currently also have to specify the admin user calling the request. also added a tiny manual test to imitate user. will add trails next

This commit is contained in:
yenicelik 2023-02-15 15:20:16 +01:00
parent 7bf1d6e95a
commit 85bec3aaf0
5 changed files with 30 additions and 23 deletions

@ -1,5 +1,5 @@
# docker-compose up -d
# rm -rf data/
# docker-compose up -d
# sea-orm-cli migrate up
# Use CLI to create the admin that will call the endpoint

@ -1,27 +1,38 @@
# Admin can login as a user ... (but again, we must first have logged in
# docker-compose up -d
# rm -rf data/
# docker-compose up -d
# sea-orm-cli migrate up
# Use CLI to create the admin that will call the endpoint
RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a
RUSTFLAGS="--cfg tokio_unstable" cargo run change_admin_status 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a true
# Use CLI to create the user whose role will be changed via the endpoint
RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0x077e43dcca20da9859daa3fd78b5998b81f794f7
# Run the proxyd instance
# cargo run --release -- proxyd
RUSTFLAGS="--cfg tokio_unstable" cargo run --release -- proxyd
# Check if the instance is running
# curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544
curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544
# Login as user first
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
# Open this website to get the nonce to log in
curl \
-H "Authorization: Bearer 01GSANKVBB22D5P2351P4Y42NV" \
-X GET "http://127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/0x077e43dcca20da9859daa3fd78b5998b81f794f7"
# Use this site to sign a message
# https://www.myetherwallet.com/wallet/sign (whatever is output with the above code)
curl -X POST http://127.0.0.1:8544/admin/imitate-login \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer 01GSANKVBB22D5P2351P4Y42NV" \
-d '{"address": "0xeb3e928a2e54be013ef8241d4c9eaf4dfae94d5a", "msg": "0x6c6c616d616e6f6465732e636f6d2077616e747320796f7520746f207369676e20696e207769746820796f757220457468657265756d206163636f756e743a0a3078654233453932384132453534424530313345463832343164344339456146344466414539344435610a0af09fa699f09fa699f09fa699f09fa699f09fa6990a0a5552493a2068747470733a2f2f6c6c616d616e6f6465732e636f6d2f0a56657273696f6e3a20310a436861696e2049443a20310a4e6f6e63653a20303147534150545132413932415332435752563158504d4347470a4973737565642041743a20323032332d30322d31355431343a31343a33352e3835303636385a0a45787069726174696f6e2054696d653a20323032332d30322d31355431343a33343a33352e3835303636385a", "sig": "d5fed789e98769b8b726a79f222f2e06476de15948d35c167c4f294bb98edf42244edc703b6d729e5d08bd73c318fc9729b985022229c7669a945d64da47ab641c", "version": "3", "signer": "MEW"}'
# Now modify the user role and check this in the database
# 01GSAMMWQ41TVVH3DH8MSEP8X6
# Now we can get a bearer-token to imitate the user
curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
curl \
-H "Authorization: Bearer 01GSAPZNVZ96ADJAEZ1VTRSA5T" \
-X GET "127.0.0.1:8544/user/keys"
# docker-compose down

@ -65,7 +65,7 @@ pub async fn query_admin_modify_usertier<'a>(
// Check if the caller is an admin (i.e. if he is in an admin table)
let admin: admin::Model = admin::Entity::find()
.filter(admin::Column::UserId.eq(caller_id))
.one(db_replica.conn())
.one(&db_conn)
.await?
.ok_or(FrontendErrorResponse::AccessDenied)?;
@ -74,7 +74,7 @@ pub async fn query_admin_modify_usertier<'a>(
// Fetch the admin, and the user
let user: user::Model = user::Entity::find()
.filter(user::Column::Address.eq(user_address))
.one(db_replica.conn())
.one(&db_conn)
.await?
.ok_or(FrontendErrorResponse::BadRequest("No user with this id found".to_string()))?;
// Return early if the target user_tier_id is the same as the original user_tier_id
@ -86,7 +86,7 @@ pub async fn query_admin_modify_usertier<'a>(
// Now we can modify the user's tier
let new_user_tier: user_tier::Model = user_tier::Entity::find()
.filter(user_tier::Column::Title.eq(user_tier_title.clone()))
.one(db_replica.conn())
.one(&db_conn)
.await?
.ok_or(FrontendErrorResponse::BadRequest("User Tier name was not found".to_string()))?;
@ -105,7 +105,7 @@ pub async fn query_admin_modify_usertier<'a>(
// Query the login table, and get all bearer tokens by this user
let bearer_tokens = login::Entity::find()
.filter(login::Column::UserId.eq(user.id))
.all(db_replica.conn())
.all(&db_conn)
.await?;
// Now delete these tokens ...

@ -173,11 +173,7 @@ pub async fn admin_login_get(
.filter(user::Column::Address.eq(user_address))
.one(db_replica.conn())
.await?
.ok_or(FrontendErrorResponse::StatusCode(
StatusCode::BAD_REQUEST,
"Could not find user in db".to_string(),
None,
))?;
.ok_or(FrontendErrorResponse::BadRequest("Could not find user in db".to_string()))?;
// Can there be two login-sessions at the same time?
// I supposed if the user logs in, the admin would be logged out and vice versa

@ -170,9 +170,9 @@ pub async fn serve(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()
.route("/user/stats/detailed", get(users::user_stats_detailed_get))
.route("/user/logout", post(users::user_logout_post))
.route("/admin/modify_role", get(admin::admin_change_user_roles))
.route("/admin/imitate-login/:user_address", get(admin::admin_login_get))
.route("/admin/imitate-login/:admin_address/:user_address", get(admin::admin_login_get))
.route(
"/admin/imitate-login/:user_address/:message_eip",
"/admin/imitate-login/:admin_address/:user_address/:message_eip",
get(admin::admin_login_get),
)
.route("/admin/imitate-login", post(admin::admin_login_post))