mirror of
https://gitlab.com/comunic/comunicapiv3
synced 2024-11-26 07:19:22 +00:00
Can sign out user
This commit is contained in:
parent
89d5eac02b
commit
97d9adcc03
@ -31,6 +31,16 @@ pub fn login_user(request: &mut HttpRequestHandler) -> RequestResult {
|
||||
}
|
||||
}
|
||||
|
||||
/// Sign out user
|
||||
pub fn logout_user(request: &mut HttpRequestHandler) -> RequestResult {
|
||||
account_helper::destroy_login_tokens(
|
||||
request.user_id()?,
|
||||
request.api_client()
|
||||
)?;
|
||||
|
||||
request.success("User disconnected.")
|
||||
}
|
||||
|
||||
/// Get current user ID
|
||||
pub fn user_id(request: &mut HttpRequestHandler) -> RequestResult {
|
||||
request.set_response(CurrentUserID::new(request.user_id()?))
|
||||
|
@ -72,6 +72,9 @@ pub fn get_routes() -> Vec<Route> {
|
||||
Route::post_without_login("/account/login", Box::new(account_controller::login_user)),
|
||||
Route::post_without_login("/user/connectUSER", Box::new(account_controller::login_user)),
|
||||
|
||||
Route::post("/account/logout", Box::new(account_controller::logout_user)),
|
||||
Route::post("/user/disconnectUSER", Box::new(account_controller::logout_user)),
|
||||
|
||||
Route::post("/account/id", Box::new(account_controller::user_id)),
|
||||
Route::post("/user/getCurrentUserID", Box::new(account_controller::user_id)),
|
||||
]
|
||||
|
@ -4,7 +4,7 @@ use crate::data::user::UserID;
|
||||
use crate::data::user_token::UserAccessToken;
|
||||
use crate::database_structure::USER_ACCESS_TOKENS_TABLE;
|
||||
use crate::helpers::{database, user_helper};
|
||||
use crate::helpers::database::{QueryInfo, InsertQuery};
|
||||
use crate::helpers::database::{QueryInfo, InsertQuery, DeleteQuery};
|
||||
use crate::utils::crypt_utils::{crypt_pass, rand_str};
|
||||
|
||||
/// Account helper
|
||||
@ -75,3 +75,14 @@ pub fn get_user_by_login_token(token: &str, client: &APIClient) -> ResultBoxErro
|
||||
|res| res.get_int64("user_id"),
|
||||
)
|
||||
}
|
||||
|
||||
/// Destroy a given user login tokens
|
||||
pub fn destroy_login_tokens(id: UserID, client: &APIClient) -> ResultBoxError<()> {
|
||||
|
||||
database::delete(DeleteQuery::new(USER_ACCESS_TOKENS_TABLE)
|
||||
.cond_u32("service_id", client.id)
|
||||
.cond_i64("user_id", id)
|
||||
)?;
|
||||
|
||||
Ok(())
|
||||
}
|
@ -162,7 +162,7 @@ impl<'a> RowResult<'a> {
|
||||
pub fn get_optional_str(&self, name: &str) -> ResultBoxError<Option<String>> {
|
||||
match self.is_null(name)? {
|
||||
true => Ok(None),
|
||||
false => Ok(Some(self.get_str(name)?).map_or(None, |d|{
|
||||
false => Ok(Some(self.get_str(name)?).map_or(None, |d| {
|
||||
match d.is_empty() {
|
||||
true => None,
|
||||
false => Some(d)
|
||||
@ -247,17 +247,16 @@ pub fn query<E, F: Fn(&RowResult) -> ProcessRowResult<E>>(info: QueryInfo, proce
|
||||
|
||||
/// Structure used to execute a insert query
|
||||
pub struct InsertQuery {
|
||||
pub table : String,
|
||||
pub table: String,
|
||||
pub values: HashMap<String, mysql::Value>,
|
||||
}
|
||||
|
||||
impl InsertQuery {
|
||||
|
||||
/// Construct a new InsertQuery instance
|
||||
pub fn new(table: &str) -> InsertQuery {
|
||||
InsertQuery {
|
||||
table: table.to_string(),
|
||||
values: HashMap::new()
|
||||
values: HashMap::new(),
|
||||
}
|
||||
}
|
||||
|
||||
@ -285,7 +284,7 @@ pub fn insert(query: InsertQuery) -> ResultBoxError<()> {
|
||||
// Collect keys
|
||||
let keys = query.values
|
||||
.keys()
|
||||
.map(|f|f.to_string())
|
||||
.map(|f| f.to_string())
|
||||
.collect::<Vec<String>>();
|
||||
|
||||
let query_sql = format!(
|
||||
@ -297,7 +296,64 @@ pub fn insert(query: InsertQuery) -> ResultBoxError<()> {
|
||||
|
||||
get_connection()?.exec_drop(
|
||||
query_sql,
|
||||
query.values.values().collect::<Vec<&mysql::Value>>()
|
||||
query.values.values().collect::<Vec<&mysql::Value>>(),
|
||||
)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
||||
/// Structure used to build delete queries
|
||||
pub struct DeleteQuery {
|
||||
table: String,
|
||||
conditions: HashMap<String, Value>,
|
||||
}
|
||||
|
||||
impl DeleteQuery {
|
||||
/// Construct a new delete table query
|
||||
pub fn new(table: &str) -> DeleteQuery {
|
||||
DeleteQuery {
|
||||
table: table.to_string(),
|
||||
conditions: HashMap::new(),
|
||||
}
|
||||
}
|
||||
|
||||
/// Add a string condition
|
||||
pub fn cond_str(mut self, key: &str, value: &str) -> DeleteQuery {
|
||||
self.conditions.insert(key.to_string(), Value::from(value));
|
||||
self
|
||||
}
|
||||
|
||||
/// Add an integer condition
|
||||
pub fn cond_u32(mut self, key: &str, value: u32) -> DeleteQuery {
|
||||
self.conditions.insert(key.to_string(), Value::from(value));
|
||||
self
|
||||
}
|
||||
|
||||
pub fn cond_i64(mut self, key: &str, value: i64) -> DeleteQuery {
|
||||
self.conditions.insert(key.to_string(), Value::from(value));
|
||||
self
|
||||
}
|
||||
}
|
||||
|
||||
/// Delete an entry from the database
|
||||
pub fn delete(query: DeleteQuery) -> ResultBoxError<()> {
|
||||
if query.conditions.is_empty() {
|
||||
return Err(ExecError::boxed_new("DELETE without WHERE condition blocked for security reasons!"));
|
||||
}
|
||||
|
||||
let query_sql = format!(
|
||||
"DELETE FROM {} WHERE {}",
|
||||
query.table,
|
||||
query.conditions.keys()
|
||||
.map(|f| format!("{} = ?", f))
|
||||
.collect::<Vec<String>>()
|
||||
.join(" AND ")
|
||||
);
|
||||
|
||||
get_connection()?.exec_drop(
|
||||
query_sql,
|
||||
query.conditions.values().collect::<Vec<&Value>>()
|
||||
)?;
|
||||
|
||||
Ok(())
|
||||
|
Loading…
Reference in New Issue
Block a user