shoutdotdev/src/router.rs

use askama_axum::Template;
use axum::{
    extract::{Path, State},
    response::{Html, IntoResponse, Redirect},
    routing::{get, post},
    Form, Router,
};
use diesel::{dsl::insert_into, prelude::*};
use serde::Deserialize;
use tower::ServiceBuilder;
use tower_http::{
    compression::CompressionLayer,
    services::{ServeDir, ServeFile},
    trace::TraceLayer,
};
use uuid::Uuid;

use crate::{
    api_keys::ApiKey,
    app_error::AppError,
    app_state::{AppState, DbConn},
    auth,
    csrf::generate_csrf_token,
    guards,
    projects::Project,
    schema,
    settings::Settings,
    team_memberships::TeamMembership,
    teams::Team,
    users::{CurrentUser, User},
};

pub fn new_router(state: AppState) -> Router<()> {
    let base_path = state.settings.base_path.clone();
    Router::new().nest(
        format!("{}", base_path).as_str(),
        Router::new()
            .route("/", get(landing_page))
            .route("/teams", get(teams_page))
            .route("/teams/{team_id}", get(team_page))
            .route("/teams/{team_id}/projects", get(projects_page))
            .route("/teams/{team_id}/new-api-key", post(post_new_api_key))
            .route("/new-team", get(new_team_page))
            .route("/new-team", post(post_new_team))
            .nest("/auth", auth::new_router())
            .fallback_service(
                ServeDir::new("static").not_found_service(ServeFile::new("static/_404.html")),
            )
            .layer(
                ServiceBuilder::new()
                    .layer(TraceLayer::new_for_http())
                    .layer(CompressionLayer::new()),
            )
            .with_state(state),
    )
}

async fn landing_page(State(state): State<AppState>) -> impl IntoResponse {
    Redirect::to(&format!("{}/teams", state.settings.base_path))
}

async fn teams_page(
    State(Settings { base_path, .. }): State<Settings>,
    DbConn(conn): DbConn,
    CurrentUser(current_user): CurrentUser,
) -> Result<impl IntoResponse, AppError> {
    let current_user_id = current_user.id.clone();
    let teams_of_current_user = conn
        .interact(move |conn| {
            schema::team_memberships::table
                .inner_join(schema::teams::table)
                .filter(schema::team_memberships::user_id.eq(current_user_id))
                .select(Team::as_select())
                .load(conn)
        })
        .await
        .unwrap()?;
    #[derive(Template)]
    #[template(path = "teams.html")]
    struct ResponseTemplate {
        base_path: String,
        teams: Vec<Team>,
        current_user: User,
    }
    Ok(Html(
        ResponseTemplate {
            base_path,
            current_user,
            teams: teams_of_current_user,
        }
        .render()?,
    ))
}

async fn team_page(State(state): State<AppState>, Path(team_id): Path<Uuid>) -> impl IntoResponse {
    Redirect::to(&format!(
        "{}/teams/{}/projects",
        state.settings.base_path, team_id
    ))
}

#[derive(Deserialize)]
struct PostNewApiKeyForm {
    csrf_token: String,
}

async fn post_new_api_key(
    State(Settings { base_path, .. }): State<Settings>,
    DbConn(db_conn): DbConn,
    Path(team_id): Path<Uuid>,
    CurrentUser(current_user): CurrentUser,
    Form(form): Form<PostNewApiKeyForm>,
) -> Result<impl IntoResponse, AppError> {
    guards::require_valid_csrf_token(&form.csrf_token, &current_user, &db_conn).await?;
    let team = guards::require_team_membership(&current_user, &team_id, &db_conn).await?;

    ApiKey::generate_for_team(&db_conn, team.id.clone()).await?;
    Ok(Redirect::to(&format!(
        "{}/teams/{}/projects",
        base_path,
        team.id.hyphenated().to_string()
    ))
    .into_response())
}

async fn new_team_page(
    State(Settings { base_path, .. }): State<Settings>,
    DbConn(db_conn): DbConn,
    CurrentUser(current_user): CurrentUser,
) -> Result<impl IntoResponse, AppError> {
    let csrf_token = generate_csrf_token(&db_conn, Some(current_user.id)).await?;
    #[derive(Template)]
    #[template(path = "new-team.html")]
    struct ResponseTemplate {
        base_path: String,
        csrf_token: String,
        current_user: User,
    }
    Ok(Html(
        ResponseTemplate {
            base_path,
            csrf_token,
            current_user,
        }
        .render()?,
    ))
}

