Implemented user authentication.
This commit is contained in:
@@ -0,0 +1,71 @@
|
||||
use cfg_if::cfg_if;
|
||||
cfg_if! { if #[cfg(feature = "ssr")] {
|
||||
|
||||
use std::future::{Ready, ready};
|
||||
use actix_session::SessionExt;
|
||||
use actix_web::dev::{Service, ServiceRequest, ServiceResponse, Transform, forward_ready};
|
||||
use actix_web::Error;
|
||||
use actix_web::HttpResponse;
|
||||
use actix_web::body::EitherBody;
|
||||
use futures_util::future::LocalBoxFuture;
|
||||
use actix_web::http::header::LOCATION;
|
||||
use crate::backend::data::User;
|
||||
|
||||
pub struct Authentication;
|
||||
|
||||
impl<S, B> Transform<S, ServiceRequest> for Authentication
|
||||
where
|
||||
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
|
||||
S::Future: 'static,
|
||||
B: 'static,
|
||||
{
|
||||
type Response = ServiceResponse<EitherBody<B>>;
|
||||
type Error = Error;
|
||||
type Transform = AuthenticationMiddleware<S>;
|
||||
type InitError = ();
|
||||
type Future = Ready<Result<Self::Transform, Self::InitError>>;
|
||||
|
||||
fn new_transform(&self, service: S) -> Self::Future {
|
||||
ready(Ok(AuthenticationMiddleware { service }))
|
||||
}
|
||||
}
|
||||
pub struct AuthenticationMiddleware<S> {
|
||||
service: S,
|
||||
}
|
||||
|
||||
impl<S, B> Service<ServiceRequest> for AuthenticationMiddleware<S>
|
||||
where
|
||||
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
|
||||
S::Future: 'static,
|
||||
B: 'static,
|
||||
{
|
||||
type Response = ServiceResponse<EitherBody<B>>;
|
||||
type Error = Error;
|
||||
type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
|
||||
|
||||
forward_ready!(service);
|
||||
|
||||
fn call(&self, req: ServiceRequest) -> Self::Future {
|
||||
let session = req.get_session();
|
||||
let authenticate_pass = !req.path().starts_with("/admin") ||
|
||||
session.get::<User>("user").unwrap_or(None).is_some();
|
||||
|
||||
if authenticate_pass {
|
||||
let res = self.service.call(req);
|
||||
|
||||
Box::pin(async move {
|
||||
res.await.map(ServiceResponse::map_into_left_body)
|
||||
})
|
||||
} else {
|
||||
let (request, _pl) = req.into_parts();
|
||||
|
||||
let response = HttpResponse::Found()
|
||||
.insert_header((LOCATION, "/login"))
|
||||
.finish()
|
||||
.map_into_right_body();
|
||||
|
||||
Box::pin(async { Ok(ServiceResponse::new(request, response)) })
|
||||
}
|
||||
}
|
||||
}
|
||||
}}
|
||||
+11
-5
@@ -1,11 +1,14 @@
|
||||
use crate::backend::data::Company;
|
||||
use leptos::*;
|
||||
use crate::backend::data::{ApiResponse, Company};
|
||||
|
||||
#[server(GetCompany, "/api", "Url", "get_company")]
|
||||
pub async fn get_company() -> Result<Company, ServerFnError> {
|
||||
pub async fn get_company() -> Result<ApiResponse<Company>, ServerFnError> {
|
||||
use crate::backend::AppData;
|
||||
use actix_web::web::Data;
|
||||
use leptos_actix::extract;
|
||||
use crate::perm_check;
|
||||
|
||||
perm_check!(is_logged_in);
|
||||
|
||||
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
|
||||
|
||||
@@ -13,14 +16,17 @@ pub async fn get_company() -> Result<Company, ServerFnError> {
|
||||
.fetch_one(&pool)
|
||||
.await?;
|
||||
|
||||
Ok(cmp)
|
||||
Ok(ApiResponse::Data(cmp))
|
||||
}
|
||||
|
||||
#[server(UpdateCompany, "/api", "Url", "update_company")]
|
||||
pub async fn update_company(company: Company) -> Result<(), ServerFnError> {
|
||||
pub async fn update_company(company: Company) -> Result<ApiResponse<()>, ServerFnError> {
|
||||
use crate::backend::AppData;
|
||||
use actix_web::web::Data;
|
||||
use leptos_actix::extract;
|
||||
use crate::perm_check;
|
||||
|
||||
perm_check!(is_admin);
|
||||
|
||||
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
|
||||
|
||||
@@ -36,5 +42,5 @@ pub async fn update_company(company: Company) -> Result<(), ServerFnError> {
|
||||
.execute(&pool)
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
Ok(ApiResponse::Data(()))
|
||||
}
|
||||
|
||||
+26
-12
@@ -1,9 +1,15 @@
|
||||
use chrono::{NaiveDate, NaiveTime, Weekday};
|
||||
use rust_decimal::Decimal;
|
||||
//use chrono::{NaiveDate, NaiveTime, Weekday};
|
||||
//use rust_decimal::Decimal;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
//use uuid::Uuid;
|
||||
use validator::Validate;
|
||||
|
||||
#[derive(Serialize, Deserialize, Clone, Debug)]
|
||||
pub enum ApiResponse<T> {
|
||||
Data(T),
|
||||
Error(String)
|
||||
}
|
||||
|
||||
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq, Validate, Default)]
|
||||
#[cfg_attr(feature = "ssr", derive(sqlx::FromRow))]
|
||||
pub struct Company {
|
||||
@@ -24,17 +30,25 @@ impl Company {
