diff --git a/Cargo.lock b/Cargo.lock index 806db86..00b3b11 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -186,21 +186,6 @@ dependencies = [ "pin-project 0.4.28", ] -[[package]] -name = "actix-session" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "559b815f2b3ad84f8a17256069d7df16c3ee8069635c86758729521d62ca891d" -dependencies = [ - "actix-service", - "actix-web", - "derive_more", - "futures-util", - "serde", - "serde_json", - "time 0.2.26", -] - [[package]] name = "actix-testing" version = "1.0.1" @@ -329,60 +314,6 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" -[[package]] -name = "aead" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" -dependencies = [ - "generic-array", -] - -[[package]] -name = "aes" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "884391ef1066acaa41e766ba8f596341b96e93ce34f9a43e7d24bf0a0eaf0561" -dependencies = [ - "aes-soft", - "aesni", - "cipher", -] - -[[package]] -name = "aes-gcm" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5278b5fabbb9bd46e24aa69b2fdea62c99088e0a950a9be40e3e0101298f88da" -dependencies = [ - "aead", - "aes", - "cipher", - "ctr", - "ghash", - "subtle", -] - -[[package]] -name = "aes-soft" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be14c7498ea50828a38d0e24a765ed2effe92a705885b57d029cd67d45744072" -dependencies = [ - "cipher", - "opaque-debug", -] - -[[package]] -name = "aesni" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea2e11f5e94c2f7d386164cc2aa1f97823fed6f259e486940a71c174dd01b0ce" -dependencies = [ - "cipher", - "opaque-debug", -] - [[package]] name = "aho-corasick" version = "0.7.18" @@ -639,15 +570,6 @@ dependencies = [ "winapi 0.3.9", ] -[[package]] -name = "cipher" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12f8e7987cbd042a63249497f41aed09f8e65add917ea6566effbc56578d6801" -dependencies = [ - "generic-array", -] - [[package]] name = "clap" version = "3.0.0-beta.2" @@ -727,13 +649,7 @@ version = "0.14.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "03a5d7b21829bc7b4bf4754a978a241ae54ea55a40f92bb20216e54096f4b951" dependencies = [ - "aes-gcm", - "base64 0.13.0", - "hkdf", - "hmac 0.10.1", "percent-encoding 2.1.0", - "rand 0.8.3", - "sha2", "time 0.2.26", "version_check 0.9.3", ] @@ -775,12 +691,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8aebca1129a03dc6dc2b127edd729435bbc4a37e1d5f4d7513165089ceb02634" -[[package]] -name = "cpuid-bool" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcb25d077389e53838a8158c8e99174c5a9d902dee4904320db714f3c653ffba" - [[package]] name = "crc32fast" version = "1.2.1" @@ -860,25 +770,6 @@ dependencies = [ "subtle", ] -[[package]] -name = "crypto-mac" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4857fd85a0c34b3c3297875b747c1e02e06b6a0ea32dd892d8192b9ce0813ea6" -dependencies = [ - "generic-array", - "subtle", -] - -[[package]] -name = "ctr" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb4a30d54f7443bf3d6191dcd486aca19e67cb3c49fa7a06a319966346707e7f" -dependencies = [ - "cipher", -] - [[package]] name = "deadpool" version = "0.5.2" @@ -1279,16 +1170,6 @@ dependencies = [ "wasi 0.10.0+wasi-snapshot-preview1", ] -[[package]] -name = "ghash" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97304e4cd182c3846f7575ced3890c53012ce534ad9114046b0a9e00bb30a375" -dependencies = [ - "opaque-debug", - "polyval", -] - [[package]] name = "h2" version = "0.2.7" @@ -1339,33 +1220,13 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" -[[package]] -name = "hkdf" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51ab2f639c231793c5f6114bdb9bbe50a7dbbfcd7c7c6bd8475dec2d991e964f" -dependencies = [ - "digest", - "hmac 0.10.1", -] - [[package]] name = "hmac" version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "deae6d9dbb35ec2c502d62b8f7b1c000a0822c3b0794ba36b3149c0a1c840dff" dependencies = [ - "crypto-mac 0.9.1", - "digest", -] - -[[package]] -name = "hmac" -version = "0.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15" -dependencies = [ - "crypto-mac 0.10.0", + "crypto-mac", "digest", ] @@ -1847,7 +1708,6 @@ dependencies = [ "actix-cors", "actix-files", "actix-rt", - "actix-session", "actix-web", "actix-web-httpauth", "ammonia", @@ -2233,17 +2093,6 @@ version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3831453b3449ceb48b6d9c7ad7c96d5ea673e9b470a1dc578c2ce6521230884c" -[[package]] -name = "polyval" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eebcc4aa140b9abd2bc40d9c3f7ccec842679cd79045ac3a7ac698c1a064b7cd" -dependencies = [ - "cpuid-bool 0.2.0", - "opaque-debug", - "universal-hash", -] - [[package]] name = "postgres-derive" version = "0.4.0" @@ -2265,7 +2114,7 @@ dependencies = [ "byteorder", "bytes 0.5.6", "fallible-iterator", - "hmac 0.9.0", + "hmac", "md5", "memchr", "rand 0.7.3", @@ -2919,7 +2768,7 @@ checksum = "dfebf75d25bd900fd1e7d11501efab59bc846dbc76196839663e6637bba9f25f" dependencies = [ "block-buffer", "cfg-if 1.0.0", - "cpuid-bool 0.1.2", + "cpuid-bool", "digest", "opaque-debug", ] @@ -3528,16 +3377,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" -[[package]] -name = "universal-hash" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8326b2c654932e3e4f9196e69d08fdf7cfd718e1dc6f66b347e6024a0c961402" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "url" version = "1.7.2" diff --git a/Cargo.toml b/Cargo.toml index b714150..97f9e8b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -12,7 +12,6 @@ default-run = "mitra" # Used to handle incoming HTTP requests actix-cors = "0.5.4" actix-files = "0.5.0" -actix-session = "0.4.1" actix-web = "3.3.2" actix-web-httpauth = "0.5.1" # Used for managing async tasks diff --git a/README.md b/README.md index f359286..687f137 100644 --- a/README.md +++ b/README.md @@ -66,6 +66,7 @@ cargo build --release Endpoints are similar to Mastodon API: ``` +POST /api/v1/accounts GET /api/v1/accounts/{account_id} GET /api/v1/accounts/verify_credentials PATCH /api/v1/accounts/update_credentials diff --git a/config.yaml.example b/config.yaml.example index 83977b3..1b09f61 100644 --- a/config.yaml.example +++ b/config.yaml.example @@ -3,9 +3,6 @@ database_url: postgres://mitra:mitra@127.0.0.1:5432/mitra http_host: '127.0.0.1' http_port: 8380 -# 32 symbols or more -cookie_secret_key: null - # domain name instance_uri: myserver.net instance_title: myserver diff --git a/src/config.rs b/src/config.rs index 8e24d40..bb15cee 100644 --- a/src/config.rs +++ b/src/config.rs @@ -62,8 +62,6 @@ fn default_storage_dir() -> PathBuf { PathBuf::from("files") } fn default_contract_dir() -> PathBuf { PathBuf::from("contracts") } -fn default_cookie_name() -> String { "session".to_string() } - #[derive(Clone, Deserialize)] pub struct EthereumContract { pub address: String, @@ -89,11 +87,6 @@ pub struct Config { pub http_host: String, pub http_port: u32, - #[serde(default = "default_cookie_name")] - pub cookie_name: String, - - pub cookie_secret_key: String, - // Instance info pub instance_uri: String, pub instance_title: String, diff --git a/src/main.rs b/src/main.rs index c578d16..9f098f4 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,5 +1,4 @@ use actix_cors::Cors; -use actix_session::CookieSession; use actix_web::{ web, App, HttpServer, @@ -20,7 +19,6 @@ use mitra::mastodon_api::oauth::views::oauth_api_scope; use mitra::mastodon_api::search::views::search; use mitra::mastodon_api::statuses::views::status_api_scope; use mitra::mastodon_api::timelines::views as timeline_api; -use mitra::mastodon_api::users::views as user_api; use mitra::nodeinfo::views as nodeinfo; use mitra::scheduler; use mitra::webfinger::views as webfinger; @@ -59,14 +57,9 @@ async fn main() -> std::io::Result<()> { .allow_any_header() }, }; - let cookie_config = CookieSession::signed(config.cookie_secret_key.as_bytes()) - .name(config.cookie_name.clone()) - .max_age(86400 * 30) - .secure(true); App::new() .wrap(ActixLogger::new("%r : %s : %{r}a")) .wrap(cors_config) - .wrap(cookie_config) .wrap(create_auth_error_handler()) .data(web::PayloadConfig::default().limit(MAX_UPLOAD_SIZE)) .data(web::JsonConfig::default().limit(MAX_UPLOAD_SIZE)) @@ -81,9 +74,6 @@ async fn main() -> std::io::Result<()> { config.contract_dir.clone(), )) .service(oauth_api_scope()) - .service(user_api::login_view) - .service(user_api::current_user_view) - .service(user_api::logout_view) .service(profile_directory) .service(account_api_scope()) .service(media_api_scope()) diff --git a/src/mastodon_api/accounts/views.rs b/src/mastodon_api/accounts/views.rs index 634ce94..ac30f4d 100644 --- a/src/mastodon_api/accounts/views.rs +++ b/src/mastodon_api/accounts/views.rs @@ -1,4 +1,3 @@ -use actix_session::Session; use actix_web::{get, post, patch, web, HttpResponse, Scope}; use actix_web_httpauth::extractors::bearer::BearerAuth; use serde::Deserialize; @@ -14,8 +13,7 @@ use crate::config::Config; use crate::database::{Pool, get_database_client}; use crate::errors::HttpError; use crate::mastodon_api::statuses::types::Status; -use crate::mastodon_api::oauth::auth::get_current_user as get_current_user_; -use crate::mastodon_api::users::auth::get_current_user; +use crate::mastodon_api::oauth::auth::get_current_user; use crate::mastodon_api::users::views::create_user_view; use crate::models::posts::queries::get_posts_by_author; use crate::models::profiles::queries::{ @@ -40,25 +38,25 @@ async fn get_account( #[get("/verify_credentials")] async fn verify_credentials( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - auth: BearerAuth, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - let user = get_current_user_(db_client, auth.token()).await?; + let user = get_current_user(db_client, auth.token()).await?; let account = Account::from_user(user, &config.instance_url()); Ok(HttpResponse::Ok().json(account)) } #[patch("/update_credentials")] async fn update_credentials( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, data: web::Json, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - let mut current_user = get_current_user(db_client, session).await?; + let mut current_user = get_current_user(db_client, auth.token()).await?; let mut profile_data = data.into_inner() .into_profile_data( ¤t_user.profile.avatar_file_name, @@ -96,12 +94,12 @@ pub struct RelationshipQueryParams { #[get("/relationships")] async fn get_relationships( + auth: BearerAuth, db_pool: web::Data, - session: Session, query_params: web::Query, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let relationships = follows::get_relationships( db_client, current_user.id, @@ -112,13 +110,13 @@ async fn get_relationships( #[post("/{account_id}/follow")] async fn follow( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, web::Path(account_id): web::Path, ) -> Result { let db_client = &mut **get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let profile = get_profile_by_id(db_client, &account_id).await?; let relationship = if let Some(actor_value) = profile.actor_json { // Remote follow @@ -149,13 +147,13 @@ async fn follow( #[post("/{account_id}/unfollow")] async fn unfollow( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, web::Path(account_id): web::Path, ) -> Result { let db_client = &mut **get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let target_profile = get_profile_by_id(db_client, &account_id).await?; let relationship = if let Some(actor_value) = target_profile.actor_json { // Remote follow diff --git a/src/mastodon_api/directory/views.rs b/src/mastodon_api/directory/views.rs index 7878ce0..b8a27de 100644 --- a/src/mastodon_api/directory/views.rs +++ b/src/mastodon_api/directory/views.rs @@ -1,21 +1,21 @@ -use actix_session::Session; use actix_web::{get, web, HttpResponse}; +use actix_web_httpauth::extractors::bearer::BearerAuth; use crate::config::Config; use crate::database::{Pool, get_database_client}; use crate::errors::HttpError; use crate::mastodon_api::accounts::types::Account; -use crate::mastodon_api::users::auth::get_current_user; +use crate::mastodon_api::oauth::auth::get_current_user; use crate::models::profiles::queries::get_profiles; #[get("/api/v1/directory")] pub async fn profile_directory( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - get_current_user(db_client, session).await?; + get_current_user(db_client, auth.token()).await?; let accounts: Vec = get_profiles(db_client).await? .into_iter() .map(|profile| Account::from_profile(profile, &config.instance_url())) diff --git a/src/mastodon_api/media/views.rs b/src/mastodon_api/media/views.rs index d84ec08..220ac4d 100644 --- a/src/mastodon_api/media/views.rs +++ b/src/mastodon_api/media/views.rs @@ -1,23 +1,23 @@ -use actix_session::Session; use actix_web::{post, web, HttpResponse, Scope}; +use actix_web_httpauth::extractors::bearer::BearerAuth; use crate::config::Config; use crate::database::{Pool, get_database_client}; use crate::errors::HttpError; -use crate::mastodon_api::users::auth::get_current_user; +use crate::mastodon_api::oauth::auth::get_current_user; use crate::models::attachments::queries::create_attachment; use crate::utils::files::{FileError, save_b64_file}; use super::types::{AttachmentCreateData, Attachment}; #[post("")] async fn create_attachment_view( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, data: web::Json, ) -> Result { - let db_client = get_database_client(&db_pool).await?; - let current_user = get_current_user(&**db_client, session).await?; + let db_client = &**get_database_client(&db_pool).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let (file_name, media_type) = save_b64_file( &data.file, &config.media_dir(), @@ -26,7 +26,7 @@ async fn create_attachment_view( _ => HttpError::InternalError, })?; let db_attachment = create_attachment( - &**db_client, + db_client, ¤t_user.id, media_type, file_name, diff --git a/src/mastodon_api/search/views.rs b/src/mastodon_api/search/views.rs index 81646af..1630ddd 100644 --- a/src/mastodon_api/search/views.rs +++ b/src/mastodon_api/search/views.rs @@ -1,12 +1,12 @@ -use actix_session::Session; use actix_web::{get, web, HttpResponse}; +use actix_web_httpauth::extractors::bearer::BearerAuth; use serde::Deserialize; use crate::config::Config; use crate::database::{Pool, get_database_client}; use crate::errors::HttpError; use crate::mastodon_api::accounts::types::Account; -use crate::mastodon_api::users::auth::get_current_user; +use crate::mastodon_api::oauth::auth::get_current_user; use super::queries; use super::types::SearchResults; @@ -17,14 +17,14 @@ struct SearchQueryParams { #[get("/api/v2/search")] async fn search( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, query_params: web::Query, ) -> Result { - let db_client = get_database_client(&db_pool).await?; - get_current_user(&**db_client, session).await?; - let profiles = queries::search(&config, &**db_client, &query_params.q).await?; + let db_client = &**get_database_client(&db_pool).await?; + get_current_user(db_client, auth.token()).await?; + let profiles = queries::search(&config, db_client, &query_params.q).await?; let accounts: Vec = profiles.into_iter() .map(|profile| Account::from_profile(profile, &config.instance_url())) .collect(); diff --git a/src/mastodon_api/statuses/views.rs b/src/mastodon_api/statuses/views.rs index 9d6f4b5..8fc1aff 100644 --- a/src/mastodon_api/statuses/views.rs +++ b/src/mastodon_api/statuses/views.rs @@ -1,5 +1,5 @@ -use actix_session::Session; use actix_web::{get, post, web, HttpResponse, Scope}; +use actix_web_httpauth::extractors::bearer::BearerAuth; use serde::Serialize; use uuid::Uuid; @@ -12,7 +12,7 @@ use crate::errors::HttpError; use crate::ethereum::nft::create_mint_signature; use crate::ipfs::store as ipfs_store; use crate::ipfs::utils::{IPFS_LOGO, get_ipfs_url}; -use crate::mastodon_api::users::auth::get_current_user; +use crate::mastodon_api::oauth::auth::get_current_user; use crate::models::attachments::queries::set_attachment_ipfs_cid; use crate::models::profiles::queries::get_followers; use crate::models::posts::queries::{ @@ -26,13 +26,13 @@ use super::types::{Status, StatusData}; #[post("")] async fn create_status( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, data: web::Json, ) -> Result { let db_client = &mut **get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let mut post_data = PostCreateData::from(data.into_inner()); post_data.validate()?; let post = create_post(db_client, ¤t_user.id, post_data).await?; @@ -97,13 +97,13 @@ struct PostMetadata { #[post("/{status_id}/make_permanent")] async fn make_permanent( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, web::Path(status_id): web::Path, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - get_current_user(db_client, session).await?; + get_current_user(db_client, auth.token()).await?; let mut post = get_post_by_id(db_client, &status_id).await?; let ipfs_api_url = config.ipfs_api_url.as_ref() .ok_or(HttpError::NotSupported)?; @@ -143,13 +143,13 @@ async fn make_permanent( #[get("/{status_id}/signature")] async fn get_signature( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, web::Path(status_id): web::Path, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let contract_config = config.ethereum_contract.as_ref() .ok_or(HttpError::NotSupported)?; let post = get_post_by_id(db_client, &status_id).await?; diff --git a/src/mastodon_api/timelines/views.rs b/src/mastodon_api/timelines/views.rs index a71baa6..d9f550d 100644 --- a/src/mastodon_api/timelines/views.rs +++ b/src/mastodon_api/timelines/views.rs @@ -1,21 +1,21 @@ -use actix_session::Session; use actix_web::{get, web, HttpResponse}; +use actix_web_httpauth::extractors::bearer::BearerAuth; use crate::config::Config; use crate::database::{Pool, get_database_client}; use crate::errors::HttpError; +use crate::mastodon_api::oauth::auth::get_current_user; use crate::mastodon_api::statuses::types::Status; -use crate::mastodon_api::users::auth::get_current_user; use crate::models::posts::queries::get_posts; #[get("/api/v1/timelines/home")] pub async fn home_timeline( + auth: BearerAuth, config: web::Data, db_pool: web::Data, - session: Session, ) -> Result { let db_client = &**get_database_client(&db_pool).await?; - let current_user = get_current_user(db_client, session).await?; + let current_user = get_current_user(db_client, auth.token()).await?; let statuses: Vec = get_posts(db_client, ¤t_user.id).await? .into_iter() .map(|post| Status::from_post(post, &config.instance_url())) diff --git a/src/mastodon_api/users/auth.rs b/src/mastodon_api/users/auth.rs deleted file mode 100644 index d8e2f04..0000000 --- a/src/mastodon_api/users/auth.rs +++ /dev/null @@ -1,25 +0,0 @@ -use actix_session::Session; -use tokio_postgres::GenericClient; -use uuid::Uuid; - -use crate::errors::HttpError; -use crate::models::users::queries::get_user_by_id; -use crate::models::users::types::User; - -pub async fn get_current_user( - db_client: &impl GenericClient, - session: Session, -) -> Result { - let maybe_user_id = session.get::("id") - .map_err(|_| HttpError::SessionError("failed to read cookie"))?; - if let Some(user_id) = maybe_user_id { - let user_uuid = Uuid::parse_str(&user_id) - .map_err(|_| HttpError::SessionError("invalid uuid"))?; - let user = get_user_by_id(db_client, &user_uuid) - .await - .map_err(|_| HttpError::SessionError("user not found"))?; - Ok(user) - } else { - return Err(HttpError::SessionError("session not found")); - } -} diff --git a/src/mastodon_api/users/mod.rs b/src/mastodon_api/users/mod.rs index 35a5d0b..38b4403 100644 --- a/src/mastodon_api/users/mod.rs +++ b/src/mastodon_api/users/mod.rs @@ -1,2 +1 @@ -pub mod auth; pub mod views; diff --git a/src/mastodon_api/users/views.rs b/src/mastodon_api/users/views.rs index 2c94eae..9e3f181 100644 --- a/src/mastodon_api/users/views.rs +++ b/src/mastodon_api/users/views.rs @@ -1,6 +1,5 @@ -use actix_session::Session; use actix_web::{ - get, post, web, + post, web, HttpResponse, }; @@ -11,16 +10,12 @@ use crate::mastodon_api::accounts::types::{Account, AccountCreateData}; use crate::models::users::queries::{ is_valid_invite_code, create_user, - get_user_by_wallet_address, }; -use crate::models::users::types::UserLoginData; use crate::utils::crypto::{ hash_password, - verify_password, generate_private_key, serialize_private_key, }; -use super::auth::get_current_user; // /api/v1/accounts #[post("")] @@ -28,7 +23,6 @@ pub async fn create_user_view( config: web::Data, db_pool: web::Data, account_data: web::Json, - session: Session, ) -> Result { let db_client = &mut **get_database_client(&db_pool).await?; let user_data = account_data.into_inner().into_user_data(); @@ -57,47 +51,7 @@ pub async fn create_user_view( password_hash, private_key_pem, ).await?; - session.set("id", user.id)?; let account = Account::from_user(user, &config.instance_url()); Ok(HttpResponse::Created().json(account)) } -#[post("/api/v0/login")] -async fn login_view( - config: web::Data, - db_pool: web::Data, - form: web::Json, - session: Session, -) -> Result { - let db_client = &**get_database_client(&db_pool).await?; - let user = get_user_by_wallet_address(db_client, &form.wallet_address).await?; - let result = verify_password(&user.password_hash, &form.signature) - .map_err(|_| ValidationError("incorrect password"))?; - if !result { - // Invalid signature/password - Err(ValidationError("incorrect password"))?; - } - session.set("id", &user.id)?; - let account = Account::from_user(user, &config.instance_url()); - Ok(HttpResponse::Ok().json(account)) -} - -#[get("/api/v0/current-user")] -async fn current_user_view( - config: web::Data, - db_pool: web::Data, - session: Session, -) -> Result { - let db_client = &**get_database_client(&db_pool).await?; - let user = get_current_user(db_client, session).await?; - let account = Account::from_user(user, &config.instance_url()); - Ok(HttpResponse::Ok().json(account)) -} - -#[post("/api/v0/logout")] -async fn logout_view( - session: Session, -) -> Result { - session.clear(); - Ok(HttpResponse::Ok().body("logged out")) -} diff --git a/src/models/users/types.rs b/src/models/users/types.rs index a25ee0c..35dbda3 100644 --- a/src/models/users/types.rs +++ b/src/models/users/types.rs @@ -52,12 +52,6 @@ impl UserCreateData { } } -#[derive(Deserialize)] -pub struct UserLoginData { - pub signature: String, - pub wallet_address: String, -} - #[cfg(test)] mod tests { use super::*;