#[derive(Deserialize)]
struct PostNewTeamForm {
    name: String,
    csrf_token: String,
}

async fn post_new_team(
    DbConn(db_conn): DbConn,
    State(Settings { base_path, .. }): State<Settings>,
    CurrentUser(current_user): CurrentUser,
    Form(form): Form<PostNewTeamForm>,
) -> Result<impl IntoResponse, AppError> {
    guards::require_valid_csrf_token(&form.csrf_token, &current_user, &db_conn).await?;

    let team_id = Uuid::now_v7();
    let team = Team {
        id: team_id.clone(),
        name: form.name,
    };
    let team_membership = TeamMembership {
        team_id: team_id.clone(),
        user_id: current_user.id,
        roles: vec![Some("OWNER".to_string())],
    };
    db_conn
        .interact(move |conn| {
            conn.transaction(move |conn| {
                insert_into(schema::teams::table)
                    .values(team)
                    .execute(conn)?;
                insert_into(schema::team_memberships::table)
                    .values(team_membership)
                    .execute(conn)?;
                diesel::QueryResult::Ok(())
            })
        })
        .await
        .unwrap()
        .unwrap();
    ApiKey::generate_for_team(&db_conn, team_id.clone()).await?;
    Ok(Redirect::to(&format!("{}/teams/{}/projects", base_path, team_id)).into_response())
}

async fn projects_page(
    State(Settings { base_path, .. }): State<Settings>,
    DbConn(db_conn): DbConn,
    Path(team_id): Path<Uuid>,
    CurrentUser(current_user): CurrentUser,
) -> Result<impl IntoResponse, AppError> {
    let team = guards::require_team_membership(&current_user, &team_id, &db_conn).await?;

    let team_id = team.id.clone();
    let api_keys = db_conn
        .interact(move |conn| {
            schema::api_keys::table
                .filter(schema::api_keys::team_id.eq(team_id))
                .select(ApiKey::as_select())
                .load(conn)
        })
        .await
        .unwrap()?;
    #[derive(Template)]
    #[template(path = "projects.html")]
    struct ResponseTemplate {
        base_path: String,
        csrf_token: String,
        keys: Vec<ApiKey>,
        projects: Vec<Project>,
        team: Team,
        current_user: User,
    }
    let csrf_token = generate_csrf_token(&db_conn, Some(current_user.id.clone())).await?;
    Ok(Html(
        ResponseTemplate {
            base_path,
            csrf_token,
            current_user,
            team,
            keys: api_keys,
            projects: vec![],
        }
        .render()?,
    )
    .into_response())
}
initial commit 2025-02-26 13:10:50 -08:00			`use askama_axum::Template;`
			`use axum::{`
			`extract::{Path, State},`
			`response::{Html, IntoResponse, Redirect},`
			`routing::{get, post},`
			`Form, Router,`
			`};`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`use diesel::{dsl::insert_into, prelude::*};`
initial commit 2025-02-26 13:10:50 -08:00			`use serde::Deserialize;`
			`use tower::ServiceBuilder;`
			`use tower_http::{`
			`compression::CompressionLayer,`
			`services::{ServeDir, ServeFile},`
			`trace::TraceLayer,`
			`};`
			`use uuid::Uuid;`

			`use crate::{`
			`api_keys::ApiKey,`
			`app_error::AppError,`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`app_state::{AppState, DbConn},`
			`auth,`
			`csrf::generate_csrf_token,`
			`guards,`
initial commit 2025-02-26 13:10:50 -08:00			`projects::Project,`
			`schema,`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`settings::Settings,`
			`team_memberships::TeamMembership,`
			`teams::Team,`
initial commit 2025-02-26 13:10:50 -08:00			`users::{CurrentUser, User},`
			`};`

