hermod_api/handlers/
auth.rs

1use actix_web::{web, HttpRequest, HttpResponse};
2use sqlx::PgPool;
3use tracing::field::Empty;
4
5use crate::{
6    db::NewUser, services::auth::validate_request_with_basic_auth, services::jwt::JwtClient,
7};
8
9use super::ApplicationResponse;
10
11#[tracing::instrument(name = "handlers::auth::login", skip(request, pool, jwt_client), fields(username=Empty, user_id=Empty))]
12/// Get(/login) attempts to log a user in, and if successful returns a JWT token
13pub async fn login(
14    request: web::HttpRequest,
15    pool: web::Data<PgPool>,
16    jwt_client: web::Data<JwtClient>,
17) -> ApplicationResponse {
18    let user = validate_request_with_basic_auth(request, &pool).await?;
19    tracing::Span::current().record("username", &tracing::field::display(&user.username));
20    tracing::Span::current().record("user_id", &tracing::field::display(&user.id));
21    let token = jwt_client.encode_token(user.id)?;
22    Ok(HttpResponse::Ok().body(token))
23}
24
25#[tracing::instrument(name = "handlers::auth::logout")]
26/// Get(/logout) logs a user out if they are currently logged in
27pub async fn logout() -> ApplicationResponse {
28    Ok(HttpResponse::BadRequest().body("Logouts with JWT's are performed client-side"))
29}
30
31#[derive(serde::Deserialize)]
32pub struct RegistrationRequest {
33    pub username: String,
34    pub password: String,
35}
36
37#[tracing::instrument(name = "handlers::auth::register", skip(pool, query), fields(username=%query.username, user_id=Empty))]
38pub async fn register(
39    pool: web::Data<PgPool>,
40    query: web::Form<RegistrationRequest>,
41) -> ApplicationResponse {
42    let new_user = NewUser::new(query.username.clone(), query.password.clone());
43    new_user.store(&pool).await?;
44    tracing::Span::current().record("user_id", &tracing::field::display(&new_user.id));
45
46    Ok(HttpResponse::Ok().body("New user stored.".to_string()))
47}
48
49#[tracing::instrument(name = "handlers::auth::whoami", skip(request, jwt_client), fields(username=Empty, user_id=Empty))]
50pub async fn who_am_i(
51    request: HttpRequest,
52    jwt_client: web::Data<JwtClient>,
53) -> ApplicationResponse {
54    let user = jwt_client.user_or_403(request).await?;
55    Ok(HttpResponse::Ok().body(user.username))
56}