KitaitiMakoto
/
Plume
forked from Plume/Plume
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
menu
channel
crowdin
igalic/refactor/extract-actors
drone-ci
better-caching
igalic/fix/cargo-release-helper
master
DearRude/force-lang
igalic/go/async-all-mut
go/async
floreal/translations-update
missing-docs
RAOF/fix-arm64-build
epsilon-phase/authorized-fetch
mobile-margins
upgrade
improve-the-editor-once-again
igalic/feat/custom-fairing-domains
feature/ldap
test/dotenv_error
fix-mobile-margin
0.7.2
0.7.1-dev
0.7.0
0.6.0
0.0.0
0.2.0-alpha-1
0.3.0-alpha-2
0.4.0-alpha-4
0.5.0
0.7.1
dev.20220505.05
testtag
testtag2
testtag3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fe6e69d7c4'
${ noResults }
Plume/src/api/mod.rs

87 lines
2.4 KiB
Rust
Raw Blame History

use rocket::{response::{self, Responder}, request::{Form, Request}};
use rocket_contrib::json::Json;
use serde_json;
use plume_common::utils::random_hex;
use plume_models::{
Error,
apps::App,
api_tokens::*,
db_conn::DbConn,
users::User,
};
#[derive(Debug)]
pub struct ApiError(Error);
impl From<Error> for ApiError {
fn from(err: Error) -> ApiError {
ApiError(err)
}
}
impl<'r> Responder<'r> for ApiError {
fn respond_to(self, req: &Request) -> response::Result<'r> {
match self.0 {
Error::NotFound => Json(json!({
"error": "Not found"
})).respond_to(req),
Error::Unauthorized => Json(json!({
"error": "You are not authorized to access this resource"
})).respond_to(req),
_ => Json(json!({
"error": "Server error"
})).respond_to(req)
}
}
}
#[derive(FromForm)]
pub struct OAuthRequest {
client_id: String,
client_secret: String,
password: String,
username: String,
scopes: String,
}
#[get("/oauth2?<query..>")]
pub fn oauth(query: Form<OAuthRequest>, conn: DbConn) -> Result<Json<serde_json::Value>, ApiError> {
let app = App::find_by_client_id(&*conn, &query.client_id)?;
if app.client_secret == query.client_secret {
if let Ok(user) = User::find_by_fqn(&*conn, &query.username) {
if user.auth(&query.password) {
let token = ApiToken::insert(&*conn, NewApiToken {
app_id: app.id,
user_id: user.id,
value: random_hex(),
scopes: query.scopes.clone(),
})?;
Ok(Json(json!({
"token": token.value
})))
} else {
Ok(Json(json!({
"error": "Invalid credentials"
})))
}
} else {
// Making fake password verification to avoid different
// response times that would make it possible to know
// if a username is registered or not.
User::get(&*conn, 1)?.auth(&query.password);
Ok(Json(json!({
"error": "Invalid credentials"
})))
}
} else {
Ok(Json(json!({
"error": "Invalid client_secret"
})))
}
}
pub mod apps;
pub mod authorization;
pub mod posts;
Reference in New Issue View Git Blame Copy Permalink