diff options
| -rw-r--r-- | README.md | 8 | ||||
| -rw-r--r-- | src/db.rs | 21 | ||||
| -rw-r--r-- | src/main.rs | 20 | ||||
| -rw-r--r-- | src/uid.rs | 4 |
4 files changed, 48 insertions, 5 deletions
@@ -60,4 +60,12 @@ - 200 Ok - JSON `["SESSION_KEY":"CLIENT_ID"]` - 401 Unauthorized + - JSON `"Not Authenticated"` +- POST `/user/delete` + - Request + - JSON `{"id": "ID", "session": "SESSION_KEY"}` + - Response + - 200 Ok + - JSON `"Deleted"` + - 401 Unauthorized - JSON `"Not Authenticated"`
\ No newline at end of file @@ -281,4 +281,25 @@ impl DB { let _ = self.save().await; r } + + pub async fn delete_user(&mut self, id: &String, session: &String) -> Result<String, String> { + match UID::from(id.clone()) { + Ok(n) => { + self.users = self.users.clone().into_iter().filter(|u| !u.authenticate(session) && n != u.id).collect(); + self.uid_generator.delete_uid(n); + }, + Err(n) => return Err(n) + }; + + // Validate + let r = match self.get_user(id).await { + Ok(_) => Err("Could not delete".into()), + Err(_) => { + Ok("Deleted".into()) + }, + }; + + let _ = self.save().await; + r + } } diff --git a/src/main.rs b/src/main.rs index 22c096d..c48ceda 100644 --- a/src/main.rs +++ b/src/main.rs @@ -130,12 +130,12 @@ async fn login(data: Json<LoginForm>, db: &State<Mutex<DB>>) -> (Status, Json<St #[derive(Deserialize)] struct LogoutForm { id: String, - sessionhash: String, + session: String, } #[post("/logout", data="<data>", format="json")] async fn logout(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) { let mut db = db.lock().await; - match db.logout(&data.id, &data.sessionhash).await { + match db.logout(&data.id, &data.session).await { Ok(_) => (Status::Ok, Ok(())), Err(n) => (Status::Unauthorized, Err(n.into())), } @@ -143,7 +143,7 @@ async fn logout(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Resul #[post("/logout/all", data="<data>", format="json")] async fn logout_all(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<String>, Json<String>>) { let mut db = db.lock().await; - match db.logout_all(&data.id, &data.sessionhash).await { + match db.logout_all(&data.id, &data.session).await { Ok(n) => (Status::Ok, Ok(n.into())), Err(n) => (Status::Unauthorized, Err(n.into())), } @@ -151,7 +151,16 @@ async fn logout_all(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, R #[post("/sessions", data="<data>", format="json")] async fn get_sessions(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<Vec<(String, String)>>, Json<String>>) { let db = db.lock().await; - match db.get_sessions(&data.id, &data.sessionhash).await { + match db.get_sessions(&data.id, &data.session).await { + Ok(n) => (Status::Ok, Ok(n.into())), + Err(n) => (Status::Unauthorized, Err(n.into())), + } +} + +#[post("/delete", data="<data>", format="json")] +async fn delete(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<String>, Json<String>>) { + let mut db = db.lock().await; + match db.delete_user(&data.id, &data.session).await { Ok(n) => (Status::Ok, Ok(n.into())), Err(n) => (Status::Unauthorized, Err(n.into())), } @@ -161,5 +170,6 @@ async fn get_sessions(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, fn rocket() -> _ { rocket::build().manage(Mutex::new(DB::load(Config::new()))) .mount("/", routes![index]) - .mount("/user", routes![login, get_users_by_name, get_user, new_user, get_all_users, logout, logout_all, get_sessions]) + .mount("/user", routes![login, get_users_by_name, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete]) + .mount("/transfer", routes![]) }
\ No newline at end of file @@ -51,6 +51,10 @@ impl Generator { } } + pub fn delete_uid(&mut self, u: UID) { + self.used_uids = self.used_uids.clone().into_iter().filter(|old| old != &u).collect(); + } + pub fn new_uid(&mut self) -> Result<UID, String> { let mut count = 0; loop { |