L-Nafaryus/elnafo
L-Nafaryus/elnafo
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: L-Nafaryus:e868c87a7ecdd290f9ba4a484dc66a18a525a905
Branches Tags
L-Nafaryus:master
..
compare: L-Nafaryus:1b0e5d53c2b3c3ee232f91319b22929e1a690d6c
Branches Tags
L-Nafaryus:master

No commits in common. "e868c87a7ecdd290f9ba4a484dc66a18a525a905" and "1b0e5d53c2b3c3ee232f91319b22929e1a690d6c" have entirely different histories.
e868c87a7e ... 1b0e5d53c2

14 changed files with 87 additions and 219 deletions
Show Stats Expand all files Collapse all files

11
crates/frontend/src/api-client.ts
View File

@ -1,11 +0,0 @@
import axios, { type AxiosInstance } from "axios";
const api_client: AxiosInstance = axios.create({
baseURL: import.meta.hot ? "http://localhost:54600/api/v1" : "/api/v1",
headers: {
"Content-Type": "application/json"
},
withCredentials: true,
});
export default api_client;

5
crates/frontend/src/components/Error.vue
View File

@ -1,5 +0,0 @@
<template>
<h1>
<slot></slot>
</h1>
</template>

25
crates/frontend/src/components/Login.vue
View File

@ -1,21 +1,30 @@
<script setup lang="ts"> <script setup lang="ts">
import { ref } from "vue"; import { ref } from 'vue';
import router from "@/router"; import router from '@/router';
import User from "@/services/user";
const email = defineModel("email"); const email = defineModel("email");
const password = defineModel("password"); const password = defineModel("password");
const errorMessage = ref(null); const errorMessage = ref(null);
async function login() { async function login() {
await User.login(email.value, password.value) await fetch(import.meta.hot ? "http://localhost:54600/api/v1/user/login" : "/api/v1/user/login", {
method: "POST",
headers: {
"Content-Type": "application/json",
},
credentials: "include",
body: JSON.stringify({ email: email.value, password: password.value })
})
.then(async response => { .then(async response => {
if (response.status != 200) { //const isJson = response.headers.get('content-type')?.includes('application/json');
return Promise.reject(response.data && response.data.message || response.status); const data = await response.json();
if (!response.ok) {
const error = (data && data.message) || response.status;
return Promise.reject(error);
} }
const login = response.data.user.login; router.push({ path: '/me' });
router.push({ path: `/${login}` });
}) })
.catch(error => { .catch(error => {
errorMessage.value = error; errorMessage.value = error;

9
crates/frontend/src/router.ts
View File

@ -1,12 +1,11 @@
import { createRouter, createWebHistory } from "vue-router"; import { createRouter, createWebHistory } from 'vue-router';
const router = createRouter({ const router = createRouter({
history: createWebHistory(), history: createWebHistory(),
routes: [ routes: [
{ path: "/", component: () => import("@/views/Home.vue") }, { path: '/', component: () => import('./views/Home.vue') },
{ path: "/user/login", component: () => import("@/views/SignIn.vue") }, { path: '/user/login', component: () => import('./views/SignIn.vue') },
{ path: "/:user", name: "User", component: () => import("@/views/User.vue") }, { path: '/me', component: () => import('./views/Me.vue') }
{ path: "/:pathMatch(.*)*", component: () => import("@/views/Error.vue") }
] ]
}); });

17
crates/frontend/src/services/user.ts
View File

@ -1,17 +0,0 @@
import api_client from "@/api-client";
class User {
async login(email: string, password: string): Promise<JSON> {
return await api_client.post("/user/login", JSON.stringify({ email: email, password: password }));
}
async get(login: any): Promise<JSON> {
return await api_client.get(`/user/${login}`);
}
async current(): Promise<JSON> {
return await api_client.get("/user/current");
}
}
export default new User();

