1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-12-27 22:18:51 +00:00

Can create new accounts

This commit is contained in:
Pierre HUBERT 2020-07-13 13:35:25 +02:00
parent 1974c782b5
commit c4f5447230
6 changed files with 58 additions and 4 deletions

View File

@ -6,6 +6,7 @@ use crate::api_data::res_get_security_questions::ResGetSecurityQuestions;
use crate::controllers::routes::RequestResult;
use crate::data::error::ResultBoxError;
use crate::data::http_request_handler::HttpRequestHandler;
use crate::data::new_account::NewAccount;
use crate::data::user::User;
use crate::helpers::{account_helper, user_helper};
@ -25,6 +26,30 @@ impl HttpRequestHandler {
}
}
/// Create a new account
pub fn create(r: &mut HttpRequestHandler) -> RequestResult {
// TODO : limit request
// Get & check email
let email = r.post_email("emailAddress")?;
if account_helper::exists_mail(&email)? {
r.conflict("This email address already belongs to an account!".to_string())?;
}
let new_account = NewAccount {
first_name: r.post_content("firstName", 3, true)?,
last_name: r.post_content("lastName", 3, true)?,
email,
password: r.post_string_opt("password", 3, true)?,
};
account_helper::create(&new_account)?;
// TODO : limit request
r.success("Account created!")
}
/// Sign in user
pub fn login_user(request: &mut HttpRequestHandler) -> RequestResult {
let email = request.post_email("userMail")?;

View File

@ -67,6 +67,7 @@ pub fn get_routes() -> Vec<Route> {
Route::get_without_login("/", Box::new(server_controller::main_index)),
// Account controller
Route::post("/account/create", Box::new(account_controller::create)),
Route::post_without_login("/account/login", Box::new(account_controller::login_user)),
Route::post_without_login("/user/connectUSER", Box::new(account_controller::login_user)),
Route::post("/account/logout", Box::new(account_controller::logout_user)),

View File

@ -137,6 +137,13 @@ impl HttpRequestHandler {
Err(Box::new(ExecError::new(&message)))
}
/// Conflict (409)
pub fn conflict(&mut self, message: String) -> RequestResult {
self.response = Some(HttpResponse::Conflict().json(
HttpError::new(409, &message)));
Err(Box::new(ExecError::new(&message)))
}
/// If result is not OK, return a bad request
pub fn ok_or_bad_request<E>(&mut self, res: ResultBoxError<E>, msg: &str) -> ResultBoxError<E> {
match res {
@ -595,12 +602,10 @@ impl HttpRequestHandler {
)?;
if comment.user_id != self.user_id_or_invalid() {
let post = posts_helper::get_single(comment.post_id)?;
if posts_helper::get_access_level(&post, &self.user_id_opt())? == PostAccessLevel::NO_ACCESS {
self.forbidden("You are not allowed to access this post information !".to_string())?;
}
}
Ok(comment)

View File

@ -25,4 +25,5 @@ pub mod survey;
pub mod comment;
pub mod new_survey;
pub mod notification;
pub mod user_membership;
pub mod user_membership;
pub mod new_account;

10
src/data/new_account.rs Normal file
View File

@ -0,0 +1,10 @@
//! # New account
//!
//! @author Pierre Hubert
pub struct NewAccount {
pub first_name: String,
pub last_name: String,
pub email: String,
pub password: String,
}

View File

@ -1,17 +1,29 @@
use crate::constants::database_tables_names::{USER_ACCESS_TOKENS_TABLE, USERS_TABLE};
use crate::data::api_client::APIClient;
use crate::data::error::{ExecError, ResultBoxError};
use crate::data::new_account::NewAccount;
use crate::data::user::UserID;
use crate::data::user_token::UserAccessToken;
use crate::helpers::{database, user_helper};
use crate::helpers::database::{DeleteQuery, InsertQuery, QueryInfo};
use crate::utils::crypt_utils::{crypt_pass, rand_str};
use crate::utils::date_utils::time;
use crate::utils::date_utils::{mysql_date, time};
/// Account helper
///
/// @author Pierre Hubert
/// Create a new account
pub fn create(new_account: &NewAccount) -> ResultBoxError {
database::InsertQuery::new(USERS_TABLE)
.add_str("nom", &new_account.first_name)
.add_str("prenom", &new_account.last_name)
.add_str("date_creation", &mysql_date())
.add_str("mail", &new_account.email)
.add_str("password", &crypt_pass(&new_account.password)?)
.insert_drop_result()
}
/// Attempt to sign-in user
///
/// In this version of the api, we consider that there is only one login token required