123 lines
3.6 KiB
Rust
123 lines
3.6 KiB
Rust
use crate::{State, get_user_from_token, routes::api::v1::CreateReaction};
|
|
use axum::{
|
|
extract::Path,
|
|
http::{HeaderMap, HeaderValue},
|
|
response::IntoResponse,
|
|
Extension, Json,
|
|
};
|
|
use crate::cookie::CookieJar;
|
|
use tetratto_core::model::{addr::RemoteAddr, oauth, reactions::Reaction, ApiReturn, Error};
|
|
|
|
pub async fn get_request(
|
|
jar: CookieJar,
|
|
Extension(data): Extension<State>,
|
|
Path(id): Path<usize>,
|
|
) -> impl IntoResponse {
|
|
let data = &(data.read().await).0;
|
|
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReact) {
|
|
Some(ua) => ua,
|
|
None => return Json(Error::NotAllowed.into()),
|
|
};
|
|
|
|
match data.get_reaction_by_owner_asset(user.id, id).await {
|
|
Ok(r) => Json(ApiReturn {
|
|
ok: true,
|
|
message: "Reaction exists".to_string(),
|
|
payload: Some(r),
|
|
}),
|
|
Err(e) => Json(e.into()),
|
|
}
|
|
}
|
|
|
|
pub async fn create_request(
|
|
jar: CookieJar,
|
|
headers: HeaderMap,
|
|
Extension(data): Extension<State>,
|
|
Json(req): Json<CreateReaction>,
|
|
) -> impl IntoResponse {
|
|
let data = &(data.read().await).0;
|
|
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReact) {
|
|
Some(ua) => ua,
|
|
None => return Json(Error::NotAllowed.into()),
|
|
};
|
|
|
|
let asset_id = match req.asset.parse::<usize>() {
|
|
Ok(n) => n,
|
|
Err(e) => return Json(Error::MiscError(e.to_string()).into()),
|
|
};
|
|
|
|
// get real ip
|
|
let real_ip = headers
|
|
.get(data.0.0.security.real_ip_header.to_owned())
|
|
.unwrap_or(&HeaderValue::from_static(""))
|
|
.to_str()
|
|
.unwrap_or("")
|
|
.to_string();
|
|
|
|
// check for ip ban
|
|
let addr = RemoteAddr::from(real_ip.as_str());
|
|
if data.get_ipban_by_addr(&addr).await.is_ok() {
|
|
return Json(Error::NotAllowed.into());
|
|
}
|
|
|
|
// check for existing reaction
|
|
if let Ok(r) = data.get_reaction_by_owner_asset(user.id, asset_id).await {
|
|
match data.delete_reaction(r.id, &user).await {
|
|
Ok(_) => {
|
|
// if we're trying to create a reaction of a DIFFERENT TYPE, then
|
|
// we don't need to return here
|
|
if r.is_like == req.is_like {
|
|
return Json(ApiReturn {
|
|
ok: true,
|
|
message: "Reaction removed".to_string(),
|
|
payload: (),
|
|
});
|
|
}
|
|
}
|
|
Err(e) => return Json(e.into()),
|
|
};
|
|
}
|
|
|
|
// create reaction
|
|
match data
|
|
.create_reaction(
|
|
Reaction::new(user.id, asset_id, req.asset_type, req.is_like),
|
|
&user,
|
|
&addr,
|
|
)
|
|
.await
|
|
{
|
|
Ok(_) => Json(ApiReturn {
|
|
ok: true,
|
|
message: "Reaction created".to_string(),
|
|
payload: (),
|
|
}),
|
|
Err(e) => Json(e.into()),
|
|
}
|
|
}
|
|
|
|
pub async fn delete_request(
|
|
jar: CookieJar,
|
|
Extension(data): Extension<State>,
|
|
Path(id): Path<usize>,
|
|
) -> impl IntoResponse {
|
|
let data = &(data.read().await).0;
|
|
let user = match get_user_from_token!(jar, data, oauth::AppScope::UserReact) {
|
|
Some(ua) => ua,
|
|
None => return Json(Error::NotAllowed.into()),
|
|
};
|
|
|
|
let reaction = match data.get_reaction_by_owner_asset(user.id, id).await {
|
|
Ok(r) => r,
|
|
Err(e) => return Json(e.into()),
|
|
};
|
|
|
|
match data.delete_reaction(reaction.id, &user).await {
|
|
Ok(_) => Json(ApiReturn {
|
|
ok: true,
|
|
message: "Reaction deleted".to_string(),
|
|
payload: (),
|
|
}),
|
|
Err(e) => Json(e.into()),
|
|
}
|
|
}
|