should write some tests next
This commit is contained in:
parent
31788bb228
commit
fadb61114a
@ -319,82 +319,32 @@ pub async fn admin_login_post(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Maybe add a context?
|
// TODO: Maybe add a context?
|
||||||
let imitating_user = user_pending_login.imitating_user.address?;
|
let imitating_user_id = user_pending_login.imitating_user
|
||||||
|
.context("getting address of the imitating user")?;
|
||||||
|
|
||||||
// TODO: limit columns or load whole user?
|
// TODO: limit columns or load whole user?
|
||||||
// TODO: Right now this loads the whole admin. I assume we might want to load the user though (?) figure this out as we go along...
|
// TODO: Right now this loads the whole admin. I assume we might want to load the user though (?) figure this out as we go along...
|
||||||
let admin = user::Entity::find()
|
let admin = user::Entity::find()
|
||||||
.filter(user::Column::Address.eq(our_msg.address.as_ref()))
|
.filter(user::Column::Address.eq(our_msg.address.as_ref()))
|
||||||
.one(db_replica.conn())
|
.one(db_replica.conn())
|
||||||
.await
|
.await?
|
||||||
.unwrap();
|
.context("getting admin address")?;
|
||||||
|
|
||||||
let u = user::Entity::find()
|
let imitating_user = user::Entity::find()
|
||||||
.filter(user::Column::Address.eq(imitating_user_address.as_ref()))
|
.filter(user::Column::Id.eq(imitating_user_id))
|
||||||
.one(db_replica.conn())
|
.one(db_replica.conn())
|
||||||
|
.await?
|
||||||
|
.context("admin address was not found!")?;
|
||||||
|
|
||||||
|
// I supposed we also get the rpc_key, whatever this is used for (?).
|
||||||
|
// I think the RPC key should still belong to the admin though in this case ...
|
||||||
|
|
||||||
|
// the user is already registered
|
||||||
|
let admin_rpc_key = rpc_key::Entity::find()
|
||||||
|
.filter(rpc_key::Column::UserId.eq(admin.id))
|
||||||
|
.all(db_replica.conn())
|
||||||
.await
|
.await
|
||||||
.unwrap();
|
.context("failed loading user's key")?;
|
||||||
|
|
||||||
let db_conn = app.db_conn().context("login requires a db")?;
|
|
||||||
|
|
||||||
let (u, uks, status_code) = match u {
|
|
||||||
None => {
|
|
||||||
// user does not exist yet
|
|
||||||
|
|
||||||
// check the invite code
|
|
||||||
// TODO: more advanced invite codes that set different request/minute and concurrency limits
|
|
||||||
if let Some(invite_code) = &app.config.invite_code {
|
|
||||||
if query.invite_code.as_ref() != Some(invite_code) {
|
|
||||||
return Err(anyhow::anyhow!("checking invite_code").into());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
let txn = db_conn.begin().await?;
|
|
||||||
|
|
||||||
// the only thing we need from them is an address
|
|
||||||
// everything else is optional
|
|
||||||
// TODO: different invite codes should allow different levels
|
|
||||||
// TODO: maybe decrement a count on the invite code?
|
|
||||||
let u = user::ActiveModel {
|
|
||||||
address: sea_orm::Set(our_msg.address.into()),
|
|
||||||
..Default::default()
|
|
||||||
};
|
|
||||||
|
|
||||||
let u = u.insert(&txn).await?;
|
|
||||||
|
|
||||||
// create the user's first api key
|
|
||||||
let rpc_secret_key = RpcSecretKey::new();
|
|
||||||
|
|
||||||
let uk = rpc_key::ActiveModel {
|
|
||||||
user_id: sea_orm::Set(u.id),
|
|
||||||
secret_key: sea_orm::Set(rpc_secret_key.into()),
|
|
||||||
description: sea_orm::Set(None),
|
|
||||||
..Default::default()
|
|
||||||
};
|
|
||||||
|
|
||||||
let uk = uk
|
|
||||||
.insert(&txn)
|
|
||||||
.await
|
|
||||||
.context("Failed saving new user key")?;
|
|
||||||
|
|
||||||
let uks = vec![uk];
|
|
||||||
|
|
||||||
// save the user and key to the database
|
|
||||||
txn.commit().await?;
|
|
||||||
|
|
||||||
(u, uks, StatusCode::CREATED)
|
|
||||||
}
|
|
||||||
Some(u) => {
|
|
||||||
// the user is already registered
|
|
||||||
let uks = rpc_key::Entity::find()
|
|
||||||
.filter(rpc_key::Column::UserId.eq(u.id))
|
|
||||||
.all(db_replica.conn())
|
|
||||||
.await
|
|
||||||
.context("failed loading user's key")?;
|
|
||||||
|
|
||||||
(u, uks, StatusCode::OK)
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
// create a bearer token for the user.
|
// create a bearer token for the user.
|
||||||
let user_bearer_token = UserBearerToken::default();
|
let user_bearer_token = UserBearerToken::default();
|
||||||
@ -402,15 +352,16 @@ pub async fn admin_login_post(
|
|||||||
// json response with everything in it
|
// json response with everything in it
|
||||||
// we could return just the bearer token, but I think they will always request api keys and the user profile
|
// we could return just the bearer token, but I think they will always request api keys and the user profile
|
||||||
let response_json = json!({
|
let response_json = json!({
|
||||||
"rpc_keys": uks
|
"rpc_keys": admin_rpc_key
|
||||||
.into_iter()
|
.into_iter()
|
||||||
.map(|uk| (uk.id, uk))
|
.map(|uk| (uk.id, uk))
|
||||||
.collect::<HashMap<_, _>>(),
|
.collect::<HashMap<_, _>>(),
|
||||||
"bearer_token": user_bearer_token,
|
"bearer_token": user_bearer_token,
|
||||||
"user": u,
|
"imitating_user": imitating_user,
|
||||||
|
"admin_user": admin,
|
||||||
});
|
});
|
||||||
|
|
||||||
let response = (status_code, Json(response_json)).into_response();
|
let response = (StatusCode::OK, Json(response_json)).into_response();
|
||||||
|
|
||||||
// add bearer to the database
|
// add bearer to the database
|
||||||
|
|
||||||
@ -426,11 +377,13 @@ pub async fn admin_login_post(
|
|||||||
let user_login = login::ActiveModel {
|
let user_login = login::ActiveModel {
|
||||||
id: sea_orm::NotSet,
|
id: sea_orm::NotSet,
|
||||||
bearer_token: sea_orm::Set(user_bearer_token.uuid()),
|
bearer_token: sea_orm::Set(user_bearer_token.uuid()),
|
||||||
user_id: sea_orm::Set(u.id), // Yes, this should be the user ... because the rest of the applications takes this item, from the initial user
|
user_id: sea_orm::Set(imitating_user.id), // Yes, this should be the user ... because the rest of the applications takes this item, from the initial user
|
||||||
expires_at: sea_orm::Set(expires_at),
|
expires_at: sea_orm::Set(expires_at),
|
||||||
read_only: sea_orm::Set(true)
|
read_only: sea_orm::Set(true)
|
||||||
};
|
};
|
||||||
|
|
||||||
|
let db_conn = app.db_conn().context("Getting database connection")?;
|
||||||
|
|
||||||
user_login
|
user_login
|
||||||
.save(&db_conn)
|
.save(&db_conn)
|
||||||
.await
|
.await
|
||||||
|
Loading…
Reference in New Issue
Block a user