dermy-api/src/account.rs

pub mod db;

use axum::{
    body::Body,
    Json, 
    response::Response,
    Router,
    routing::{get, post}
};
use crate::ApiResult;
use db::{get_users, User};
use http::{header::HeaderMap, StatusCode};
use mongodb::bson::{doc, oid::ObjectId};


pub fn router() -> Router {
    Router::new()
        .route("/sign-in",
            get(get_sign_in)
            .post(post_sign_in)
        )
        .route("/sign-up",
            post(post_sign_up))
        .route("/sign-out",
            post(post_sign_out))
        .route("/backup",
            post(post_backup)
        )
        .route("/restore",
            get(get_restore)
        )
}

pub async fn get_sign_in(Json(body): Json<User>) -> ApiResult {
    let db = get_users().await?;
    let query = doc! {
        "$expr": { "$eq": ["$username", body.username] }
    };

    match db.find_one(query, None).await? {
        Some(user) => {  
            Ok(Response::builder()
                .status(StatusCode::CREATED)
                .body(Body::from(user.auth.unwrap().salt.unwrap()))?)
        },
        None => {
            Ok(Response::builder()
                .status(StatusCode::NOT_FOUND)
                .body(Body::from("User does not exist"))?)
        }
    }
}

pub async fn post_sign_in(Json(body): Json<User>) -> ApiResult {
    let db = get_users().await?;
    let api = ObjectId::new();
    let query = doc! {
        "$expr": {
            "$and": [
            { "$eq": ["$username", body.username]},
            { "$eq": ["$_auth._hash", body.auth.unwrap_or_default().hash]}
            ]
        }
    };
    let update = doc! {
        "$set": {
            "_auth._api": api 
        }
    };

    match db.find_one(query.clone(), None).await? {
        Some(_user) => {
            db.update_one(query, update, None).await?;

            Ok(Response::builder()
                .status(StatusCode::OK)
                .body(Body::from(api.to_string()))?)
        },
        None => {
            Ok(Response::builder()
                .status(StatusCode::UNAUTHORIZED)
                .body(Body::from("Username or password is incorrect"))?)
        },
    }
}

pub async fn post_sign_up(Json(body): Json<User>) -> ApiResult {
    let db = get_users().await?;
    let auth = body.clone().auth.unwrap_or_default();
    let query = doc! {
        "$expr": {
            "$and": [
            { "$eq": ["$username", &body.username] },
            { "$eq": ["$_auth._hash", &auth.hash]},
            { "$eq": ["$_auth._salt", &auth.salt]}
            ]
        }
    };
    
    match db.find_one(query, None).await? {
        Some(_user) => {
            Ok(Response::builder()
                .status(StatusCode::NOT_ACCEPTABLE)
                .body(Body::from("Username is already taken"))?)
        },
        None => {
            db.insert_one(body, None).await?;

            Ok(Response::builder()
                .status(StatusCode::CREATED)
                .body(Body::from("Account created successfully"))?)
        }
    }
}


pub async fn post_sign_out(headers: HeaderMap) -> ApiResult {
    let db = get_users().await?;
    let api = headers["api_key"].to_str()?;

    let query = doc! {
        "$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(api)?] }
    };
    let update = doc! {
        "$unset": {
            "_auth._api": ObjectId::new()
        }
    };

    match db.find_one(query.clone(), None).await? {
        Some(_user) => {
            db.update_one(query, update, None).await?;
            Ok(Response::builder()
                .status(StatusCode::OK)
                .body(Body::from("Sign out successful"))?)
        },
        None => {
            Ok(Response::builder()
                .status(StatusCode::NOT_ACCEPTABLE)
                .body(Body::from("User does not exist"))?)
        },
    }
}

pub async fn post_backup() {} //TODO: Backup

pub async fn get_restore() {} //TODO: restore
AuthSession in progress 2024-06-07 01:24:42 +00:00			`pub mod db;`

refactor 2024-06-06 18:21:12 +00:00			`use axum::{`
account finished, logging added 2024-06-07 17:59:35 +00:00			`body::Body,`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`Json,`
account finished, logging added 2024-06-07 17:59:35 +00:00			`response::Response,`
			`Router,`
			`routing::{get, post}`
refactor 2024-06-06 18:21:12 +00:00			`};`
updates 2024-06-08 15:36:06 +00:00			`use crate::ApiResult;`
get salt 2024-06-07 15:37:00 +00:00			`use db::{get_users, User};`
auth loop complete 2024-06-07 21:29:49 +00:00			`use http::{header::HeaderMap, StatusCode};`
			`use mongodb::bson::{doc, oid::ObjectId};`
refactor 2024-06-06 18:21:12 +00:00
db inits 2024-06-06 19:43:32 +00:00
refactor 2024-06-06 18:21:12 +00:00			`pub fn router() -> Router {`
			`Router::new()`
			`.route("/sign-in",`
			`get(get_sign_in)`
			`.post(post_sign_in)`
			`)`
auth loop complete 2024-06-07 21:29:49 +00:00			`.route("/sign-up",`
			`post(post_sign_up))`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`.route("/sign-out",`
			`post(post_sign_out))`
refactor 2024-06-06 18:21:12 +00:00			`.route("/backup",`
			`post(post_backup)`
			`)`
			`.route("/restore",`
			`get(get_restore)`
			`)`
			`}`

