2 files changed, 44 insertions, 1 deletions

diff --git a/src/db.rs b/src/db.rs
index 0c245cc..b173f2d 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -66,6 +66,10 @@ impl User {
         User { name, is_admin: admin, hashed_password, id, tokovec: base_tokens, sessions: HashMap::new() }
     }
 
+    pub fn is_admin(&self) -> bool {
+        self.is_admin
+    }
+
     fn update_name(&mut self, new_name: String) {
         self.name = new_name;
     }
@@ -298,6 +302,16 @@ impl DB {
         self.registration_keys.push(key.clone())
     }
 
+    pub async fn new_registration_key(&mut self, id: UID, session: &String, key: &String) -> Result<(), String> {
+        let u = self.get_user_authenticated(id, session).await?;
+        if u.is_admin {
+            self.add_key(key);
+            self.save().await
+        } else {
+            Err("Not an admin".into())
+        }
+    }
+
     pub async fn new_user(&mut self, name: String, password: String, id: UID, key: &String) -> Result<User, String> {
         if self.use_key(key).await.is_ok() {
             let mut is_admin = false;
diff --git a/src/main.rs b/src/main.rs
index 63a497d..81b416c 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -22,11 +22,12 @@ async fn index() -> &'static str {
 struct AuthUserOut {
     name: String,
     id: UID,
+    is_admin: bool,
     tokovec: Vec<Token>,
 }
 impl Into<AuthUserOut> for User {
     fn into(self) -> AuthUserOut {
-        AuthUserOut { name: self.get_name(), id: self.get_id(), tokovec: self.get_tokovec() }
+        AuthUserOut { name: self.get_name(), id: self.get_id(), is_admin: self.is_admin(), tokovec: self.get_tokovec() }
     }
 }
 #[derive(Serialize)]
@@ -222,6 +223,33 @@ async fn update_name(data: Json<UpdatePasswordForm>, db: &State<Mutex<DB>>) -> (
     }
 }
 
+#[derive(Deserialize)]
+struct NewRegistrationKeyForm {
+    id: UID,
+    session: String,
+    key: String,
+}
+
+#[post("/regkey/new", data="<data>", format="json")]
+async fn new_registration_key(data: Json<NewRegistrationKeyForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) {
+    let mut db = db.lock().await;
+    match db.new_registration_key(data.id, &data.session, &data.key).await {
+        Ok(_) => (Status::Ok, Ok(())),
+        Err(n) => (Status::InternalServerError, Err(n.into()))
+    }
+}
+
+#[post("/regkey/list", data="<data>", format="json")]
+async fn list_registration_keys(data: Json<LogoutForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) {
+    (Status::NotFound, Err("NOT IMPLEMENTED".to_string().into()))
+}
+
+#[post("/regkey/del", data="<data>", format="json")]
+async fn del_registration_key(data: Json<NewRegistrationKeyForm>, db: &State<Mutex<DB>>) -> (Status, Result<(), Json<String>>) {
+    (Status::NotFound, Err("NOT IMPLEMENTED".to_string().into()))
+}
+
+
 #[derive(Deserialize, Debug)]
 struct TransferForm {
     id: UID,
@@ -259,5 +287,6 @@ fn rocket() -> _ {
     .mount("/user", routes![login, get_users_by_name, get_user_authenticated, get_user, new_user, get_all_users, logout, logout_all, get_sessions, delete])
     .mount("/user/update", routes![update_name, update_password])
     .mount("/transfer", routes![transfer_out])
+    .mount("/admin", routes![new_registration_key, list_registration_keys, del_registration_key])
     .attach(cors)
 }
\ No newline at end of file