49 lines
1.4 KiB
Rust
49 lines
1.4 KiB
Rust
use crate::controllers::HttpResult;
|
|
use crate::extractors::auth_extractor::{AuthExtractor, AuthenticatedMethod};
|
|
use crate::users::{APIToken, APITokenID, BaseAPIToken};
|
|
use actix_web::{HttpResponse, web};
|
|
|
|
/// Create a new token
|
|
pub async fn create(auth: AuthExtractor) -> HttpResult {
|
|
if matches!(auth.method, AuthenticatedMethod::Token(_)) {
|
|
return Ok(HttpResponse::Forbidden()
|
|
.json("It is not allowed to create a token using another token!"));
|
|
}
|
|
|
|
let base = auth.decode_json_body::<BaseAPIToken>()?;
|
|
|
|
if let Some(err) = base.check() {
|
|
return Ok(HttpResponse::BadRequest().json(err));
|
|
}
|
|
|
|
let token = APIToken::create(&auth.as_ref().email, base).await?;
|
|
|
|
Ok(HttpResponse::Ok().json(token))
|
|
}
|
|
|
|
/// Get the list of tokens of current user
|
|
pub async fn get_list(auth: AuthExtractor) -> HttpResult {
|
|
Ok(HttpResponse::Ok().json(
|
|
APIToken::list_user(&auth.as_ref().email)
|
|
.await?
|
|
.into_iter()
|
|
.map(|mut t| {
|
|
t.secret = String::new();
|
|
t
|
|
})
|
|
.collect::<Vec<_>>(),
|
|
))
|
|
}
|
|
|
|
#[derive(serde::Deserialize)]
|
|
pub struct TokenIDInPath {
|
|
id: APITokenID,
|
|
}
|
|
|
|
/// Delete an API access token
|
|
pub async fn delete(auth: AuthExtractor, path: web::Path<TokenIDInPath>) -> HttpResult {
|
|
let token = APIToken::load(&auth.user.email, &path.id).await?;
|
|
token.delete(&auth.user.email).await?;
|
|
Ok(HttpResponse::Accepted().finish())
|
|
}
|