will wait for how to login as a third party user

This commit is contained in:
yenicelik 2023-02-11 14:19:33 +00:00
parent b1f18460d1
commit 2ac550f60a
3 changed files with 56 additions and 3 deletions

@ -0,0 +1,25 @@
# docker-compose up -d
# rm -rf data/
# sea-orm-cli migrate up
# Use CLI to create a user
RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a
RUSTFLAGS="--cfg tokio_unstable" cargo run change_admin_status 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a true
# Run the proxyd instance
# cargo run --release -- proxyd
# Check if the instance is running
# curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544
# Login as user first
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
#curl -X GET "127.0.0.1:8544/admin/modify_role?user_address=0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a&user_tier_title=Unlimited"
# Now modify the user role and check this in the database
curl -X GET "127.0.0.1:8544/admin/modify_role?user_address=0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a&user_tier_title=Unlimited"
# docker-compose down

@ -0,0 +1,27 @@
# Admin can login as a user ... (but again, we must first have logged in
# docker-compose up -d
# rm -rf data/
# sea-orm-cli migrate up
RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a
RUSTFLAGS="--cfg tokio_unstable" cargo run change_admin_status 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a true
# Run the proxyd instance
# cargo run --release -- proxyd
# Check if the instance is running
# curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544
# Login as user first
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
# Now modify the user role and check this in the database
# Now we can get a bearer-token to imitate the user
curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
# docker-compose down

@ -15,9 +15,8 @@ use ethers::utils::keccak256;
use hashbrown::HashMap; use hashbrown::HashMap;
use http::StatusCode; use http::StatusCode;
use migration::sea_orm::{self, ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, QueryFilter}; use migration::sea_orm::{self, ActiveModelTrait, ColumnTrait, EntityTrait, IntoActiveModel, QueryFilter};
use log::info; use log::{info, debug};
use redis_rate_limiter::redis::AsyncCommands; use redis_rate_limiter::redis::AsyncCommands;
use crate::frontend::errors::FrontendErrorResponse::AccessDenied;
// TODO: Add some logic to check if the operating user is an admin // TODO: Add some logic to check if the operating user is an admin
// If he is, return true // If he is, return true
@ -61,12 +60,14 @@ pub async fn query_admin_modify_usertier<'a>(
// get the user id first. if it is 0, we should use a cache on the app // get the user id first. if it is 0, we should use a cache on the app
let caller_id = get_user_id_from_params(&mut redis_conn, &db_conn, &db_replica, bearer, &params).await?; let caller_id = get_user_id_from_params(&mut redis_conn, &db_conn, &db_replica, bearer, &params).await?;
debug!("Caller id is: {:?}", caller_id);
// Check if the caller is an admin (i.e. if he is in an admin table) // Check if the caller is an admin (i.e. if he is in an admin table)
let admin: admin::Model = admin::Entity::find() let admin: admin::Model = admin::Entity::find()
.filter(admin::Column::UserId.eq(caller_id)) .filter(admin::Column::UserId.eq(caller_id))
.one(db_replica.conn()) .one(db_replica.conn())
.await? .await?
.ok_or(AccessDenied)?; .ok_or(FrontendErrorResponse::AccessDenied)?;
// If we are here, that means an admin was found, and we can safely proceed // If we are here, that means an admin was found, and we can safely proceed