI;
use mongod::Model; use mongod::Model;
use mongodb::bson::doc; use mongodb::bson::doc;
use rocket::get;
use rocket::http::Status; use rocket::http::Status;
use rocket::outcome::Outcome; use rocket::outcome::Outcome;
use rocket::post; use rocket::post;
@ -14,6 +17,14 @@ use serde_json::json;
use super::api_error; use super::api_error;
use super::FallibleApiResponse; use super::FallibleApiResponse;
macro_rules! check_admin {
($u:ident) => {
if !$u.is_admin() {
return Err(api_error("Forbidden"));
}
};
}
#[rocket::async_trait] #[rocket::async_trait]
impl<'r> FromRequest<'r> for User { impl<'r> FromRequest<'r> for User {
type Error = (); type Error = ();
@ -67,11 +78,18 @@ pub async fn passwd_route(passwd: Json<PasswdData>, mut u: User) -> FallibleApiR
})) }))
} }
#[get("/users")]
pub async fn users_route(u: User) -> FallibleApiResponse {
check_admin!(u);
let users: Vec<_> = to_api(&User::find(doc! {}, None).await.unwrap()).await;
Ok(json!({"users": users}))
}
#[post("/userCreate", data = "<user>")] #[post("/userCreate", data = "<user>")]
pub async fn user_create_route(user: Json<LoginData>, u: User) -> FallibleApiResponse { pub async fn user_create_route(user: Json<LoginData>, u: User) -> FallibleApiResponse {
if !u.is_admin() { check_admin!(u);
return Err(api_error("Forbidden"));
}
let new_user = User::create( let new_user = User::create(
&user.username, &user.username,