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq, Validate, Default)]
|
||||
#[cfg_attr(feature = "ssr", derive(sqlx::FromRow))]
|
||||
pub struct User {
|
||||
id: u16,
|
||||
login: String,
|
||||
password: String,
|
||||
full_name: String,
|
||||
email: String,
|
||||
admin: bool,
|
||||
get_emails: bool,
|
||||
id: i32,
|
||||
pub login: String,
|
||||
pub password: String,
|
||||
pub full_name: Option<String>,
|
||||
pub email: Option<String>,
|
||||
pub admin: bool,
|
||||
pub get_emails: bool,
|
||||
}
|
||||
|
||||
pub struct Property {
|
||||
impl User {
|
||||
pub fn id(&self) -> i32 {
|
||||
self.id
|
||||
}
|
||||
}
|
||||
|
||||
/*pub struct Property {
|
||||
id: u16,
|
||||
name: String,
|
||||
description: String,
|
||||
@@ -92,4 +106,4 @@ pub struct ReservationSum {
|
||||
customer: Customer,
|
||||
price: Decimal,
|
||||
state: ReservationState,
|
||||
}
|
||||
}*/
|
||||
|
||||
@@ -2,6 +2,24 @@ use cfg_if::cfg_if;
|
||||
|
||||
pub mod data;
|
||||
pub mod company;
|
||||
pub mod user;
|
||||
pub mod auth_middleware;
|
||||
|
||||
#[macro_export]
|
||||
macro_rules! perm_check {
|
||||
($check:ident) => {
|
||||
use crate::backend::user::$check;
|
||||
use actix_web::http::StatusCode;
|
||||
use leptos_actix::ResponseOptions;
|
||||
|
||||
if !$check().await {
|
||||
let response = expect_context::<ResponseOptions>();
|
||||
response.set_status(StatusCode::FORBIDDEN);
|
||||
|
||||
return Ok(ApiResponse::Error("Forbidden".to_string()))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
cfg_if!{
|
||||
if #[cfg(feature = "ssr")] {
|
||||
|
||||
@@ -0,0 +1,102 @@
|
||||
use cfg_if::cfg_if;
|
||||
use leptos::*;
|
||||
|
||||
cfg_if! { if #[cfg(feature = "ssr")] {
|
||||
use sqlx::{query_as, Error, PgPool, query};
|
||||
use actix_session::*;
|
||||
use leptos_actix::{extract, redirect};
|
||||
use crate::backend::data::User;
|
||||
|
||||
pub async fn has_admin_user(pool: &PgPool) -> Result<bool, Error> {
|
||||
let count: (i64,) = query_as(r#"SELECT COUNT(id) FROM "user" WHERE admin = $1"#)
|
||||
.bind(true)
|
||||
.fetch_one(pool)
|
||||
.await?;
|
||||
|
||||
Ok(count.0 > 0)
|
||||
}
|
||||
|
||||
pub async fn create_admin(pool: &PgPool) -> Result<(), Error> {
|
||||
if !has_admin_user(pool).await? {
|
||||
let pwd = pwhash::bcrypt::hash("admin");
|
||||
query(r#"INSERT INTO "user"(login, password, full_name, admin) VALUES($1, $2, $3, $4)"#)
|
||||
.bind("admin")
|
||||
.bind(pwd.unwrap())
|
||||
.bind("Admin User")
|
||||
.bind(true)
|
||||
.execute(pool).await?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
pub async fn user_from_login(pool: &PgPool, login: &str) -> Result<User, Error> {
|
||||
let usr = query_as::<_, User>(r#"SELECT * FROM "user" WHERE login=$1"#)
|
||||
.bind(login)
|
||||
.fetch_one(pool).await?;
|
||||
Ok(usr)
|
||||
}
|
||||
|
||||
pub async fn logged_in_user() -> Option<User> {
|
||||
extract(|session: Session| async move {
|
||||
session.get::<User>("user").unwrap_or(None)
|
||||
}).await.unwrap_or(None)
|
||||
}
|
||||
|
||||
pub async fn is_logged_in() -> bool {
|
||||
logged_in_user().await.is_some()
|
||||
}
|
||||
|
||||
pub async fn is_admin() -> bool {
|
||||
if let Some(user) = logged_in_user().await {
|
||||
user.admin
|
||||
} else {
|
||||
false
|
||||
}
|
||||
}
|
||||
}}
|
||||
|
||||
#[server(Login, "/api")]
|
||||
pub async fn login(username: String, password: String) -> Result<(), ServerFnError> {
|
||||
use crate::backend::AppData;
|
||||
use actix_session::*;
|
||||
use actix_web::web::Data;
|
||||
use leptos_actix::extract;
|
||||
|
||||
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
|
||||
|
||||
let user = user_from_login(&pool, &username).await?;
|
||||
|
||||
if pwhash::bcrypt::verify(password, &user.password) {
|
||||
extract(|session: Session| async move {
|
||||
let _ = session.insert("user", user);
|
||||
})
|
||||
.await?;
|
||||
|
||||
redirect("/admin");
|
||||
return Ok(());
|
||||
}
|
||||
|
||||
Err(ServerFnError::ServerError("Bad login".to_string()))
|
||||
}
|
||||
|
||||
#[server]
|
||||
pub async fn logout() -> Result<(), ServerFnError> {
|
||||
extract(|session: Session| async move {
|
||||
session.clear();
|
||||
}).await?;
|
||||
|
||||
redirect("/login");
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[server]
|
||||
pub async fn auth_check() -> Result<bool, ServerFnError> {
|
||||
Ok(is_logged_in().await)
|
||||
}
|
||||
|
||||
#[server]
|
||||
pub async fn admin_check() -> Result<bool, ServerFnError> {
|
||||
Ok(is_admin().await)
|
||||
}
|
||||
Reference in New Issue
Block a user