auth loop complete 2024-06-07 21:29:49 +00:00			`pub async fn get_sign_in(Json(body): Json<User>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let query = doc! {`
			`"$expr": { "$eq": ["$username", body.username] }`
			`};`
get salt 2024-06-07 15:37:00 +00:00
			`match db.find_one(query, None).await? {`
auth loop complete 2024-06-07 21:29:49 +00:00			`Some(user) => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::CREATED)`
auth loop complete 2024-06-07 21:29:49 +00:00			`.body(Body::from(user.auth.unwrap().salt.unwrap()))?)`
get salt 2024-06-07 15:37:00 +00:00			`},`
			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_FOUND)`
			`.body(Body::from("User does not exist"))?)`
get salt 2024-06-07 15:37:00 +00:00			`}`
			`}`
			`}`
signin, signout, signup 2024-06-07 14:30:16 +00:00
auth loop complete 2024-06-07 21:29:49 +00:00			`pub async fn post_sign_in(Json(body): Json<User>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let api = ObjectId::new();`
			`let query = doc! {`
			`"$expr": {`
			`"$and": [`
			`{ "$eq": ["$username", body.username]},`
			`{ "$eq": ["$_auth._hash", body.auth.unwrap_or_default().hash]}`
			`]`
			`}`
			`};`
			`let update = doc! {`
			`"$set": {`
			`"_auth._api": api`
			`}`
			`};`
get salt 2024-06-07 15:37:00 +00:00
auth loop complete 2024-06-07 21:29:49 +00:00			`match db.find_one(query.clone(), None).await? {`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`Some(_user) => {`
auth loop complete 2024-06-07 21:29:49 +00:00			`db.update_one(query, update, None).await?;`
account finished, logging added 2024-06-07 17:59:35 +00:00
			`Ok(Response::builder()`
			`.status(StatusCode::OK)`
auth loop complete 2024-06-07 21:29:49 +00:00			`.body(Body::from(api.to_string()))?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::UNAUTHORIZED)`
			`.body(Body::from("Username or password is incorrect"))?)`
			`},`
			`}`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`}`
refactor 2024-06-06 18:21:12 +00:00
account finished, logging added 2024-06-07 17:59:35 +00:00			`pub async fn post_sign_up(Json(body): Json<User>) -> ApiResult {`
get salt 2024-06-07 15:37:00 +00:00			`let db = get_users().await?;`
auth loop complete 2024-06-07 21:29:49 +00:00			`let auth = body.clone().auth.unwrap_or_default();`
			`let query = doc! {`
			`"$expr": {`
			`"$and": [`
			`{ "$eq": ["$username", &body.username] },`
			`{ "$eq": ["$_auth._hash", &auth.hash]},`
			`{ "$eq": ["$_auth._salt", &auth.salt]}`
			`]`
			`}`
			`};`
signin, signout, signup 2024-06-07 14:30:16 +00:00
auth loop complete 2024-06-07 21:29:49 +00:00			`match db.find_one(query, None).await? {`
get salt 2024-06-07 15:37:00 +00:00			`Some(_user) => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_ACCEPTABLE)`
			`.body(Body::from("Username is already taken"))?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`db.insert_one(body, None).await?;`
auth loop complete 2024-06-07 21:29:49 +00:00
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::CREATED)`
			`.body(Body::from("Account created successfully"))?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`}`
			`}`
			`}`
refactor 2024-06-06 18:21:12 +00:00
AuthSession in progress 2024-06-07 01:24:42 +00:00
auth loop complete 2024-06-07 21:29:49 +00:00			`pub async fn post_sign_out(headers: HeaderMap) -> ApiResult {`
			`let db = get_users().await?;`
			`let api = headers["api_key"].to_str()?;`

			`let query = doc! {`
			`"$expr": { "$eq": ["$_auth._api", ObjectId::parse_str(api)?] }`
			`};`
			`let update = doc! {`
			`"$unset": {`
			`"_auth._api": ObjectId::new()`
			`}`
			`};`
account finished, logging added 2024-06-07 17:59:35 +00:00
auth loop complete 2024-06-07 21:29:49 +00:00			`match db.find_one(query.clone(), None).await? {`
			`Some(_user) => {`
			`db.update_one(query, update, None).await?;`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::OK)`
			`.body(Body::from("Sign out successful"))?)`
			`},`
auth loop complete 2024-06-07 21:29:49 +00:00			`None => {`
account finished, logging added 2024-06-07 17:59:35 +00:00			`Ok(Response::builder()`
			`.status(StatusCode::NOT_ACCEPTABLE)`
auth loop complete 2024-06-07 21:29:49 +00:00			`.body(Body::from("User does not exist"))?)`
signin, signout, signup 2024-06-07 14:30:16 +00:00			`},`
			`}`
AuthSession in progress 2024-06-07 01:24:42 +00:00			`}`
signin, signout, signup 2024-06-07 14:30:16 +00:00
			`pub async fn post_backup() {} //TODO: Backup`

account finished, logging added 2024-06-07 17:59:35 +00:00			`pub async fn get_restore() {} //TODO: restore`