2 files changed, 39 insertions, 6 deletions

diff --git a/src/db.rs b/src/db.rs
index 28b1ec7..43a9f9c 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -18,7 +18,7 @@ impl Config {
 }
 
 #[derive(Debug, Serialize, Deserialize, Clone, Copy)]
-enum Color {
+pub enum Color {
     White,
     Red,
     Blue,
@@ -27,7 +27,7 @@ enum Color {
 }
 
 #[derive(Debug, Serialize, Deserialize, Clone)]
-struct Token {
+pub struct Token {
     color: Color,
     amount: usize,
 }
@@ -130,6 +130,9 @@ impl User {
     pub fn hex_id(&self) -> String {
         self.id.to_hex()
     }
+    pub fn get_tokovec(&self) -> Vec<Token> {
+        self.tokovec.clone()
+    }
 }
 
 #[derive(Serialize, Deserialize)]
@@ -190,6 +193,18 @@ impl DB {
 
         Err("Not Found".into())
     }
+    pub async fn get_user_authenticated(&self, id: &str, session: &String) -> Result<&User, String> {
+        match self.get_user(id).await {
+            Ok(u) => {
+                if u.authenticate(session) {
+                    Ok(u)
+                } else {
+                    Err("Not Authenticated".into())
+                }
+            },
+            Err(n) => Err(n)
+        }
+    }
     pub async fn get_mut_user(&mut self, id: &str) -> Result<&mut User, String> {
         match UID::from(id.to_string()) {
             Ok(n) => {
diff --git a/src/main.rs b/src/main.rs
index c48ceda..709b5b3 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -11,13 +11,24 @@ mod db;
 use db::DB;
 use db::User;
 use db::Config;
+use db::Token;
 
 #[get("/")]
 async fn index() -> &'static str {
     "This is a POKO server"
 }
 
-
+#[derive(Serialize)]
+struct AuthUserOut {
+    name: String,
+    id: String,
+    tokovec: Vec<Token>,
+}
+impl Into<AuthUserOut> for User {
+    fn into(self) -> AuthUserOut {
+        AuthUserOut { name: self.get_name(), id: self.hex_id(), tokovec: self.get_tokovec() }
+    }
+}
 #[derive(Serialize)]
 struct UserOut {
     name: String,
@@ -28,7 +39,14 @@ impl Into<UserOut> for User {
         UserOut { name: self.get_name(), id: self.hex_id() }
     }
 }
-
+#[post("/get", data="<data>", format="json")]
+async fn get_user_authenticated(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<Json<AuthUserOut>, Json<String>>) {
+    let db = db.lock().await;
+    match db.get_user_authenticated(&data.id, &data.session).await {
+        Ok(n) => (Status::Ok, Ok(Json(n.clone().into()))),
+        Err(n) => (Status::NotFound, Err(n.into()))
+    } 
+}
 #[get("/<user>")]
 async fn get_user(user: &str, db: &State<Mutex<DB>>) -> (Status, Result<Json<UserOut>, Json<String>>) {
     let db = db.lock().await;
@@ -118,7 +136,7 @@ struct LoginForm {
     password: String,
     clientid: String,
 }
-#[post("/", data="<data>", format="json")]
+#[post("/login", data="<data>", format="json", rank=2)]
 async fn login(data: Json<LoginForm>, db: &State<Mutex<DB>>) -> (Status, Json<String>) {
     let mut db = db.lock().await;
     match db.login(&data.id, &data.password, &data.clientid).await {
@@ -170,6 +188,6 @@ async fn delete(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Resul
 fn rocket() -> _ {
     rocket::build().manage(Mutex::new(DB::load(Config::new())))
     .mount("/", routes![index])
-    .mount("/user", routes![login, get_users_by_name, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete])
+    .mount("/user", routes![login, get_users_by_name, get_user_authenticated, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete])
     .mount("/transfer", routes![])
 }
\ No newline at end of file