diff options
author | Tyler Murphy <tylermurphy534@gmail.com> | 2023-01-29 19:28:48 -0500 |
---|---|---|
committer | Tyler Murphy <tylermurphy534@gmail.com> | 2023-01-29 19:28:48 -0500 |
commit | ac58a612a3fe928793b77c592551fdd962b69064 (patch) | |
tree | c746d9325a88447e3149891a2435bcb1f3ece67a /src/types | |
parent | no mass rerendering html plus logging fix (diff) | |
download | xssbook-ac58a612a3fe928793b77c592551fdd962b69064.tar.gz xssbook-ac58a612a3fe928793b77c592551fdd962b69064.tar.bz2 xssbook-ac58a612a3fe928793b77c592551fdd962b69064.zip |
admin page
Diffstat (limited to 'src/types')
-rw-r--r-- | src/types/extract.rs | 32 | ||||
-rw-r--r-- | src/types/post.rs | 8 | ||||
-rw-r--r-- | src/types/session.rs | 8 | ||||
-rw-r--r-- | src/types/user.rs | 8 |
4 files changed, 55 insertions, 1 deletions
diff --git a/src/types/extract.rs b/src/types/extract.rs index 4d92a3b..64a3e73 100644 --- a/src/types/extract.rs +++ b/src/types/extract.rs @@ -19,7 +19,7 @@ use crate::{ http::{ResponseCode, Result}, session::Session, user::User, - }, + }, admin, }; pub struct AuthorizedUser(pub User); @@ -53,6 +53,36 @@ where } } +pub struct AdminUser; + +#[async_trait] +impl<S> FromRequestParts<S> for AdminUser +where + S: Send + Sync, +{ + type Rejection = Response; + + async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self> { + let Ok(Some(cookies)) = Option::<TypedHeader<Cookie>>::from_request_parts(parts, state).await else { + return Err(ResponseCode::Forbidden.text("No cookies provided")) + }; + + let Some(secret) = cookies.get("admin") else { + return Err(ResponseCode::Forbidden.text("No admin secret provided")) + }; + + println!("{}", secret); + + let check = admin::get_secret().await; + + if check != secret { + return Err(ResponseCode::Unauthorized.text("Auth token invalid")) + } + + Ok(Self) + } +} + pub struct Log; #[async_trait] diff --git a/src/types/post.rs b/src/types/post.rs index 90eada2..7397009 100644 --- a/src/types/post.rs +++ b/src/types/post.rs @@ -51,6 +51,14 @@ impl Post { } #[instrument()] + pub fn reterieve_all() -> Result<Vec<Self>> { + let Ok(posts) = database::posts::get_all_posts() else { + return Err(ResponseCode::InternalServerError.text("Failed to fetch posts")) + }; + Ok(posts) + } + + #[instrument()] pub fn new(user_id: u64, content: String) -> Result<Self> { let Ok(post) = database::posts::add_post(user_id, &content) else { tracing::error!("Failed to create post"); diff --git a/src/types/session.rs b/src/types/session.rs index e704ac7..a9073aa 100644 --- a/src/types/session.rs +++ b/src/types/session.rs @@ -22,6 +22,14 @@ impl Session { } #[instrument()] + pub fn reterieve_all() -> Result<Vec<Self>> { + let Ok(sessions) = database::sessions::get_all_sessions() else { + return Err(ResponseCode::InternalServerError.text("Failed to fetch sessions")) + }; + Ok(sessions) + } + + #[instrument()] pub fn new(user_id: u64) -> Result<Self> { let token: String = rand::thread_rng() .sample_iter(&Alphanumeric) diff --git a/src/types/user.rs b/src/types/user.rs index fcfbe91..2bffa52 100644 --- a/src/types/user.rs +++ b/src/types/user.rs @@ -69,6 +69,14 @@ impl User { } #[instrument()] + pub fn reterieve_all() -> Result<Vec<Self>> { + let Ok(users) = database::users::get_all_users() else { + return Err(ResponseCode::InternalServerError.text("Failed to fetch users")) + }; + Ok(users) + } + + #[instrument()] pub fn new(request: RegistrationRequet) -> Result<Self> { if Self::from_email(&request.email).is_ok() { return Err(ResponseCode::BadRequest |