summaryrefslogtreecommitdiff
path: root/server/src/routes
diff options
context:
space:
mode:
Diffstat (limited to 'server/src/routes')
-rw-r--r--server/src/routes/auth.rs51
-rw-r--r--server/src/routes/user.rs17
2 files changed, 46 insertions, 22 deletions
diff --git a/server/src/routes/auth.rs b/server/src/routes/auth.rs
index e3d7e4e..504d428 100644
--- a/server/src/routes/auth.rs
+++ b/server/src/routes/auth.rs
@@ -1,9 +1,15 @@
use crate::errors::AppError;
use crate::models::{
- auth::{AuthBody, Claims, SignUpForm},
+ auth::{AuthBody, Claims, LoginCredentials, SignUpForm},
user::*,
};
-use axum::{routing::post, Json, Router};
+use axum::{
+ http::StatusCode,
+ response::{IntoResponse, Response},
+ routing::post,
+ Json, Router,
+};
+use serde::Serialize;
/// Create routes for `/v1/auth/` namespace
pub fn create_route() -> Router {
@@ -12,21 +18,39 @@ pub fn create_route() -> Router {
.route("/signup", post(signup))
}
+/// Extension of `Json` which returns the CREATED status code
+pub struct JsonCreate<T>(pub T);
+
+impl<T> IntoResponse for JsonCreate<T>
+where
+ T: Serialize,
+{
+ fn into_response(self) -> Response {
+ (StatusCode::CREATED, Json(self.0)).into_response()
+ }
+}
+
/// Make login. Check if a user with the email and password passed in request body exists into the
/// database
-async fn make_login(Json(payload): Json<UserCreate>) -> Result<Json<AuthBody>, AppError> {
- let user = User::new(payload.email, payload.password);
+async fn make_login(Json(payload): Json<LoginCredentials>) -> Result<Json<AuthBody>, AppError> {
+ let user = User::new(
+ String::new(),
+ String::new(),
+ payload.username,
+ payload.password,
+ );
match User::find(user).await {
Ok(user) => {
let claims = Claims::new(user.id);
let token = claims.get_token()?;
Ok(Json(AuthBody::new(token)))
}
- Err(_) => Err(AppError::NotFound),
+ Err(_) => Err(AppError::NotFound("User not found".to_string())),
}
}
+
/// Create a new user
-async fn signup(Json(payload): Json<SignUpForm>) -> Result<Json<AuthBody>, AppError> {
+async fn signup(Json(payload): Json<SignUpForm>) -> Result<JsonCreate<AuthBody>, AppError> {
if payload.password1 != payload.password2 {
return Err(AppError::BadRequest(
"The inserted passwords do not match".to_string(),
@@ -39,10 +63,21 @@ async fn signup(Json(payload): Json<SignUpForm>) -> Result<Json<AuthBody>, AppEr
));
}
- let user = User::new(payload.email, payload.password1);
+ if User::username_has_taken(&payload.username).await? {
+ return Err(AppError::BadRequest(
+ "An user with this username already exists".to_string(),
+ ));
+ }
+
+ let user = User::new(
+ payload.name,
+ payload.email,
+ payload.username,
+ payload.password1,
+ );
let user = User::create(user).await?;
let claims = Claims::new(user.id);
let token = claims.get_token()?;
- Ok(Json(AuthBody::new(token)))
+ Ok(JsonCreate(AuthBody::new(token)))
}
diff --git a/server/src/routes/user.rs b/server/src/routes/user.rs
index 5733871..d0aa056 100644
--- a/server/src/routes/user.rs
+++ b/server/src/routes/user.rs
@@ -1,14 +1,14 @@
use crate::errors::AppError;
use crate::models::{
auth::Claims,
- user::{User, UserCreate, UserList},
+ user::{User, UserList},
};
use axum::{routing::get, Json, Router};
/// Create routes for `/v1/users/` namespace
pub fn create_route() -> Router {
Router::new()
- .route("/", get(list_users).post(create_user))
+ .route("/", get(list_users))
.route("/me", get(get_user))
}
@@ -19,21 +19,10 @@ async fn list_users(_: Claims) -> Result<Json<Vec<UserList>>, AppError> {
Ok(Json(users))
}
-/// Create an user. Checks Authorization token
-async fn create_user(
- Json(payload): Json<UserCreate>,
- _: Claims,
-) -> Result<Json<UserList>, AppError> {
- let user = User::new(payload.email, payload.password);
- let user_new = User::create(user).await?;
-
- Ok(Json(user_new))
-}
-
/// Get the user from the `Authorization` header token
async fn get_user(claims: Claims) -> Result<Json<UserList>, AppError> {
match User::find_by_id(claims.user_id).await {
Ok(user) => Ok(Json(user)),
- Err(_) => Err(AppError::NotFound),
+ Err(_) => Err(AppError::NotFound("User not found".to_string())),
}
}