summaryrefslogtreecommitdiff
path: root/src/types
diff options
context:
space:
mode:
authorTyler Murphy <tylermurphy534@gmail.com>2023-01-29 19:28:48 -0500
committerTyler Murphy <tylermurphy534@gmail.com>2023-01-29 19:28:48 -0500
commitac58a612a3fe928793b77c592551fdd962b69064 (patch)
treec746d9325a88447e3149891a2435bcb1f3ece67a /src/types
parentno mass rerendering html plus logging fix (diff)
downloadxssbook-ac58a612a3fe928793b77c592551fdd962b69064.tar.gz
xssbook-ac58a612a3fe928793b77c592551fdd962b69064.tar.bz2
xssbook-ac58a612a3fe928793b77c592551fdd962b69064.zip
admin page
Diffstat (limited to 'src/types')
-rw-r--r--src/types/extract.rs32
-rw-r--r--src/types/post.rs8
-rw-r--r--src/types/session.rs8
-rw-r--r--src/types/user.rs8
4 files changed, 55 insertions, 1 deletions
diff --git a/src/types/extract.rs b/src/types/extract.rs
index 4d92a3b..64a3e73 100644
--- a/src/types/extract.rs
+++ b/src/types/extract.rs
@@ -19,7 +19,7 @@ use crate::{
http::{ResponseCode, Result},
session::Session,
user::User,
- },
+ }, admin,
};
pub struct AuthorizedUser(pub User);
@@ -53,6 +53,36 @@ where
}
}
+pub struct AdminUser;
+
+#[async_trait]
+impl<S> FromRequestParts<S> for AdminUser
+where
+ S: Send + Sync,
+{
+ type Rejection = Response;
+
+ async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self> {
+ let Ok(Some(cookies)) = Option::<TypedHeader<Cookie>>::from_request_parts(parts, state).await else {
+ return Err(ResponseCode::Forbidden.text("No cookies provided"))
+ };
+
+ let Some(secret) = cookies.get("admin") else {
+ return Err(ResponseCode::Forbidden.text("No admin secret provided"))
+ };
+
+ println!("{}", secret);
+
+ let check = admin::get_secret().await;
+
+ if check != secret {
+ return Err(ResponseCode::Unauthorized.text("Auth token invalid"))
+ }
+
+ Ok(Self)
+ }
+}
+
pub struct Log;
#[async_trait]
diff --git a/src/types/post.rs b/src/types/post.rs
index 90eada2..7397009 100644
--- a/src/types/post.rs
+++ b/src/types/post.rs
@@ -51,6 +51,14 @@ impl Post {
}
#[instrument()]
+ pub fn reterieve_all() -> Result<Vec<Self>> {
+ let Ok(posts) = database::posts::get_all_posts() else {
+ return Err(ResponseCode::InternalServerError.text("Failed to fetch posts"))
+ };
+ Ok(posts)
+ }
+
+ #[instrument()]
pub fn new(user_id: u64, content: String) -> Result<Self> {
let Ok(post) = database::posts::add_post(user_id, &content) else {
tracing::error!("Failed to create post");
diff --git a/src/types/session.rs b/src/types/session.rs
index e704ac7..a9073aa 100644
--- a/src/types/session.rs
+++ b/src/types/session.rs
@@ -22,6 +22,14 @@ impl Session {
}
#[instrument()]
+ pub fn reterieve_all() -> Result<Vec<Self>> {
+ let Ok(sessions) = database::sessions::get_all_sessions() else {
+ return Err(ResponseCode::InternalServerError.text("Failed to fetch sessions"))
+ };
+ Ok(sessions)
+ }
+
+ #[instrument()]
pub fn new(user_id: u64) -> Result<Self> {
let token: String = rand::thread_rng()
.sample_iter(&Alphanumeric)
diff --git a/src/types/user.rs b/src/types/user.rs
index fcfbe91..2bffa52 100644
--- a/src/types/user.rs
+++ b/src/types/user.rs
@@ -69,6 +69,14 @@ impl User {
}
#[instrument()]
+ pub fn reterieve_all() -> Result<Vec<Self>> {
+ let Ok(users) = database::users::get_all_users() else {
+ return Err(ResponseCode::InternalServerError.text("Failed to fetch users"))
+ };
+ Ok(users)
+ }
+
+ #[instrument()]
pub fn new(request: RegistrationRequet) -> Result<Self> {
if Self::from_email(&request.email).is_ok() {
return Err(ResponseCode::BadRequest