ffplayout/src/api/routes.rs

use actix_web::{get, http::StatusCode, post, web, Responder};
use argon2::{password_hash::PasswordHash, Argon2, PasswordVerifier};
use serde::Serialize;
use simplelog::*;

use crate::api::{handles::get_login, models::User};

#[get("/hello/{name}")]
async fn greet(name: web::Path<String>) -> impl Responder {
    format!("Hello {name}!")
}

#[derive(Serialize)]
struct ResponseObj<T> {
    message: String,
    status: i32,
    data: Option<T>,
}

/// curl -X POST -H "Content-Type: application/json" -d '{"username": "USER", "password": "abc123" }' http://127.0.0.1:8080/auth/login/
#[post("/auth/login/")]
pub async fn login(credentials: web::Json<User>) -> impl Responder {
    match get_login(&credentials.username).await {
        Ok(mut user) => {
            let pass = user.password.clone();
            user.password = "".into();
            user.salt = None;

            let hash = PasswordHash::new(&pass).unwrap();
            if Argon2::default()
                .verify_password(credentials.password.as_bytes(), &hash)
                .is_ok()
            {
                info!("user {} login", credentials.username);

                web::Json(ResponseObj {
                    message: "login correct!".into(),
                    status: 200,
                    data: Some(user),
                })
                .customize()
                .with_status(StatusCode::OK)
            } else {
                error!("Wrong password for {}!", credentials.username);
                web::Json(ResponseObj {
                    message: "Wrong password!".into(),
                    status: 401,
                    data: None,
                })
                .customize()
                .with_status(StatusCode::FORBIDDEN)
            }
        }
        Err(e) => {
            error!("Login {} failed! {e}", credentials.username);
            return web::Json(ResponseObj {
                message: format!("Login {} failed!", credentials.username),
                status: 400,
                data: None,
            })
            .customize()
            .with_status(StatusCode::BAD_REQUEST);
        }
    }
}
add status 2022-06-08 18:16:58 +02:00			`use actix_web::{get, http::StatusCode, post, web, Responder};`
add login 2022-06-07 22:05:35 +02:00			`use argon2::{password_hash::PasswordHash, Argon2, PasswordVerifier};`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`use serde::Serialize;`
add login 2022-06-07 22:05:35 +02:00			`use simplelog::*;`
start with API 2022-06-06 23:07:11 +02:00
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`use crate::api::{handles::get_login, models::User};`

start with API 2022-06-06 23:07:11 +02:00			`#[get("/hello/{name}")]`
			`async fn greet(name: web::Path<String>) -> impl Responder {`
			`format!("Hello {name}!")`
			`}`

cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`#[derive(Serialize)]`
			`struct ResponseObj<T> {`
			`message: String,`
			`status: i32,`
			`data: Option<T>,`
work on login route 2022-06-07 18:11:46 +02:00			`}`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00
add login 2022-06-07 22:05:35 +02:00			`/// curl -X POST -H "Content-Type: application/json" -d '{"username": "USER", "password": "abc123" }' http://127.0.0.1:8080/auth/login/`
work on login route 2022-06-07 18:11:46 +02:00			`#[post("/auth/login/")]`
			`pub async fn login(credentials: web::Json<User>) -> impl Responder {`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`match get_login(&credentials.username).await {`
			`Ok(mut user) => {`
			`let pass = user.password.clone();`
			`user.password = "".into();`
			`user.salt = None;`
add login 2022-06-07 22:05:35 +02:00
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`let hash = PasswordHash::new(&pass).unwrap();`
add login 2022-06-07 22:05:35 +02:00			`if Argon2::default()`
			`.verify_password(credentials.password.as_bytes(), &hash)`
			`.is_ok()`
			`{`
			`info!("user {} login", credentials.username);`
work on login route 2022-06-07 18:11:46 +02:00
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`web::Json(ResponseObj {`
			`message: "login correct!".into(),`
			`status: 200,`
			`data: Some(user),`
			`})`
add status 2022-06-08 18:16:58 +02:00			`.customize()`
			`.with_status(StatusCode::OK)`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`} else {`
			`error!("Wrong password for {}!", credentials.username);`
			`web::Json(ResponseObj {`
			`message: "Wrong password!".into(),`
			`status: 401,`
			`data: None,`
			`})`
add status 2022-06-08 18:16:58 +02:00			`.customize()`
			`.with_status(StatusCode::FORBIDDEN)`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`}`
			`}`
			`Err(e) => {`
			`error!("Login {} failed! {e}", credentials.username);`
			`return web::Json(ResponseObj {`
			`message: format!("Login {} failed!", credentials.username),`
add status 2022-06-08 18:16:58 +02:00			`status: 400,`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`data: None,`
add status 2022-06-08 18:16:58 +02:00			`})`
			`.customize()`
			`.with_status(StatusCode::BAD_REQUEST);`
cleanup code, reponse object 2022-06-08 18:06:40 +02:00			`}`
			`}`
work on login route 2022-06-07 18:11:46 +02:00			`}`