Add the fetching of user JSON by github login with a token header
This commit is contained in:
Nathan Sobo
parent
f4b9772ec2
commit
323e1f7367
3 changed files with 47 additions and 0 deletions
|
|
@ -5,6 +5,7 @@ HTTP_PORT = 8080
|
||||||
|
|
||||||
DATABASE_URL = "postgres://postgres@localhost/zed"
|
DATABASE_URL = "postgres://postgres@localhost/zed"
|
||||||
SESSION_SECRET = "6E1GS6IQNOLIBKWMEVWF1AFO4H78KNU8"
|
SESSION_SECRET = "6E1GS6IQNOLIBKWMEVWF1AFO4H78KNU8"
|
||||||
|
API_TOKEN = "secret"
|
||||||
|
|
||||||
# Available at https://github.com/organizations/zed-industries/settings/apps/zed-local-development
|
# Available at https://github.com/organizations/zed-industries/settings/apps/zed-local-development
|
||||||
GITHUB_APP_ID = 115633
|
GITHUB_APP_ID = 115633
|
||||||
|
|
|
||||||
43
crates/server/src/api.rs
Normal file
43
crates/server/src/api.rs
Normal file
|
|
@ -0,0 +1,43 @@
|
||||||
|
use crate::{AppState, Request, RequestExt as _};
|
||||||
|
use async_trait::async_trait;
|
||||||
|
use std::sync::Arc;
|
||||||
|
|
||||||
|
pub fn add_routes(app: &mut tide::Server<Arc<AppState>>) {
|
||||||
|
app.at("/users/:github_login").get(get_user);
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn get_user(request: Request) -> tide::Result {
|
||||||
|
request.require_token().await?;
|
||||||
|
|
||||||
|
let user = request
|
||||||
|
.db()
|
||||||
|
.get_user_by_github_login(request.param("github_login")?)
|
||||||
|
.await?
|
||||||
|
.ok_or_else(|| surf::Error::from_str(404, "user not found"))?;
|
||||||
|
|
||||||
|
Ok(tide::Response::builder(200)
|
||||||
|
.body(tide::Body::from_json(&user)?)
|
||||||
|
.build())
|
||||||
|
}
|
||||||
|
|
||||||
|
#[async_trait]
|
||||||
|
pub trait RequestExt {
|
||||||
|
async fn require_token(&self) -> tide::Result<()>;
|
||||||
|
}
|
||||||
|
|
||||||
|
#[async_trait]
|
||||||
|
impl RequestExt for Request {
|
||||||
|
async fn require_token(&self) -> tide::Result<()> {
|
||||||
|
let token = self
|
||||||
|
.header("Authorization")
|
||||||
|
.and_then(|header| header.get(0))
|
||||||
|
.and_then(|header| header.as_str().strip_prefix("token "))
|
||||||
|
.ok_or_else(|| surf::Error::from_str(403, "invalid authorization header"))?;
|
||||||
|
|
||||||
|
if token == self.state().config.api_token {
|
||||||
|
Ok(())
|
||||||
|
} else {
|
||||||
|
Err(tide::Error::from_str(403, "invalid authorization token"))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
mod admin;
|
mod admin;
|
||||||
|
mod api;
|
||||||
mod assets;
|
mod assets;
|
||||||
mod auth;
|
mod auth;
|
||||||
mod community;
|
mod community;
|
||||||
|
|
@ -43,6 +44,7 @@ pub struct Config {
|
||||||
pub github_client_id: String,
|
pub github_client_id: String,
|
||||||
pub github_client_secret: String,
|
pub github_client_secret: String,
|
||||||
pub github_private_key: String,
|
pub github_private_key: String,
|
||||||
|
pub api_token: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct AppState {
|
pub struct AppState {
|
||||||
|
|
@ -173,6 +175,7 @@ pub async fn run_server(
|
||||||
.with_same_site_policy(SameSite::Lax), // Required obtain our session in /auth_callback
|
.with_same_site_policy(SameSite::Lax), // Required obtain our session in /auth_callback
|
||||||
);
|
);
|
||||||
web.with(errors::Middleware);
|
web.with(errors::Middleware);
|
||||||
|
api::add_routes(&mut web);
|
||||||
home::add_routes(&mut web);
|
home::add_routes(&mut web);
|
||||||
team::add_routes(&mut web);
|
team::add_routes(&mut web);
|
||||||
releases::add_routes(&mut web);
|
releases::add_routes(&mut web);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue