diff options
| author | Jokler <jokler@protonmail.com> | 2020-06-21 06:37:46 +0200 |
|---|---|---|
| committer | Jokler <jokler@protonmail.com> | 2020-06-21 06:37:46 +0200 |
| commit | e6468b012d5b33dd16992652da57f11dd5a6e82f (patch) | |
| tree | e89add440df79d4036b9b44d8c77ee6d69e67201 /src/admin.rs | |
| download | joklerpoints-master.tar.gz joklerpoints-master.zip | |
Diffstat (limited to 'src/admin.rs')
| -rw-r--r-- | src/admin.rs | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/src/admin.rs b/src/admin.rs new file mode 100644 index 0000000..2efe02f --- /dev/null +++ b/src/admin.rs @@ -0,0 +1,114 @@ +use std::str::FromStr; + +use actix::Addr; +use actix_http::error::ResponseError; +use actix_identity::Identity; +use actix_web::{http::header, web, HttpResponse}; +use askama::Template; +use serde::Deserialize; + +use crate::error::ServiceError; +use crate::model::{DbExecutor, NewUser}; +use crate::util::UserRequest; +use crate::Secret; + +pub mod user_creation; +use user_creation::{PassHashExecutor, PassHashRequest, SaveUserRequest}; + +#[derive(Template)] +#[template(path = "admin.htm")] +struct AdminTemplate; + +pub async fn index(ident: Identity, db: web::Data<Addr<DbExecutor>>) -> HttpResponse { + if let Some(name) = ident.identity() { + ident.remember(name.clone()); + let user = match db.send(UserRequest(name.clone())).await.unwrap() { + Ok(v) => v, + Err(_) => { + ident.forget(); + return HttpResponse::Found() + .header(header::LOCATION, "/login") + .finish(); + } + }; + if user.power_level != 9001 { + return ServiceError::Unauthorized.error_response(); + } + + let page = AdminTemplate.render().unwrap(); + + HttpResponse::Ok().content_type("text/html").body(page) + } else { + HttpResponse::Found() + .header(header::LOCATION, "/user/login") + .finish() + } +} + +#[derive(Deserialize, Debug)] +#[serde(rename_all = "kebab-case")] +pub struct UserData { + pub user: String, + pub balance: String, + pub password: String, +} + +pub async fn create_user( + ident: Identity, + params: web::Form<UserData>, + db: web::Data<Addr<DbExecutor>>, + hasher: web::Data<Addr<PassHashExecutor>>, + sec: web::Data<Secret>, +) -> HttpResponse { + if let Some(name) = ident.identity() { + ident.remember(name.clone()); + let user = match db.send(UserRequest(name.clone())).await.unwrap() { + Ok(v) => v, + Err(_) => { + ident.forget(); + return HttpResponse::Found() + .header(header::LOCATION, "/login") + .finish(); + } + }; + if user.power_level != 9001 { + return ServiceError::Unauthorized.error_response(); + } + let new_login = params.into_inner(); + + let balance = match u64::from_str(&new_login.balance) { + Ok(v) => v, + Err(e) => { + return HttpResponse::Ok() + .content_type("text/html") + .body(e.to_string()) + } + }; + + let hash = hasher + .send(PassHashRequest::new(new_login.password, sec.0.clone())) + .await + .unwrap() + .unwrap(); + + let new_user = NewUser { + name: new_login.user, + // TODO Let the admin pick + power_level: 0, + balance: balance, + }; + + db.send(SaveUserRequest::new(new_user, hash)) + .await + .unwrap() + .unwrap(); + + HttpResponse::Found() + .header(header::LOCATION, "/admin") + .finish() + } else { + HttpResponse::Found() + .header(header::LOCATION, "/login") + .finish() + } +} |