full session management

author: Curly Bryce <curlybryce@protonmail.com> 2024-07-03 15:24:45 -0600
committer: Curly Bryce <curlybryce@protonmail.com> 2024-07-03 15:24:45 -0600
commit: 723ea13a55af719a920b445d9c8cda0c2545c682 (patch)
tree: 53ee782a02e04e4a4b296975bee4a70b57b2c801 /src
parent: 97bc774cac822a725d39a9d72dec10ce04394742 (diff)
download: poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.tar.gz
poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.tar.bz2
poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.zip
2 files changed, 59 insertions, 12 deletions
diff --git a/src/db.rs b/src/db.rs
index 43a2cc7..a609fe5 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -81,14 +81,21 @@ impl User {
         }
     }
 
-    fn clear_sessions(&mut self) {
-        self.sessions.clear()
+    fn clear_sessions(&mut self, session: &String) {
+        if self.authenticate(session) {
+            self.sessions.clear()
+        }
     }
 
-    fn get_sessions(&mut self) -> Vec<(String, String)> {
-        self.sessions.iter().map(|(k, v)| {
-            (k.clone(), v.clone())
-        }).collect()
+    fn get_sessions(&self, session: &String) -> Result<Vec<(String, String)>, String> {
+        if self.authenticate(session) {
+            let v = self.sessions.iter().map(|(k, v)| {
+                (k.clone(), v.clone())
+            }).collect();
+            Ok(v)
+        } else {
+            Err("Not Authenticated".into())
+        }
     }
 
     fn login(&mut self, password: &String, clientid: &String) -> Result<String, String> {
@@ -169,10 +176,10 @@ impl DB {
         DB { uid_generator: uid::Generator::new(), users: vec![], config }
     }
 
-    pub async fn get_user(&mut self, id: &str) -> Result<&User, String> {
+    pub async fn get_user(&self, id: &str) -> Result<&User, String> {
         match UID::from(id.to_string()) {
             Ok(n) => {
-                for u in self.users.iter_mut() {
+                for u in self.users.iter() {
                     if u.id == n {
                         return Ok(u)
                     }
@@ -250,4 +257,28 @@ impl DB {
         let _ = self.save().await;
         r
     }
+    pub async fn logout_all(&mut self, id: &String, session: &String) -> Result<String, String> {
+        let r = match self.get_mut_user(id).await {
+            Ok(n) => {
+                n.clear_sessions(session);
+                Ok("Logged out of everything".into())
+            },
+            Err(n) => Err(n)
+        };
+        
+        let _ = self.save().await;
+        r
+    }
+
+    pub async fn get_sessions(&self, id: &String, session: &String) -> Result<Vec<(String, String)>, String> {
+        let r = match self.get_user(id).await {
+            Ok(n) => {
+                n.get_sessions(session)
+            },
+            Err(n) => Err(n)
+        };
+        
+        let _ = self.save().await;
+        r
+    }
 }
diff --git a/src/main.rs b/src/main.rs
index 281b63b..22c096d 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -31,7 +31,7 @@ impl Into<UserOut> for User {
 
 #[get("/<user>")]
 async fn get_user(user: &str, db: &State<Mutex<DB>>) -> (Status, Result<Json<UserOut>, Json<String>>) {
-    let mut db = db.lock().await;
+    let db = db.lock().await;
     match db.get_user(user).await {
         Ok(n) => (Status::Ok, Ok(Json(n.clone().into()))),
         Err(n) => (Status::NotFound, Err(n.into()))
@@ -133,11 +133,27 @@ struct LogoutForm {
     sessionhash: String,
 }
 #[post("/logout", data="<data>", format="json")]
-async fn logout(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), String>) {
+async fn logout(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) {
     let mut db = db.lock().await;
     match db.logout(&data.id, &data.sessionhash).await {
         Ok(_) => (Status::Ok, Ok(())),
-        Err(n) => (Status::Unauthorized, Err(n)),
+        Err(n) => (Status::Unauthorized, Err(n.into())),
+    }
+}
+#[post("/logout/all", data="<data>", format="json")]
+async fn logout_all(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<String>, Json<String>>) {
+    let mut db = db.lock().await;
+    match db.logout_all(&data.id, &data.sessionhash).await {
+        Ok(n) => (Status::Ok, Ok(n.into())),
+        Err(n) => (Status::Unauthorized, Err(n.into())),
+    }
+}
+#[post("/sessions", data="<data>", format="json")]
+async fn get_sessions(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<Vec<(String, String)>>, Json<String>>) {
+    let db = db.lock().await;
+    match db.get_sessions(&data.id, &data.sessionhash).await {
+        Ok(n) => (Status::Ok, Ok(n.into())),
+        Err(n) => (Status::Unauthorized, Err(n.into())),
     }
 }
 
@@ -145,5 +161,5 @@ async fn logout(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Resul
 fn rocket() -> _ {
     rocket::build().manage(Mutex::new(DB::load(Config::new())))
     .mount("/", routes![index])
-    .mount("/user", routes![login, get_users_by_name, get_user, new_user, get_all_users, logout])
+    .mount("/user", routes![login, get_users_by_name, get_user, new_user, get_all_users, logout, logout_all, get_sessions])
 }
 \ No newline at end of file
author	Curly Bryce <curlybryce@protonmail.com>	2024-07-03 15:24:45 -0600
committer	Curly Bryce <curlybryce@protonmail.com>	2024-07-03 15:24:45 -0600
commit	723ea13a55af719a920b445d9c8cda0c2545c682 (patch)
tree	53ee782a02e04e4a4b296975bee4a70b57b2c801 /src
parent	97bc774cac822a725d39a9d72dec10ce04394742 (diff)
download	poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.tar.gz poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.tar.bz2 poko_server-723ea13a55af719a920b445d9c8cda0c2545c682.zip