			`pub fn new_router(state: AppState) -> Router<()> {`
			`let base_path = state.settings.base_path.clone();`
			`Router::new().nest(`
			`format!("{}", base_path).as_str(),`
			`Router::new()`
			`.route("/", get(landing_page))`
			`.route("/teams", get(teams_page))`
			`.route("/teams/{team_id}", get(team_page))`
			`.route("/teams/{team_id}/projects", get(projects_page))`
			`.route("/teams/{team_id}/new-api-key", post(post_new_api_key))`
			`.route("/new-team", get(new_team_page))`
			`.route("/new-team", post(post_new_team))`
			`.nest("/auth", auth::new_router())`
			`.fallback_service(`
			`ServeDir::new("static").not_found_service(ServeFile::new("static/_404.html")),`
			`)`
			`.layer(`
			`ServiceBuilder::new()`
			`.layer(TraceLayer::new_for_http())`
			`.layer(CompressionLayer::new()),`
			`)`
			`.with_state(state),`
			`)`
			`}`

			`async fn landing_page(State(state): State<AppState>) -> impl IntoResponse {`
			`Redirect::to(&format!("{}/teams", state.settings.base_path))`
			`}`

			`async fn teams_page(`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`State(Settings { base_path, .. }): State<Settings>,`
			`DbConn(conn): DbConn,`
initial commit 2025-02-26 13:10:50 -08:00			`CurrentUser(current_user): CurrentUser,`
			`) -> Result<impl IntoResponse, AppError> {`
			`let current_user_id = current_user.id.clone();`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`let teams_of_current_user = conn`
initial commit 2025-02-26 13:10:50 -08:00			`.interact(move \|conn\| {`
			`schema::team_memberships::table`
			`.inner_join(schema::teams::table)`
			`.filter(schema::team_memberships::user_id.eq(current_user_id))`
			`.select(Team::as_select())`
			`.load(conn)`
			`})`
			`.await`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`.unwrap()?;`
initial commit 2025-02-26 13:10:50 -08:00			`#[derive(Template)]`
			`#[template(path = "teams.html")]`
			`struct ResponseTemplate {`
			`base_path: String,`
			`teams: Vec<Team>,`
			`current_user: User,`
			`}`
			`Ok(Html(`
			`ResponseTemplate {`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`base_path,`
initial commit 2025-02-26 13:10:50 -08:00			`current_user,`
			`teams: teams_of_current_user,`
			`}`
			`.render()?,`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`))`
initial commit 2025-02-26 13:10:50 -08:00			`}`

			`async fn team_page(State(state): State<AppState>, Path(team_id): Path<Uuid>) -> impl IntoResponse {`
			`Redirect::to(&format!(`
			`"{}/teams/{}/projects",`
			`state.settings.base_path, team_id`
			`))`
			`}`

			`#[derive(Deserialize)]`
			`struct PostNewApiKeyForm {`
			`csrf_token: String,`
			`}`

			`async fn post_new_api_key(`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`State(Settings { base_path, .. }): State<Settings>,`
			`DbConn(db_conn): DbConn,`
initial commit 2025-02-26 13:10:50 -08:00			`Path(team_id): Path<Uuid>,`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`CurrentUser(current_user): CurrentUser,`
initial commit 2025-02-26 13:10:50 -08:00			`Form(form): Form<PostNewApiKeyForm>,`
			`) -> Result<impl IntoResponse, AppError> {`
re-implement guards using AppError returns instead of macros 2025-02-26 13:10:47 -08:00			`guards::require_valid_csrf_token(&form.csrf_token, &current_user, &db_conn).await?;`
			`let team = guards::require_team_membership(&current_user, &team_id, &db_conn).await?;`
misc back-end cleanup 2025-02-26 13:10:48 -08:00
			`ApiKey::generate_for_team(&db_conn, team.id.clone()).await?;`
initial commit 2025-02-26 13:10:50 -08:00			`Ok(Redirect::to(&format!(`
			`"{}/teams/{}/projects",`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`base_path,`
			`team.id.hyphenated().to_string()`
initial commit 2025-02-26 13:10:50 -08:00			`))`
			`.into_response())`
			`}`

			`async fn new_team_page(`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`State(Settings { base_path, .. }): State<Settings>,`
			`DbConn(db_conn): DbConn,`
initial commit 2025-02-26 13:10:50 -08:00			`CurrentUser(current_user): CurrentUser,`
			`) -> Result<impl IntoResponse, AppError> {`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`let csrf_token = generate_csrf_token(&db_conn, Some(current_user.id)).await?;`
initial commit 2025-02-26 13:10:50 -08:00			`#[derive(Template)]`
			`#[template(path = "new-team.html")]`
			`struct ResponseTemplate {`
			`base_path: String,`
			`csrf_token: String,`
			`current_user: User,`
			`}`
			`Ok(Html(`
			`ResponseTemplate {`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`base_path,`
initial commit 2025-02-26 13:10:50 -08:00			`csrf_token,`
			`current_user,`
			`}`
			`.render()?,`
			`))`
			`}`

