lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / api / admin / account / update.rs
at 0923909af08fdf94d5deb33606ad1ea6aa115f88 5.9 kB view raw
1use crate::auth::BearerAuthAdmin; 2use crate::state::AppState; 3use axum::{ 4 Json, 5 extract::State, 6 http::StatusCode, 7 response::{IntoResponse, Response}, 8}; 9use serde::Deserialize; 10use serde_json::json; 11use tracing::error; 12 13#[derive(Deserialize)] 14pub struct UpdateAccountEmailInput { 15 pub account: String, 16 pub email: String, 17} 18 19pub async fn update_account_email( 20 State(state): State<AppState>, 21 _auth: BearerAuthAdmin, 22 Json(input): Json<UpdateAccountEmailInput>, 23) -> Response { 24 let account = input.account.trim(); 25 let email = input.email.trim(); 26 if account.is_empty() || email.is_empty() { 27 return ( 28 StatusCode::BAD_REQUEST, 29 Json(json!({"error": "InvalidRequest", "message": "account and email are required"})), 30 ) 31 .into_response(); 32 } 33 let result = sqlx::query!("UPDATE users SET email = $1 WHERE did = $2", email, account) 34 .execute(&state.db) 35 .await; 36 match result { 37 Ok(r) => { 38 if r.rows_affected() == 0 { 39 return ( 40 StatusCode::NOT_FOUND, 41 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 42 ) 43 .into_response(); 44 } 45 (StatusCode::OK, Json(json!({}))).into_response() 46 } 47 Err(e) => { 48 error!("DB error updating email: {:?}", e); 49 ( 50 StatusCode::INTERNAL_SERVER_ERROR, 51 Json(json!({"error": "InternalError"})), 52 ) 53 .into_response() 54 } 55 } 56} 57 58#[derive(Deserialize)] 59pub struct UpdateAccountHandleInput { 60 pub did: String, 61 pub handle: String, 62} 63 64pub async fn update_account_handle( 65 State(state): State<AppState>, 66 _auth: BearerAuthAdmin, 67 Json(input): Json<UpdateAccountHandleInput>, 68) -> Response { 69 let did = input.did.trim(); 70 let handle = input.handle.trim(); 71 if did.is_empty() || handle.is_empty() { 72 return ( 73 StatusCode::BAD_REQUEST, 74 Json(json!({"error": "InvalidRequest", "message": "did and handle are required"})), 75 ) 76 .into_response(); 77 } 78 if !handle 79 .chars() 80 .all(|c| c.is_ascii_alphanumeric() || c == '.' || c == '-' || c == '_') 81 { 82 return ( 83 StatusCode::BAD_REQUEST, 84 Json( 85 json!({"error": "InvalidHandle", "message": "Handle contains invalid characters"}), 86 ), 87 ) 88 .into_response(); 89 } 90 let old_handle = sqlx::query_scalar!("SELECT handle FROM users WHERE did = $1", did) 91 .fetch_optional(&state.db) 92 .await 93 .ok() 94 .flatten(); 95 let existing = sqlx::query!( 96 "SELECT id FROM users WHERE handle = $1 AND did != $2", 97 handle, 98 did 99 ) 100 .fetch_optional(&state.db) 101 .await; 102 if let Ok(Some(_)) = existing { 103 return ( 104 StatusCode::BAD_REQUEST, 105 Json(json!({"error": "HandleTaken", "message": "Handle is already in use"})), 106 ) 107 .into_response(); 108 } 109 let result = sqlx::query!("UPDATE users SET handle = $1 WHERE did = $2", handle, did) 110 .execute(&state.db) 111 .await; 112 match result { 113 Ok(r) => { 114 if r.rows_affected() == 0 { 115 return ( 116 StatusCode::NOT_FOUND, 117 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 118 ) 119 .into_response(); 120 } 121 if let Some(old) = old_handle { 122 let _ = state.cache.delete(&format!("handle:{}", old)).await; 123 } 124 let _ = state.cache.delete(&format!("handle:{}", handle)).await; 125 (StatusCode::OK, Json(json!({}))).into_response() 126 } 127 Err(e) => { 128 error!("DB error updating handle: {:?}", e); 129 ( 130 StatusCode::INTERNAL_SERVER_ERROR, 131 Json(json!({"error": "InternalError"})), 132 ) 133 .into_response() 134 } 135 } 136} 137 138#[derive(Deserialize)] 139pub struct UpdateAccountPasswordInput { 140 pub did: String, 141 pub password: String, 142} 143 144pub async fn update_account_password( 145 State(state): State<AppState>, 146 _auth: BearerAuthAdmin, 147 Json(input): Json<UpdateAccountPasswordInput>, 148) -> Response { 149 let did = input.did.trim(); 150 let password = input.password.trim(); 151 if did.is_empty() || password.is_empty() { 152 return ( 153 StatusCode::BAD_REQUEST, 154 Json(json!({"error": "InvalidRequest", "message": "did and password are required"})), 155 ) 156 .into_response(); 157 } 158 let password_hash = match bcrypt::hash(password, bcrypt::DEFAULT_COST) { 159 Ok(h) => h, 160 Err(e) => { 161 error!("Failed to hash password: {:?}", e); 162 return ( 163 StatusCode::INTERNAL_SERVER_ERROR, 164 Json(json!({"error": "InternalError"})), 165 ) 166 .into_response(); 167 } 168 }; 169 let result = sqlx::query!( 170 "UPDATE users SET password_hash = $1 WHERE did = $2", 171 password_hash, 172 did 173 ) 174 .execute(&state.db) 175 .await; 176 match result { 177 Ok(r) => { 178 if r.rows_affected() == 0 { 179 return ( 180 StatusCode::NOT_FOUND, 181 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 182 ) 183 .into_response(); 184 } 185 (StatusCode::OK, Json(json!({}))).into_response() 186 } 187 Err(e) => { 188 error!("DB error updating password: {:?}", e); 189 ( 190 StatusCode::INTERNAL_SERVER_ERROR, 191 Json(json!({"error": "InternalError"})), 192 ) 193 .into_response() 194 } 195 } 196}