beginnings of authentication

src/main.rs

@@ -1,10 +1,14 @@
 use log::{info, warn, error};
 use env_logger::Env;
-use actix_web::{web, get, post, web::Json, App, HttpResponse, HttpServer, Responder};
+use actix_web::{web, get, post, web::Json, App, HttpResponse, HttpServer, Responder, middleware, cookie::Key};
 use serde::{Deserialize, Serialize};
-mod security;
+use actix_cors::Cors;
+use actix_identity::IdentityMiddleware;
+use actix_session::{SessionMiddleware, storage::CookieSessionStore};
+mod api;
 
-static PORT: u16 = 8009;
+static PORT: u16 = 5000;
+const ALLOWED_ORIGIN: &str = "http://localhost";
 
 
 #[derive(Default, Debug, Serialize, Deserialize, Clone)]
@@ -21,46 +25,41 @@ async fn main() -> std::io::Result<()> {
     let env = Env::default().filter_or("LOG_LEVEL", "info");
     env_logger::init_from_env(env);
 
-    let _ = HttpServer::new( || {
+    let secret_key = Key::generate();
+
+    let _ = HttpServer::new(move || {
         App::new()
-            .service(index)
-            .service(login)
-            .service(homepage)
-            .service(plan_page)
-    })
-    .bind(("0.0.0.0", PORT))?
+            .wrap(middleware::Logger::default())
+            .wrap(
+                Cors::default()
+                .allowed_origin(ALLOWED_ORIGIN)
+                .allowed_methods(vec!["GET","POST","DELETE"])
+                .supports_credentials()
+                )
+            .wrap(IdentityMiddleware::default())
+            .wrap(SessionMiddleware::new(CookieSessionStore::default(), secret_key.clone()))
+            .service(
+                web::scope("/api")
+                .service(
+                    web::resource("/auth")
+                        .route(web::post().to(api::user::login))
+                        .route(web::delete().to(api::user::logout))
+                )
+                .route("/", web::get().to(api_index))
+            )
+            .route("/", web::get().to(index))
+    })    
+    .bind(("127.0.0.1", PORT))?
     .run()
     .await;
-    //Temporary for testing purposes, should write something to make a random salt
-    let username = "cmckechn";
-    let password = "password";
 
-    //proof of concept tests, create_user should fail in this instance because user was already
-    //created
-    security::authenticate(username, password).unwrap();
-    security::create_user("test", "test_create", "test_first", "test_last").unwrap();
-    security::authenticate("test", "test_create").unwrap();
     Ok(())
 }
 
-#[get("/")]
+async fn api_index() -> impl Responder {
+    HttpResponse::Ok().body("api")
+}
 async fn index() -> impl Responder {
-    HttpResponse::Ok().body("Hello world!")
+    HttpResponse::Ok().body("/")
 }
 
-#[get("/login")]
-async fn login(json: Json<Login>) -> Result<String, actix_web::Error> {
-    Ok(format!("{} {}", json.net_id, json.password))
-}
-
-#[get("/{net_id}/home")]
-async fn homepage(path: web::Path<String>) -> impl Responder {
-    let net_id = path.into_inner();
-    HttpResponse::Ok().body(format!("You have reached the homepage of {} user", net_id) )
-}
-
-#[get("/{net_id}/plans")]
-async fn plan_page(path: web::Path<String>) -> impl Responder {
-    let net_id = path.into_inner();
-    HttpResponse::Ok().body(format!("You have reached the plan page of {}", net_id))
-}