feat: implement user login functionality with session management

2025-04-03 13:58:18 +02:00 · 2025-04-03 13:58:18 +02:00 · 4828b7e907
commit 4828b7e907
parent 34d979da86
7 changed files with 37 additions and 10 deletions
--- a/bruno/user/Verify
+++ b/bruno/user/Verify
@ -0,0 +1,18 @@
 meta {
  name: Verify User
  type: http
  seq: 2
 }
 post {
  url: {{api_base}}/auth/login
  body: json
  auth: inherit
 }
 body:json {
  {
    "username": "hure",
    "password": "nüttchen"
  }
 }
--- a/crates/backend/Cargo.toml
+++ b/crates/backend/Cargo.toml
@ -25,6 +25,7 @@ sea-orm = { version = "1.1", features = [
    "runtime-tokio-rustls",
    "macros",
 ] }
 uuid = "1"
 dotenvy = "0.15"
--- a/crates/backend/src/controller/auth.rs
+++ b/crates/backend/src/controller/auth.rs
@ -1,11 +1,11 @@
 use actix_session::Session;
 use actix_web::{
-    HttpResponse, get, post,
+    HttpResponse, Responder, post,
    web::{self, ServiceConfig},
 };
 use serde::Deserialize;
-use crate::error::ApiError;
+use crate::{Database, error::ApiError};
 #[derive(Deserialize)]
 struct LoginRequest {
@ -19,10 +19,17 @@ pub fn setup(cfg: &mut ServiceConfig) {
 #[post("/login")]
 async fn login(
    db: web::Data<Database>,
    login_request: web::Json<LoginRequest>,
    session: Session,
-) -> Result<HttpResponse, ApiError> {
+) -> Result<impl Responder, ApiError> {
    let login_request = login_request.into_inner();
-    todo!()
+    let user_id = db
        .verify_local_user(&login_request.username, &login_request.password)
        .await?;
    session.insert("user", user_id)?;
    Ok(HttpResponse::Ok())
 }
--- a/crates/backend/src/controller/project.rs
+++ b/crates/backend/src/controller/project.rs
@ -1,5 +1,5 @@
 use actix_web::{Result, delete, get, post, put, web};
-use sea_orm::prelude::Uuid;
+use uuid::Uuid;
 use validator::Validate;
 use crate::db::Database;
--- a/crates/backend/src/db/project.rs
+++ b/crates/backend/src/db/project.rs
@ -4,9 +4,9 @@ use log::debug;
 use crate::entity::project;
 use sea_orm::ActiveValue::{NotSet, Set, Unchanged};
 use sea_orm::prelude::Uuid;
 use sea_orm::{ActiveModelTrait, DeleteResult, EntityTrait};
 use serde::Deserialize;
 use uuid::Uuid;
 use validator::Validate;
 #[derive(Deserialize, Validate)]
--- a/crates/backend/src/db/user.rs
+++ b/crates/backend/src/db/user.rs
@ -7,13 +7,11 @@ use sea_orm::{
    ActiveModelTrait,
    ActiveValue::{NotSet, Set},
    ColumnTrait, DbErr, EntityTrait, ModelTrait, QueryFilter, TransactionTrait,
    prelude::Uuid,
 };
 use uuid::Uuid;
 use crate::{Database, entity};
 use super::entity::local_auth;
 impl Database {
    pub async fn create_user(
        &self,
@ -81,7 +79,7 @@ impl Database {
            return Err(ApiError::Unauthorized);
        }
-        Ok(())
+        Ok(user.id)
    }
    pub async fn verify_ldap_user() {}
--- a/crates/backend/src/error.rs
+++ b/crates/backend/src/error.rs
@ -16,6 +16,8 @@ pub enum ApiError {
    ValidationError(#[from] validator::ValidationErrors),
    #[error("Argon2 Error: {0}")]
    Argon2Error(String),
    #[error("Session insert error: {0}")]
    SessionInsertError(#[from] actix_session::SessionInsertError),
 }
 impl ResponseError for ApiError {
@ -27,6 +29,7 @@ impl ResponseError for ApiError {
            ApiError::BadRequest(..) => StatusCode::BAD_REQUEST,
            ApiError::ValidationError(..) => StatusCode::BAD_REQUEST,
            ApiError::Argon2Error(..) => StatusCode::INTERNAL_SERVER_ERROR,
            ApiError::SessionInsertError(..) => StatusCode::INTERNAL_SERVER_ERROR,
        }
    }