baileytownsend.dev / pds-gatekeeper
Microservice to bring 2FA to self hosted PDSes
fork atom
pds-gatekeeper / src / admin / mod.rs
at feature/admin-rbac 68 lines 2.6 kB view raw
baileytownsend.dev removed search for now since it doesnt look to work
f5f575a0
1pub mod middleware; 2pub mod oauth; 3pub mod pds_proxy; 4pub mod rbac; 5pub mod routes; 6pub mod session; 7pub mod static_files; 8pub mod store; 9 10use axum::{Router, middleware as ax_middleware, routing::get, routing::post}; 11 12use crate::AppState; 13 14/// Build the admin sub-router. 15/// Public routes (login, OAuth callback, client-metadata) are not behind auth middleware. 16/// All other admin routes require a valid session. 17pub fn router(state: AppState) -> Router<AppState> { 18 // Routes that do NOT require authentication 19 let public_routes = Router::new() 20 .route("/", get(routes::dashboard)) 21 .route("/login", get(oauth::get_login).post(oauth::post_login)) 22 .route("/oauth/callback", get(oauth::oauth_callback)) 23 .route("/client-metadata.json", get(oauth::client_metadata_json)) 24 .route("/static/{*path}", get(static_files::serve_static)); 25 26 // Routes that DO require authentication (via admin_auth middleware) 27 let protected_routes = Router::new() 28 .route("/dashboard", get(routes::dashboard)) 29 .route("/accounts", get(routes::accounts_list)) 30 .route("/accounts/{did}", get(routes::account_detail)) 31 .route("/accounts/{did}/takedown", post(routes::takedown_account)) 32 .route( 33 "/accounts/{did}/untakedown", 34 post(routes::untakedown_account), 35 ) 36 .route("/accounts/{did}/delete", post(routes::delete_account)) 37 .route( 38 "/accounts/{did}/reset-password", 39 post(routes::reset_password), 40 ) 41 .route( 42 "/accounts/{did}/disable-invites", 43 post(routes::disable_account_invites), 44 ) 45 .route( 46 "/accounts/{did}/enable-invites", 47 post(routes::enable_account_invites), 48 ) 49 .route("/invite-codes", get(routes::invite_codes_list)) 50 .route("/invite-codes/create", post(routes::create_invite_code)) 51 .route("/invite-codes/disable", post(routes::disable_invite_codes)) 52 .route( 53 "/create-account", 54 get(routes::get_create_account).post(routes::post_create_account), 55 ) 56 .route( 57 "/request-crawl", 58 get(routes::get_request_crawl).post(routes::post_request_crawl), 59 ) 60 .route("/logout", post(routes::logout)) 61 .fallback(get(routes::dashboard)) 62 .layer(ax_middleware::from_fn_with_state( 63 state.clone(), 64 middleware::admin_auth_middleware, 65 )); 66 67 Router::new().merge(public_routes).merge(protected_routes) 68}