lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / api / admin / account / update.rs
at ed3879161d69c7374df33f682095bd5c64de2389 6.6 kB view raw
1use crate::auth::BearerAuthAdmin; 2use crate::state::AppState; 3use axum::{ 4 Json, 5 extract::State, 6 http::StatusCode, 7 response::{IntoResponse, Response}, 8}; 9use serde::Deserialize; 10use serde_json::json; 11use tracing::{error, warn}; 12 13#[derive(Deserialize)] 14pub struct UpdateAccountEmailInput { 15 pub account: String, 16 pub email: String, 17} 18 19pub async fn update_account_email( 20 State(state): State<AppState>, 21 _auth: BearerAuthAdmin, 22 Json(input): Json<UpdateAccountEmailInput>, 23) -> Response { 24 let account = input.account.trim(); 25 let email = input.email.trim(); 26 if account.is_empty() || email.is_empty() { 27 return ( 28 StatusCode::BAD_REQUEST, 29 Json(json!({"error": "InvalidRequest", "message": "account and email are required"})), 30 ) 31 .into_response(); 32 } 33 let result = sqlx::query!("UPDATE users SET email = $1 WHERE did = $2", email, account) 34 .execute(&state.db) 35 .await; 36 match result { 37 Ok(r) => { 38 if r.rows_affected() == 0 { 39 return ( 40 StatusCode::NOT_FOUND, 41 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 42 ) 43 .into_response(); 44 } 45 (StatusCode::OK, Json(json!({}))).into_response() 46 } 47 Err(e) => { 48 error!("DB error updating email: {:?}", e); 49 ( 50 StatusCode::INTERNAL_SERVER_ERROR, 51 Json(json!({"error": "InternalError"})), 52 ) 53 .into_response() 54 } 55 } 56} 57 58#[derive(Deserialize)] 59pub struct UpdateAccountHandleInput { 60 pub did: String, 61 pub handle: String, 62} 63 64pub async fn update_account_handle( 65 State(state): State<AppState>, 66 _auth: BearerAuthAdmin, 67 Json(input): Json<UpdateAccountHandleInput>, 68) -> Response { 69 let did = input.did.trim(); 70 let input_handle = input.handle.trim(); 71 if did.is_empty() || input_handle.is_empty() { 72 return ( 73 StatusCode::BAD_REQUEST, 74 Json(json!({"error": "InvalidRequest", "message": "did and handle are required"})), 75 ) 76 .into_response(); 77 } 78 if !input_handle 79 .chars() 80 .all(|c| c.is_ascii_alphanumeric() || c == '.' || c == '-' || c == '_') 81 { 82 return ( 83 StatusCode::BAD_REQUEST, 84 Json( 85 json!({"error": "InvalidHandle", "message": "Handle contains invalid characters"}), 86 ), 87 ) 88 .into_response(); 89 } 90 let hostname = std::env::var("PDS_HOSTNAME").unwrap_or_else(|_| "localhost".to_string()); 91 let handle = if !input_handle.contains('.') { 92 format!("{}.{}", input_handle, hostname) 93 } else { 94 input_handle.to_string() 95 }; 96 let old_handle = sqlx::query_scalar!("SELECT handle FROM users WHERE did = $1", did) 97 .fetch_optional(&state.db) 98 .await 99 .ok() 100 .flatten(); 101 let existing = sqlx::query!( 102 "SELECT id FROM users WHERE handle = $1 AND did != $2", 103 handle, 104 did 105 ) 106 .fetch_optional(&state.db) 107 .await; 108 if let Ok(Some(_)) = existing { 109 return ( 110 StatusCode::BAD_REQUEST, 111 Json(json!({"error": "HandleTaken", "message": "Handle is already in use"})), 112 ) 113 .into_response(); 114 } 115 let result = sqlx::query!("UPDATE users SET handle = $1 WHERE did = $2", handle, did) 116 .execute(&state.db) 117 .await; 118 match result { 119 Ok(r) => { 120 if r.rows_affected() == 0 { 121 return ( 122 StatusCode::NOT_FOUND, 123 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 124 ) 125 .into_response(); 126 } 127 if let Some(old) = old_handle { 128 let _ = state.cache.delete(&format!("handle:{}", old)).await; 129 } 130 let _ = state.cache.delete(&format!("handle:{}", handle)).await; 131 if let Err(e) = 132 crate::api::repo::record::sequence_identity_event(&state, did, Some(&handle)).await 133 { 134 warn!("Failed to sequence identity event for admin handle update: {}", e); 135 } 136 if let Err(e) = crate::api::identity::did::update_plc_handle(&state, did, &handle).await 137 { 138 warn!("Failed to update PLC handle for admin handle update: {}", e); 139 } 140 (StatusCode::OK, Json(json!({}))).into_response() 141 } 142 Err(e) => { 143 error!("DB error updating handle: {:?}", e); 144 ( 145 StatusCode::INTERNAL_SERVER_ERROR, 146 Json(json!({"error": "InternalError"})), 147 ) 148 .into_response() 149 } 150 } 151} 152 153#[derive(Deserialize)] 154pub struct UpdateAccountPasswordInput { 155 pub did: String, 156 pub password: String, 157} 158 159pub async fn update_account_password( 160 State(state): State<AppState>, 161 _auth: BearerAuthAdmin, 162 Json(input): Json<UpdateAccountPasswordInput>, 163) -> Response { 164 let did = input.did.trim(); 165 let password = input.password.trim(); 166 if did.is_empty() || password.is_empty() { 167 return ( 168 StatusCode::BAD_REQUEST, 169 Json(json!({"error": "InvalidRequest", "message": "did and password are required"})), 170 ) 171 .into_response(); 172 } 173 let password_hash = match bcrypt::hash(password, bcrypt::DEFAULT_COST) { 174 Ok(h) => h, 175 Err(e) => { 176 error!("Failed to hash password: {:?}", e); 177 return ( 178 StatusCode::INTERNAL_SERVER_ERROR, 179 Json(json!({"error": "InternalError"})), 180 ) 181 .into_response(); 182 } 183 }; 184 let result = sqlx::query!( 185 "UPDATE users SET password_hash = $1 WHERE did = $2", 186 password_hash, 187 did 188 ) 189 .execute(&state.db) 190 .await; 191 match result { 192 Ok(r) => { 193 if r.rows_affected() == 0 { 194 return ( 195 StatusCode::NOT_FOUND, 196 Json(json!({"error": "AccountNotFound", "message": "Account not found"})), 197 ) 198 .into_response(); 199 } 200 (StatusCode::OK, Json(json!({}))).into_response() 201 } 202 Err(e) => { 203 error!("DB error updating password: {:?}", e); 204 ( 205 StatusCode::INTERNAL_SERVER_ERROR, 206 Json(json!({"error": "InternalError"})), 207 ) 208 .into_response() 209 } 210 } 211}