26
crates/frontend/src/views/Base.vue
View File

@ -1,25 +1,10 @@
<script setup lang="ts"> <script setup lang="ts">
import Meerkat from '@/components/icons/Meerkat.vue'; import Meerkat from '@/components/icons/Meerkat.vue';
import NavBar from '@/components/NavBar.vue'; import NavBar from '@/components/NavBar.vue';
import User from "@/services/user";
import { ref, onMounted } from 'vue';
const user = ref(null); function next() {
window.location.pathname = "/me";
onMounted(async () => {
await User.current()
.then(async response => {
if (response.status != 200) {
return Promise.reject(response.data && response.data.message || response.status);
}; };
if (response.data.hasOwnProperty("user")) {
user.value = response.data.user;
};
})
.catch(e => {
console.error("Error occured:", e);
});
});
</script> </script>
<template> <template>
@ -29,11 +14,10 @@ onMounted(async () => {
<Meerkat /> <Meerkat />
</template> </template>
<template #right> <template #right>
<RouterLink v-if="user" class="flex min-w-9 min-h-9 pt-1 pb-1 pl-3 pr-3 rounded hover:bg-zinc-600" <RouterLink class="flex min-w-9 min-h-9 pt-1 pb-1 pl-3 pr-3 rounded hover:bg-zinc-600" to="/user/login">
:to="{ name: 'User', params: { user: user.login } }">{{ user.name }}</RouterLink>
<RouterLink v-if="!user" class="flex min-w-9 min-h-9 pt-1 pb-1 pl-3 pr-3 rounded hover:bg-zinc-600"
to="/user/login">
Sign In</RouterLink> Sign In</RouterLink>
<a class="flex min-w-9 min-h-9 pt-1 pb-1 pl-3 pr-3 rounded hover:bg-zinc-600" href="/user/register">Sign
up</a>
</template> </template>
</NavBar> </NavBar>

10
crates/frontend/src/views/Error.vue
View File

@ -1,10 +0,0 @@
<script setup lang="ts">
import Base from "@/views/Base.vue";
import Error from "@/components/Error.vue";
</script>
<template>
<Base>
<Error>Not Found</Error>
</Base>
</template>

47
crates/frontend/src/views/Me.vue Normal file
View File

@ -0,0 +1,47 @@
<script setup lang="ts">
import Base from '@/views/Base.vue';
import { ref, onMounted } from 'vue';
import axios from 'axios';
const email = ref(null);
const name = ref(null);
const is_admin = ref(null);
const errorMessage = ref(null);
onMounted(async () => {
const asd = await fetch(import.meta.hot ? "http://localhost:54600/api/v1/user/profile" : "/api/v1/user/profile", {
method: "GET",
headers: {
"Content-Type": "application/json",
},
credentials: "include",
})
.then(async response => {
const isJson = response.headers.get('content-type')?.includes('application/json');
const data = isJson && await response.json();
if (!response.ok) {
const error = (data && data.message) || response.status;
return Promise.reject(error);
}
name.value = data.user.name;
email.value = data.user.email;
is_admin.value = data.user.is_admin;
})
.catch(error => {
errorMessage.value = error;
console.error("Error occured:", error);
});
})
</script>
<template>
<Base>
<p v-if="errorMessage" class="text-center pt-3 pb-3 bg-orange-900 rounded border border-orange-700">{{
errorMessage }}</p>
<p>{{ name }}</p>
<p>{{ email }}</p>
<p>{{ is_admin }}</p>
</Base>
</template>

0
crates/frontend/src/views/NotFound.vue Normal file
View File

54
crates/frontend/src/views/User.vue
View File

@ -1,54 +0,0 @@
<script setup lang="ts">
import Base from '@/views/Base.vue';
import Error from "@/components/Error.vue";
import { ref, onMounted, watch } from 'vue';
import { onBeforeRouteUpdate, useRoute } from 'vue-router'
import User from "@/services/user";
const route = useRoute();
const name = ref(null);
const error = ref(null);
onMounted(async () => {
await User.get(route.params.user)
.then(async response => {
if (response.status != 200) {
return Promise.reject(response.data && response.data.message || response.status);
};
if (response.data.hasOwnProperty("user")) {
name.value = response.data.user.name;
} else {
error.value = "404 Not Found";
};
})
.catch(e => {
console.error("Error occured:", e);
});
});
watch(() => route.params.user, async (to, from) => {
await User.get(route.params.user)
.then(async response => {
if (response.status != 200) {
return Promise.reject(response.data && response.data.message || response.status);
};
if (response.data.hasOwnProperty("user")) {
name.value = response.data.user.name;
} else {
error.value = "404 Not Found";
};
})
.catch(e => {
console.error("Error occured:", e);
});
});
</script>
<template>
<Base>
<div v-if="error">
<Error>{{ error }}</Error>
</div>
<p v-else>{{ name }}</p>
</Base>
</template>

