backend: get current user

2024-07-11 22:59:42 +02:00 · 2024-07-11 22:59:42 +02:00 · 8602142210
commit 8602142210
parent 2f7e1c9924
3 changed files with 25 additions and 2 deletions
--- a/crates/backend/src/auth.rs
+++ b/crates/backend/src/auth.rs
@ -33,7 +33,7 @@ pub fn create_jwt(
    jsonwebtoken::encode(&Header::default(), &claims, key)
 }

-pub struct AuthedUser(entity::user::Model);
+pub struct AuthedUser(pub entity::user::Model);

 impl AuthedUser {
    fn parse_token(req: &HttpRequest) -> Result<Claims, Error> {
--- a/crates/backend/src/controller/user.rs
+++ b/crates/backend/src/controller/user.rs
@ -1,4 +1,7 @@
-use actix_web::{error::ErrorInternalServerError, web, Responder};
+use actix_web::{
+    error::{ErrorInternalServerError, ErrorNotFound, ErrorUnauthorized},
+    web, Responder,
+};
 use argon2::{
    password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
    Argon2,
@ -23,6 +26,7 @@ pub struct CreateUserDto {
    name: String,
    email: String,
    password: String,
+    admin: bool,
 }

 impl From<entity::user::Model> for UserWithoutPassword {
@ -53,10 +57,27 @@ impl UserController {
        ))
    }

+    pub async fn get_current_user(
+        state: web::Data<AppState>,
+        executor: AuthedUser,
+    ) -> actix_web::Result<impl Responder> {
+        let db = &state.db;
+        let user = entity::prelude::User::find_by_id(executor.0.id)
+            .one(db)
+            .await
+            .map_err(ErrorInternalServerError)?
+            .ok_or(ErrorNotFound("Not Found"))?;
+        Ok(web::Json(user))
+    }
+
    pub async fn create_user(
        state: web::Data<AppState>,
        user: web::Json<CreateUserDto>,
+        executor: AuthedUser,
    ) -> actix_web::Result<impl Responder> {
+        if !executor.0.admin {
+            return Err(ErrorUnauthorized("Invalid Permissions"));
+        }
        let db = &state.db;
        let user = user.into_inner();

@ -72,6 +93,7 @@ impl UserController {
            name: ActiveValue::Set(user.name),
            email: ActiveValue::Set(user.email),
            hash: ActiveValue::Set(password_hash.to_string()),
+            admin: ActiveValue::Set(user.admin),
        };

        let result = user.insert(db).await.map_err(ErrorInternalServerError)?;
--- a/crates/backend/src/routes.rs
+++ b/crates/backend/src/routes.rs
@ -10,6 +10,7 @@ pub fn config(cfg: &mut web::ServiceConfig) {
                    .post(UserController::create_user),
            )
            .service(web::resource("/users/{user_id}"))
+            .route("/users/me", web::get().to(UserController::get_current_user))
            .service(
                web::resource("/licenses")
                    .get(LicenseController::list_groups)