aboutsummaryrefslogtreecommitdiffstats
path: root/src/handlers.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/handlers.rs')
-rw-r--r--src/handlers.rs60
1 files changed, 56 insertions, 4 deletions
diff --git a/src/handlers.rs b/src/handlers.rs
index 38bd459..07986f5 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -1,16 +1,29 @@
1use blake2::{Blake2s, Digest};
2use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
1/// API handlers, the ends of each filter chain 3/// API handlers, the ends of each filter chain
2use log::debug; 4use log::debug;
5use md5::Md5;
3use parking_lot::RwLockUpgradableReadGuard; 6use parking_lot::RwLockUpgradableReadGuard;
7use serde::{Deserialize, Serialize};
4use serde_json; 8use serde_json;
5use serde_json::json; 9use serde_json::json;
6use std::convert::Infallible; 10use std::convert::Infallible;
7use warp::{http::Response, http::StatusCode, reply}; 11use std::fs;
12use warp::{http::Response, http::StatusCode, reject, reply};
8 13
9use blake2::{Blake2s, Digest}; 14use gradecoin::schema::{
15 AuthRequest, Block, Db, MetuId, NakedBlock, PublicKeySignature, Transaction, User,
16};
10 17
11use std::fs; 18const BEARER: &str = "Bearer ";
12 19
13use gradecoin::schema::{AuthRequest, Block, Db, MetuId, NakedBlock, Transaction, User}; 20/// tha: Transaction Hash, String
21/// iat: Issued At, Unix Time, epoch
22#[derive(Debug, Serialize, Deserialize)]
23pub struct Claims {
24 pub tha: String,
25 pub iat: usize,
26}
14 27
15/// POST /register 28/// POST /register
16/// Enables a student to introduce themselves to the system 29/// Enables a student to introduce themselves to the system
@@ -167,3 +180,42 @@ pub async fn propose_block(new_block: Block, db: Db) -> Result<impl warp::Reply,
167 Ok(StatusCode::BAD_REQUEST) 180 Ok(StatusCode::BAD_REQUEST)
168 } 181 }
169} 182}
183
184pub async fn auth_propose_transaction(
185 new_transaction: Transaction,
186 token: String,
187 db: Db,
188) -> Result<impl warp::Reply, warp::Rejection> {
189 debug!("new transaction request {:?}", new_transaction);
190 let raw_jwt = token.trim_start_matches(BEARER).to_owned();
191
192 let decoded = jsonwebtoken::decode::<Claims>(
193 &token,
194 &DecodingKey::from_rsa_pem(
195 db.users
196 .read()
197 .get(&new_transaction.by)
198 .unwrap()
199 .public_key
200 .as_bytes(),
201 )
202 .unwrap(),
203 // todo@keles: If user is not found return user not found error
204 &Validation::new(Algorithm::PS256),
205 )
206 .unwrap();
207 // todo: If user is found but header is not validated, return header not valid
208
209 let hashed_transaction = Md5::digest(&serde_json::to_vec(&new_transaction).unwrap());
210
211 // let mut transactions = db.lock().await;
212 if decoded.claims.tha == format!("{:x}", hashed_transaction) {
213 let mut transactions = db.pending_transactions.write();
214
215 transactions.insert(new_transaction.source.to_owned(), new_transaction);
216
217 Ok(StatusCode::CREATED)
218 } else {
219 Ok(StatusCode::BAD_REQUEST)
220 }
221}