aboutsummaryrefslogtreecommitdiffstats
path: root/src/custom_filters.rs
diff options
context:
space:
mode:
authorYigit Sever2021-04-11 21:39:18 +0300
committerYigit Sever2021-04-12 00:03:23 +0300
commit518a99a132707ba0e2572b24ca18f6b9606d7334 (patch)
treec7cbe183f088b286903389f58743b1e5688119c5 /src/custom_filters.rs
parent217398c52c68b3b73454d3e9f66c85b5a1638f3f (diff)
downloadgradecoin-518a99a132707ba0e2572b24ca18f6b9606d7334.tar.gz
gradecoin-518a99a132707ba0e2572b24ca18f6b9606d7334.tar.bz2
gradecoin-518a99a132707ba0e2572b24ca18f6b9606d7334.zip
Implement User handling and authentication
New struct: User, corresponds to a student Blocks and users are persistent (written to a text file) PostgreSQL would've been overkill, we have 30 students AuthRequest is the representation for incoming register requests and User is the inner representation Students who are enrolled to the class are hardcoded, only they can register new accounts There are two new tests, one checks if a priviliged (=enrolled) user can create an account and the other checks if a unpriviliged one cannot There are quick verbose error messages that I'm not married to, might move on to something better honestly There's nothing stopping a malicious user to pre-register everyone with mock public keys and effectively lock everyone out, what's a good secret we can use?
Diffstat (limited to 'src/custom_filters.rs')
-rw-r--r--src/custom_filters.rs12
1 files changed, 10 insertions, 2 deletions
diff --git a/src/custom_filters.rs b/src/custom_filters.rs
index 8c36d02..0806c6d 100644
--- a/src/custom_filters.rs
+++ b/src/custom_filters.rs
@@ -3,19 +3,27 @@
3use std::convert::Infallible; 3use std::convert::Infallible;
4use warp::{Filter, Rejection}; 4use warp::{Filter, Rejection};
5 5
6use crate::schema::{Block, Db, Transaction}; 6use crate::schema::{Block, Db, Transaction, AuthRequest};
7 7
8// Database context for routes 8// Database context for routes
9pub fn with_db(db: Db) -> impl Filter<Extract = (Db,), Error = Infallible> + Clone { 9pub fn with_db(db: Db) -> impl Filter<Extract = (Db,), Error = Infallible> + Clone {
10 warp::any().map(move || db.clone()) 10 warp::any().map(move || db.clone())
11} 11}
12 12
13// Accept only json encoded User body and reject big payloads
14// TODO: find a good limit for this, (=e2482057; 8 char String + rsa pem) <11-04-21, yigit> //
15pub fn auth_request_json_body() -> impl Filter<Extract = (AuthRequest,), Error = Rejection> + Clone {
16 warp::body::content_length_limit(1024 * 32).and(warp::body::json())
17}
18
13// Accept only json encoded Transaction body and reject big payloads 19// Accept only json encoded Transaction body and reject big payloads
20// TODO: find a good limit for this <11-04-21, yigit> //
14pub fn transaction_json_body() -> impl Filter<Extract = (Transaction,), Error = Rejection> + Clone { 21pub fn transaction_json_body() -> impl Filter<Extract = (Transaction,), Error = Rejection> + Clone {
15 warp::body::content_length_limit(1024 * 32).and(warp::body::json()) 22 warp::body::content_length_limit(1024 * 32).and(warp::body::json())
16} 23}
17 24
18// Accept only json encoded Transaction body and reject big payloads 25// Accept only json encoded Block body and reject big payloads
26// TODO: find a good limit for this <11-04-21, yigit> //
19pub fn block_json_body() -> impl Filter<Extract = (Block,), Error = Rejection> + Clone { 27pub fn block_json_body() -> impl Filter<Extract = (Block,), Error = Rejection> + Clone {
20 warp::body::content_length_limit(1024 * 32).and(warp::body::json()) 28 warp::body::content_length_limit(1024 * 32).and(warp::body::json())
21} 29}