128 lines
3.2 KiB
Rust
128 lines
3.2 KiB
Rust
use axum::{
|
|
Extension, Json, Router,
|
|
extract::Path,
|
|
http::{HeaderMap, StatusCode},
|
|
routing::{get, post},
|
|
};
|
|
use sqlx::PgPool;
|
|
use uuid::Uuid;
|
|
|
|
use crate::db::user_id_from_uuid;
|
|
use crate::{auth::verify_jwt, db::room_id_from_uuid};
|
|
|
|
#[derive(sqlx::FromRow, serde::Serialize)]
|
|
pub struct Room {
|
|
pub uuid: Uuid,
|
|
pub owner: i32,
|
|
pub name: String,
|
|
}
|
|
|
|
#[derive(serde::Deserialize)]
|
|
pub struct NewRoomPayload {
|
|
pub name: String,
|
|
}
|
|
|
|
pub fn routes() -> Router {
|
|
Router::new()
|
|
.route("/rooms/{user_uuid}", get(list_rooms))
|
|
.route("/rooms", post(create_room))
|
|
.route("/rooms/{user_uuid}/{room_id}", get(get_room))
|
|
}
|
|
|
|
async fn list_rooms(
|
|
Path(user_uuid): Path<Uuid>,
|
|
headers: HeaderMap,
|
|
Extension(db): Extension<PgPool>,
|
|
) -> Result<Json<Vec<Room>>, (StatusCode, String)> {
|
|
let claims = verify_jwt(headers)?;
|
|
if claims.sub != user_uuid {
|
|
return Err((StatusCode::FORBIDDEN, "Forbidden".to_string()));
|
|
}
|
|
|
|
let user_id = user_id_from_uuid(&db, claims.sub).await?;
|
|
|
|
let rooms = sqlx::query_as::<_, Room>(
|
|
r#"
|
|
SELECT uuid, owner, name FROM room_ r
|
|
JOIN membership_ m ON m.user_id = $1 AND m.room = r.id
|
|
"#,
|
|
)
|
|
.bind(user_id)
|
|
.fetch_all(&db)
|
|
.await
|
|
.unwrap_or_else(|e| {
|
|
tracing::error!("faied to list rooms: {e}");
|
|
Vec::new()
|
|
});
|
|
|
|
Ok(Json(rooms))
|
|
}
|
|
|
|
async fn create_room(
|
|
Extension(db): Extension<PgPool>,
|
|
headers: HeaderMap,
|
|
Json(payload): Json<NewRoomPayload>,
|
|
) -> Result<(StatusCode, Json<Room>), (StatusCode, String)> {
|
|
let claims = verify_jwt(headers)?;
|
|
|
|
let user_id = user_id_from_uuid(&db, claims.sub).await?;
|
|
|
|
let room_uuid = uuid::Uuid::now_v7();
|
|
|
|
sqlx::query(
|
|
"INSERT INTO room_ (uuid, owner, name)
|
|
VALUES ($1, $2, $3)",
|
|
)
|
|
.bind(room_uuid)
|
|
.bind(user_id)
|
|
.bind(&payload.name)
|
|
.execute(&db)
|
|
.await
|
|
.map_err(|_| (StatusCode::BAD_REQUEST, format!("Could not create room")))?;
|
|
|
|
let room_id = room_id_from_uuid(&db, room_uuid).await?;
|
|
|
|
sqlx::query("INSERT INTO membership_ (user_id, room) VALUES ($1, $2)")
|
|
.bind(user_id)
|
|
.bind(room_id)
|
|
.execute(&db)
|
|
.await
|
|
.map_err(|_| (StatusCode::BAD_REQUEST, format!("Could not create room")))?;
|
|
|
|
Ok((
|
|
StatusCode::CREATED,
|
|
Json(Room {
|
|
uuid: room_uuid,
|
|
owner: user_id,
|
|
name: payload.name,
|
|
}),
|
|
))
|
|
}
|
|
|
|
async fn get_room(
|
|
Path((user_uuid, room_uuid)): Path<(Uuid, Uuid)>,
|
|
headers: HeaderMap,
|
|
Extension(db): Extension<PgPool>,
|
|
) -> Result<Json<Room>, (StatusCode, String)> {
|
|
let claims = verify_jwt(headers)?;
|
|
if claims.sub != user_uuid {
|
|
return Err((StatusCode::FORBIDDEN, "Forbidden".to_string()));
|
|
}
|
|
|
|
let user_id = user_id_from_uuid(&db, user_uuid).await?;
|
|
|
|
let room: Room =
|
|
sqlx::query_as("SELECT uuid, owner, name FROM room_ WHERE uuid = $1 AND owner = $2")
|
|
.bind(room_uuid)
|
|
.bind(user_id)
|
|
.fetch_one(&db)
|
|
.await
|
|
.map_err(|_| (StatusCode::NOT_FOUND, "Room not found".to_string()))?;
|
|
|
|
Ok(Json(Room {
|
|
uuid: room_uuid,
|
|
owner: room.owner,
|
|
name: room.name,
|
|
}))
|
|
}
|