add: user account switcher

2025-04-03 22:36:58 -04:00 · 2025-04-03 22:36:58 -04:00 · 20aae5570b
commit 20aae5570b
parent 48e0b02198
13 changed files with 172 additions and 34 deletions
--- a/crates/app/src/routes/api/v1/auth/mod.rs
+++ b/crates/app/src/routes/api/v1/auth/mod.rs
@ -9,11 +9,13 @@ use crate::{
    model::{ApiReturn, Error, auth::User},
 };
 use axum::{
-    Extension, Json,
+    extract::Query,
    http::{HeaderMap, HeaderValue},
-    response::IntoResponse,
+    response::{IntoResponse, Redirect},
+    Extension, Json,
 };
 use axum_extra::extract::CookieJar;
+use serde::Deserialize;
 use tetratto_shared::hash::hash;

 use cf_turnstile::{SiteVerifyRequest, TurnstileClient};
@ -21,23 +23,23 @@ use cf_turnstile::{SiteVerifyRequest, TurnstileClient};
 /// `/api/v1/auth/register`
 pub async fn register_request(
    headers: HeaderMap,
-    jar: CookieJar,
+    // jar: CookieJar,
    Extension(data): Extension<State>,
    Json(props): Json<RegisterProps>,
 ) -> impl IntoResponse {
    let data = &(data.read().await).0;
-    let user = get_user_from_token!(jar, data);
+    // let user = get_user_from_token!(jar, data);

-    if user.is_some() {
-        return (
-            None,
-            Json(ApiReturn {
-                ok: false,
-                message: Error::AlreadyAuthenticated.to_string(),
-                payload: (),
-            }),
-        );
-    }
+    // if user.is_some() {
+    //     return (
+    //         None,
+    //         Json(ApiReturn {
+    //             ok: false,
+    //             message: Error::AlreadyAuthenticated.to_string(),
+    //             payload: (),
+    //         }),
+    //     );
+    // }

    // get real ip
    let real_ip = headers
@ -93,7 +95,7 @@ pub async fn register_request(
            )]),
            Json(ApiReturn {
                ok: true,
-                message: "User created".to_string(),
+                message: initial_token,
                payload: (),
            }),
        ),
@ -104,16 +106,16 @@ pub async fn register_request(
 /// `/api/v1/auth/login`
 pub async fn login_request(
    headers: HeaderMap,
-    jar: CookieJar,
+    // jar: CookieJar,
    Extension(data): Extension<State>,
    Json(props): Json<LoginProps>,
 ) -> impl IntoResponse {
    let data = &(data.read().await).0;
-    let user = get_user_from_token!(jar, data);
+    // let user = get_user_from_token!(jar, data);

-    if user.is_some() {
-        return (None, Json(Error::AlreadyAuthenticated.into()));
-    }
+    // if user.is_some() {
+    //     return (None, Json(Error::AlreadyAuthenticated.into()));
+    // }

    // get real ip
    let real_ip = headers
@ -211,3 +213,32 @@ pub async fn logout_request(
        }),
    )
 }
+
+#[derive(Deserialize)]
+pub struct SetTokenQuery {
+    #[serde(default)]
+    pub token: String,
+}
+
+/// Set the current user token.
+pub async fn set_token_request(Query(props): Query<SetTokenQuery>) -> impl IntoResponse {
+    (
+        {
+            let mut headers = HeaderMap::new();
+
+            headers.insert(
+                "Set-Cookie",
+                format!(
+                    "__Secure-atto-token={}; SameSite=Lax; Secure; Path=/; HostOnly=true; HttpOnly=true; Max-Age={}",
+                    props.token,
+                    60* 60 * 24 * 365
+                )
+                .parse()
+                .unwrap(),
+            );
+
+            headers
+        },
+        Redirect::to("/"),
+    )
+}
--- a/crates/app/src/routes/api/v1/mod.rs
+++ b/crates/app/src/routes/api/v1/mod.rs
@ -94,6 +94,7 @@ pub fn routes() -> Router {
        .route("/auth/register", post(auth::register_request))
        .route("/auth/login", post(auth::login_request))
        .route("/auth/logout", post(auth::logout_request))
+        .route("/auth/token", get(auth::set_token_request))
        .route(
            "/auth/upload/avatar",
            post(auth::images::upload_avatar_request),
--- a/crates/app/src/routes/api/v1/util.rs
+++ b/crates/app/src/routes/api/v1/util.rs
@ -109,7 +109,7 @@ pub struct LangFileQuery {
    pub id: String,
 }

-/// Set the current language
+/// Set the current language.
 pub async fn set_langfile_request(Query(props): Query<LangFileQuery>) -> impl IntoResponse {
    (
        {
--- a/crates/app/src/routes/pages/auth.rs
+++ b/crates/app/src/routes/pages/auth.rs
@ -1,7 +1,7 @@
 use crate::{State, assets::initial_context, get_lang, get_user_from_token};
 use axum::{
    Extension,
-    response::{Html, IntoResponse, Redirect},
+    response::{Html, IntoResponse},
 };
 use axum_extra::extract::CookieJar;

@ -10,14 +10,14 @@ pub async fn login_request(jar: CookieJar, Extension(data): Extension<State>) ->
    let data = data.read().await;
    let user = get_user_from_token!(jar, data.0);

-    if user.is_some() {
-        return Err(Redirect::to("/"));
-    }
+    // if user.is_some() {
+    //     return Err(Redirect::to("/"));
+    // }

    let lang = get_lang!(jar, data.0);
    let context = initial_context(&data.0.0, lang, &user).await;

-    Ok(Html(data.1.render("auth/login.html", &context).unwrap()))
+    Html(data.1.render("auth/login.html", &context).unwrap())
 }

 /// `/auth/register`
@ -28,12 +28,12 @@ pub async fn register_request(
    let data = data.read().await;
    let user = get_user_from_token!(jar, data.0);

-    if user.is_some() {
-        return Err(Redirect::to("/"));
-    }
+    // if user.is_some() {
+    //     return Err(Redirect::to("/"));
+    // }

    let lang = get_lang!(jar, data.0);
    let context = initial_context(&data.0.0, lang, &user).await;

-    Ok(Html(data.1.render("auth/register.html", &context).unwrap()))
+    Html(data.1.render("auth/register.html", &context).unwrap())
 }