			`#[derive(Deserialize)]`
			`struct PostNewTeamForm {`
			`name: String,`
			`csrf_token: String,`
			`}`

			`async fn post_new_team(`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`DbConn(db_conn): DbConn,`
			`State(Settings { base_path, .. }): State<Settings>,`
			`CurrentUser(current_user): CurrentUser,`
initial commit 2025-02-26 13:10:50 -08:00			`Form(form): Form<PostNewTeamForm>,`
			`) -> Result<impl IntoResponse, AppError> {`
re-implement guards using AppError returns instead of macros 2025-02-26 13:10:47 -08:00			`guards::require_valid_csrf_token(&form.csrf_token, &current_user, &db_conn).await?;`
misc back-end cleanup 2025-02-26 13:10:48 -08:00
initial commit 2025-02-26 13:10:50 -08:00			`let team_id = Uuid::now_v7();`
			`let team = Team {`
			`id: team_id.clone(),`
			`name: form.name,`
			`};`
			`let team_membership = TeamMembership {`
			`team_id: team_id.clone(),`
			`user_id: current_user.id,`
			`roles: vec![Some("OWNER".to_string())],`
			`};`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`db_conn`
initial commit 2025-02-26 13:10:50 -08:00			`.interact(move \|conn\| {`
			`conn.transaction(move \|conn\| {`
			`insert_into(schema::teams::table)`
			`.values(team)`
			`.execute(conn)?;`
			`insert_into(schema::team_memberships::table)`
			`.values(team_membership)`
			`.execute(conn)?;`
			`diesel::QueryResult::Ok(())`
			`})`
			`})`
			`.await`
			`.unwrap()`
			`.unwrap();`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`ApiKey::generate_for_team(&db_conn, team_id.clone()).await?;`
			`Ok(Redirect::to(&format!("{}/teams/{}/projects", base_path, team_id)).into_response())`
initial commit 2025-02-26 13:10:50 -08:00			`}`

			`async fn projects_page(`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`State(Settings { base_path, .. }): State<Settings>,`
			`DbConn(db_conn): DbConn,`
initial commit 2025-02-26 13:10:50 -08:00			`Path(team_id): Path<Uuid>,`
			`CurrentUser(current_user): CurrentUser,`
			`) -> Result<impl IntoResponse, AppError> {`
re-implement guards using AppError returns instead of macros 2025-02-26 13:10:47 -08:00			`let team = guards::require_team_membership(&current_user, &team_id, &db_conn).await?;`
misc back-end cleanup 2025-02-26 13:10:48 -08:00
initial commit 2025-02-26 13:10:50 -08:00			`let team_id = team.id.clone();`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`let api_keys = db_conn`
initial commit 2025-02-26 13:10:50 -08:00			`.interact(move \|conn\| {`
			`schema::api_keys::table`
			`.filter(schema::api_keys::team_id.eq(team_id))`
			`.select(ApiKey::as_select())`
			`.load(conn)`
			`})`
			`.await`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`.unwrap()?;`
initial commit 2025-02-26 13:10:50 -08:00			`#[derive(Template)]`
			`#[template(path = "projects.html")]`
			`struct ResponseTemplate {`
			`base_path: String,`
			`csrf_token: String,`
			`keys: Vec<ApiKey>,`
			`projects: Vec<Project>,`
			`team: Team,`
			`current_user: User,`
			`}`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`let csrf_token = generate_csrf_token(&db_conn, Some(current_user.id.clone())).await?;`
initial commit 2025-02-26 13:10:50 -08:00			`Ok(Html(`
			`ResponseTemplate {`
misc back-end cleanup 2025-02-26 13:10:48 -08:00			`base_path,`
initial commit 2025-02-26 13:10:50 -08:00			`csrf_token,`
			`current_user,`
			`team,`
			`keys: api_keys,`
			`projects: vec![],`
			`}`
			`.render()?,`
			`)`
			`.into_response())`
			`}`