delete tokens
This commit is contained in:
parent
05c8dd36e3
commit
392d9642b7
41
src/api.rs
41
src/api.rs
|
|
@ -1,4 +1,5 @@
|
|||
use crate::{jwt, models, schema, MainDatabase};
|
||||
use chrono::prelude::*;
|
||||
use color_eyre::eyre::Report;
|
||||
use diesel::prelude::*;
|
||||
use rocket::http::{ContentType, Status};
|
||||
|
|
@ -19,6 +20,45 @@ pub fn get_user(user: models::User, uuid: Uuid) -> Result<Json<models::User>> {
|
|||
Ok(Json(user))
|
||||
}
|
||||
|
||||
#[tracing::instrument]
|
||||
#[get("/whoami")]
|
||||
pub fn whoami(user: models::User) -> Json<models::User> {
|
||||
Json(user)
|
||||
}
|
||||
|
||||
#[tracing::instrument(skip(conn))]
|
||||
#[get("/token")]
|
||||
pub fn get_tokens(user: models::User, conn: MainDatabase) -> Result<Json<Vec<models::Token>>> {
|
||||
use schema::tokens::dsl::*;
|
||||
|
||||
Ok(Json(
|
||||
tokens
|
||||
.filter(user_id.eq(user.id))
|
||||
.load::<models::Token>(&*conn)
|
||||
.map_err(Error::Database)?,
|
||||
))
|
||||
}
|
||||
|
||||
#[tracing::instrument(skip(conn))]
|
||||
#[delete("/token/<uuid>")]
|
||||
pub fn delete_token(user: models::User, conn: MainDatabase, uuid: Uuid) -> Result {
|
||||
use schema::tokens::dsl::*;
|
||||
let uuid = uuid.into_inner();
|
||||
|
||||
let tok: models::Token = tokens.find(uuid.clone())
|
||||
.get_result(&*conn).map_err(Error::Database)?;
|
||||
|
||||
if tok.user_id != user.id && !user.is_admin {
|
||||
return Err(Error::LackPermissions);
|
||||
}
|
||||
|
||||
diesel::update(tokens.find(uuid))
|
||||
.set(deleted_at.eq(Utc::now().naive_utc()))
|
||||
.get_result::<models::Token>(&*conn)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[derive(thiserror::Error, Debug)]
|
||||
pub enum Error {
|
||||
#[error("internal database error: {0}")]
|
||||
|
|
@ -89,7 +129,6 @@ impl<'a, 'r> FromRequest<'a, 'r> for models::User {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
1 => {
|
||||
let tok = keys[0].to_string();
|
||||
|
|
|
|||
10
src/main.rs
10
src/main.rs
|
|
@ -125,7 +125,15 @@ fn main() -> Result<()> {
|
|||
.attach(OAuth2::<Gitea>::fairing("gitea"))
|
||||
.attach(MainDatabase::fairing())
|
||||
.attach(SpaceHelmet::default())
|
||||
.mount("/api", routes![api::get_user])
|
||||
.mount(
|
||||
"/api",
|
||||
routes![
|
||||
api::whoami,
|
||||
api::get_user,
|
||||
api::get_tokens,
|
||||
api::delete_token
|
||||
],
|
||||
)
|
||||
.mount("/", routes![gitea_login, gitea_callback])
|
||||
.launch();
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue