add: developer panel

crates/app/src/routes/api/v1/apps.rs

@@ -1,11 +1,20 @@
 use crate::{
     get_user_from_token,
-    routes::api::v1::{UpdateAppHomepage, UpdateAppQuotaStatus, UpdateAppRedirect, UpdateAppTitle},
+    routes::api::v1::{
+        CreateGrant, UpdateAppHomepage, UpdateAppQuotaStatus, UpdateAppRedirect, UpdateAppScopes,
+        UpdateAppTitle,
+    },
     State,
 };
 use axum::{Extension, Json, extract::Path, response::IntoResponse};
 use axum_extra::extract::CookieJar;
-use tetratto_core::model::{apps::ThirdPartyApp, permissions::FinePermission, ApiReturn, Error};
+use tetratto_core::model::{
+    apps::ThirdPartyApp,
+    oauth::{AuthGrant, PkceChallengeMethod},
+    permissions::FinePermission,
+    ApiReturn, Error,
+};
+use tetratto_shared::{hash::random_id, unix_epoch_timestamp};
 use super::CreateApp;
 
 pub async fn create_request(
@@ -129,6 +138,28 @@ pub async fn update_quota_status_request(
     }
 }
 
+pub async fn update_scopes_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+    Json(req): Json<UpdateAppScopes>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    match data.update_app_scopes(id, &user, req.scopes).await {
+        Ok(_) => Json(ApiReturn {
+            ok: true,
+            message: "App updated".to_string(),
+            payload: (),
+        }),
+        Err(e) => Json(e.into()),
+    }
+}
+
 pub async fn delete_request(
     jar: CookieJar,
     Extension(data): Extension<State>,
@@ -149,3 +180,50 @@ pub async fn delete_request(
         Err(e) => Json(e.into()),
     }
 }
+
+pub async fn grant_request(
+    jar: CookieJar,
+    Extension(data): Extension<State>,
+    Path(id): Path<usize>,
+    Json(req): Json<CreateGrant>,
+) -> impl IntoResponse {
+    let data = &(data.read().await).0;
+    let mut user = match get_user_from_token!(jar, data) {
+        Some(ua) => ua,
+        None => return Json(Error::NotAllowed.into()),
+    };
+
+    let app = match data.get_app_by_id(id).await {
+        Ok(a) => a,
+        Err(e) => return Json(e.into()),
+    };
+
+    if user.get_grant_by_app_id(id).is_some() {
+        return Json(Error::MiscError("This app already has a grant".to_string()).into());
+    }
+
+    let grant = AuthGrant {
+        app: app.id,
+        challenge: req.challenge,
+        method: PkceChallengeMethod::S256,
+        token: random_id(),
+        last_updated: unix_epoch_timestamp(),
+        scopes: app.scopes.clone(),
+    };
+
+    user.grants.push(grant.clone());
+    match data.update_user_grants(user.id, user.grants).await {
+        Ok(_) => {
+            if let Err(e) = data.incr_app_grants(id).await {
+                return Json(e.into());
+            }
+
+            Json(ApiReturn {
+                ok: true,
+                message: "User updated".to_string(),
+                payload: Some(grant.token),
+            })
+        }
+        Err(e) => Json(e.into()),
+    }
+}