39
src/api/v1/middleware.rs
View File

@ -3,10 +3,9 @@ use std::sync::Arc;
use axum::{ use axum::{
body::Body, body::Body,
extract::{Request, State}, extract::{Request, State},
http::{header, StatusCode}, http::header,
middleware::Next, middleware::Next,
response::IntoResponse, response::IntoResponse,
Json,
}; };
use axum_extra::extract::CookieJar; use axum_extra::extract::CookieJar;
@ -15,7 +14,7 @@ use crate::{db::user::User, state::AppState};
use super::errors::AuthError; use super::errors::AuthError;
use super::token::TokenClaims; use super::token::TokenClaims;
pub async fn jwt( pub async fn jwt_auth(
cookie_jar: CookieJar, cookie_jar: CookieJar,
State(state): State<Arc<AppState>>, State(state): State<Arc<AppState>>,
mut req: Request<Body>, mut req: Request<Body>,
@ -28,8 +27,13 @@ pub async fn jwt(
req.headers() req.headers()
.get(header::AUTHORIZATION) .get(header::AUTHORIZATION)
.and_then(|auth_header| auth_header.to_str().ok()) .and_then(|auth_header| auth_header.to_str().ok())
.and_then(|auth_value| auth_value.strip_prefix("Bearer ")) .and_then(|auth_value| {
.map(|auth_token| auth_token.to_owned()) if auth_value.starts_with("Bearer ") {
Some(auth_value[7..].to_owned())
} else {
None
}
})
}); });
let token = token.ok_or_else(|| AuthError::MissingToken)?; let token = token.ok_or_else(|| AuthError::MissingToken)?;
@ -47,28 +51,3 @@ pub async fn jwt(
req.extensions_mut().insert(user); req.extensions_mut().insert(user);
Ok(next.run(req).await) Ok(next.run(req).await)
} }
pub async fn jwt_auth(
cookie_jar: CookieJar,
State(state): State<Arc<AppState>>,
mut req: Request<Body>,
next: Next,
) -> Result<impl IntoResponse, StatusCode> {
let token = cookie_jar
.get("token")
.map(|cookie| cookie.value().to_string())
.or_else(|| {
req.headers()
.get(header::AUTHORIZATION)
.and_then(|auth_header| auth_header.to_str().ok())
.and_then(|auth_value| auth_value.strip_prefix("Bearer "))
.map(|auth_token| auth_token.to_owned())
});
let user_id = token
.and_then(|token| TokenClaims::validate(token, state.config.jwt.secret.to_owned()).ok())
.and_then(|claims| uuid::Uuid::parse_str(&claims.sub).ok());
req.extensions_mut().insert(user_id);
Ok(next.run(req).await)
}

6
src/api/v1/mod.rs
View File

@ -34,11 +34,7 @@ pub fn routes(state: Arc<AppState>) -> Router {
.route("/v1/user/remove", post(user::remove)) .route("/v1/user/remove", post(user::remove))
.route("/v1/user/login", post(user::login)) .route("/v1/user/login", post(user::login))
.route("/v1/user/logout", get(user::logout)) .route("/v1/user/logout", get(user::logout))
.route( .route("/v1/user/profile", get(user::profile).route_layer(jwt))
"/v1/user/current",
get(user::current).route_layer(jwt.to_owned()),
)
.route("/v1/user/:login", get(user::profile).route_layer(jwt))
.layer(cors) .layer(cors)
.fallback(fallback) .fallback(fallback)
.with_state(state) .with_state(state)

