diff options
| author | curly <curly@infernal.garden> | 2024-07-16 13:19:14 -0600 |
|---|---|---|
| committer | curly <curly@infernal.garden> | 2024-07-16 13:19:14 -0600 |
| commit | 12c1da413d09d48ce85bb46d0629166ce986b5d6 (patch) | |
| tree | 6778187a442e9bd49f8406f24eac1e9653f024b5 | |
| parent | d109b8e2ed9caa1ad362ec5ee268a2a98c22981e (diff) | |
| download | poko_server-12c1da413d09d48ce85bb46d0629166ce986b5d6.tar.gz poko_server-12c1da413d09d48ce85bb46d0629166ce986b5d6.tar.bz2 poko_server-12c1da413d09d48ce85bb46d0629166ce986b5d6.zip | |
change password and username
| -rw-r--r-- | README.md | 11 | ||||
| -rw-r--r-- | TODO | 6 | ||||
| -rw-r--r-- | src/db.rs | 24 | ||||
| -rw-r--r-- | src/main.rs | 19 |
4 files changed, 56 insertions, 4 deletions
@@ -89,4 +89,13 @@ - Response - 200 Ok - 500 Internal Server Error - - JSON `"Could not complete transaction"`
\ No newline at end of file + - JSON `"Could not complete transaction"` +- POST `/user/update/info` + - Request + - JSON `{"id": "ID", "session": "SESSION_KEY", "name": "USERNAME", "old_password": "PASSWORD", "new_password": "PASSWORD"}` + - Response + - 200 Ok + - 401 Unauthorized + - JSON `"Not Authenticated"` + - 400 Bad Request + - 500 Internal Server Error`
\ No newline at end of file @@ -2,5 +2,7 @@ Need to make a proper http status code thingy Token Values Token Stock Prices (Values) Config -Change passwords -Trade Requests
\ No newline at end of file +Trade Requests +Admin +Admin create registration key +Registration keys
\ No newline at end of file @@ -60,6 +60,19 @@ impl User { User { name, hashed_password, id, tokovec: base_tokens, sessions: HashMap::new() } } + fn update_name(&mut self, new_name: String) { + self.name = new_name; + } + + fn update_password(&mut self, old_password: String, new_password: String) -> Result<(), String> { + if User::hash(&old_password) == self.hashed_password { + self.hashed_password = User::hash(&new_password); + return Ok(()); + } else { + return Err("Old Password is Incorrect".into()) + } + } + fn hash(t: &String) -> String { let hashed = Sha256::digest(&t); let hashed = base16ct::lower::encode_string(&hashed); @@ -189,6 +202,17 @@ impl DB { Err("User Not Found".into()) } + pub async fn update_user(&mut self, id: UID, session: &String, name: String, old_password: String, new_password: String) -> Result<(), String> { + self.get_user_authenticated(id, session).await?; + let user = self.get_mut_user(id).await?; + user.update_name(name); + user.update_password(old_password, new_password)?; + + self.save().await?; + + Ok(()) + } + pub async fn get_user_authenticated(&self, id: UID, session: &String) -> Result<&User, String> { match self.get_user(id) { Ok(u) => { diff --git a/src/main.rs b/src/main.rs index 7edc01c..6b0ecec 100644 --- a/src/main.rs +++ b/src/main.rs @@ -183,6 +183,23 @@ async fn delete(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Resul } } +#[derive(Deserialize)] +struct UpdateForm { + id: UID, + session: String, + name: String, + old_password: String, + new_password: String, +} +#[post("/update/info", data="<data>", format="json")] +async fn update_user(data: Json<UpdateForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) { + let mut db = db.lock().await; + match db.update_user(data.id, &data.session, data.name.clone(), data.old_password.clone(), data.new_password.clone()).await { + Ok(_) => (Status::Ok, Ok(())), + Err(n) => (Status::InternalServerError, Err(n.into())) + } +} + #[derive(Deserialize, Debug)] struct TransferForm { id: UID, @@ -217,7 +234,7 @@ fn rocket() -> _ { rocket::build().manage(Mutex::new(DB::load(Config::new()))) .mount("/", routes![index]) - .mount("/user", routes![login, get_users_by_name, get_user_authenticated, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete]) + .mount("/user", routes![login, get_users_by_name, get_user_authenticated, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete, update_user]) .mount("/transfer", routes![transfer_out]) .attach(cors) }
\ No newline at end of file |