48
src/api/v1/user.rs
View File

@ -1,6 +1,5 @@
use argon2::Argon2; use argon2::Argon2;
use argon2::{PasswordHash, PasswordVerifier}; use argon2::{PasswordHash, PasswordVerifier};
use axum::extract::Path;
use axum::Extension; use axum::Extension;
use axum::{ use axum::{
extract::State, extract::State,
@ -30,7 +29,6 @@ pub struct RegisterUser {
#[derive(serde::Serialize)] #[derive(serde::Serialize)]
pub struct FilteredUser { pub struct FilteredUser {
pub id: String, pub id: String,
pub login: String,
pub name: String, pub name: String,
pub email: String, pub email: String,
pub is_admin: bool, pub is_admin: bool,
@ -45,7 +43,6 @@ impl FilteredUser {
pub fn from(user: &User) -> Self { pub fn from(user: &User) -> Self {
FilteredUser { FilteredUser {
id: user.id.to_string(), id: user.id.to_string(),
login: user.login.to_string(),
name: user.name.to_owned(), name: user.name.to_owned(),
email: user.email.to_owned(), email: user.email.to_owned(),
is_admin: user.is_admin, is_admin: user.is_admin,
@ -140,7 +137,7 @@ pub async fn login(
.http_only(true); .http_only(true);
let mut response = let mut response =
Json(json!({"status": StatusCode::OK.to_string(), "token": token, "user": json!(FilteredUser::from(&user))})).into_response(); Json(json!({"status": StatusCode::OK.to_string(), "token": token})).into_response();
response response
.headers_mut() .headers_mut()
.insert(header::SET_COOKIE, cookie.to_string().parse().unwrap()); .insert(header::SET_COOKIE, cookie.to_string().parse().unwrap());
@ -165,48 +162,9 @@ pub async fn logout() -> Result<impl IntoResponse, (StatusCode, Json<serde_json:
} }
pub async fn profile( pub async fn profile(
State(state): State<Arc<AppState>>, Extension(user): Extension<User>,
Extension(user_id): Extension<Option<uuid::Uuid>>,
Path(login): Path<String>,
) -> Result<impl IntoResponse, (StatusCode, Json<serde_json::Value>)> { ) -> Result<impl IntoResponse, (StatusCode, Json<serde_json::Value>)> {
let user = User::find(&state.database, User::by_login(login))
.await
.map_err(|_| ())
.unwrap();
let response = if let Some(user) = user {
json!({"status": StatusCode::OK.to_string(), "user": json!(FilteredUser::from(&user))})
} else {
json!({"status": StatusCode::NOT_FOUND.to_string()})
};
Ok(Json(response))
}
pub async fn current(
State(state): State<Arc<AppState>>,
Extension(user_id): Extension<Option<uuid::Uuid>>,
) -> Result<impl IntoResponse, AuthError<impl std::error::Error>> {
let user = get_user(state, user_id).await?;
Ok(Json( Ok(Json(
json!({"status": StatusCode::OK.to_string(), "user": json!(FilteredUser::from(&user))}), json!({"status":"success","user":json!(FilteredUser::from(&user))}),
)) ))
} }
async fn get_user(
state: Arc<AppState>,
user_id: Option<uuid::Uuid>,
) -> Result<User, AuthError<impl std::error::Error>> {
let user = if let Some(user_id) = user_id {
User::find(&state.database, User::by_id(user_id))
.await
.map_err(AuthError::InternalError)
} else {
Err(AuthError::InvalidCredentials)
};
let user = user?.ok_or_else(|| AuthError::MissingUser)?;
Ok(user)
}

7
src/db/user.rs
View File

@ -102,13 +102,6 @@ impl User {
.filter(users::id.eq(id)) .filter(users::id.eq(id))
} }
pub fn by_login(login: String) -> BoxedQuery<'static> {
users::table
.into_boxed()
.select(User::as_select())
.filter(users::login.eq(login))
}
pub async fn find( pub async fn find(
pool: &Pool, pool: &Pool,
query: BoxedQuery<'static>, query: BoxedQuery<'static>,