Merge pull request #38 from geode-sdk/camila

camila314 · web-flow · commit 9f0ebd4779e4 · 2025-01-15T18:21:18.000-06:00
add /v1/login/github/token for extremely simple Github Action CI integration
diff --git a/openapi.yml b/openapi.yml
@@ -83,9 +83,14 @@ paths:
           content:
             application/json:
               schema:
-                type: string
-                description: The token used for authentication
-                example: "a1b2c3d4-1234-5678-9abc-1234567890ab"
+                type: object
+                properties:
+                  error:
+                    type: "null"
+                  payload:
+                    type: string
+                    description: The token used for authentication
+                    example: "a1b2c3d4-1234-5678-9abc-1234567890ab"
         "400":
           description: Bad request - for different reasons, like IP mismatch, interval not being respected, etc.
           content:
@@ -100,6 +105,53 @@ paths:
         "500":
           $ref: "#/components/responses/InternalServerError"
 
+  /v1/login/github/token:
+    post:
+      tags:
+        - user
+      summary: Login with GitHub access token
+      description: Log in immediately with a GitHub access token. Returns a token if the login was successful.
+      requestBody:
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                token:
+                  type: string
+                  description: The access token from GitHub
+                  example: "ghp_1234567890abcdefgh"
+      responses:
+        "200":
+          description: OK
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  error:
+                    type: "null"
+                  payload:
+                    type: object
+                    properties:
+                      type: string
+                      description: The Geode token used for authentication
+                      example: "a1b2c3d4-1234-5678-9abc-1234567890ab"
+        "400":
+          description: Bad request - invalid access token.
+          content:
+            application/json:
+              schema:
+                type: object
+                properties:
+                  error:
+                    type: string
+                  payload:
+                    type: "null"
+        "500":
+          $ref: "#/components/responses/InternalServerError"
+
+
   /v1/mods:
     get:
       tags:
diff --git a/src/auth/github.rs b/src/auth/github.rs
@@ -164,7 +164,7 @@ impl GithubClient {
         }
     }
 
-    pub async fn get_user(&self, token: String) -> Result<serde_json::Value, ApiError> {
+    pub async fn get_user(&self, token: &str) -> Result<serde_json::Value, ApiError> {
         let client = Client::new();
         let resp = match client
             .get("https://api.github.com/user")
diff --git a/src/endpoints/auth/github.rs b/src/endpoints/auth/github.rs
@@ -1,6 +1,6 @@
 use actix_web::{dev::ConnectionInfo, post, web, Responder};
 use serde::Deserialize;
-use sqlx::{types::ipnetwork::IpNetwork, Acquire};
+use sqlx::{types::ipnetwork::IpNetwork, Acquire, PgConnection};
 use uuid::Uuid;
 
 use crate::{
@@ -17,6 +17,26 @@ struct PollParams {
     uuid: String,
 }
 
+#[derive(Deserialize)]
+struct TokenLoginParams {
+    token: String,
+}
+
+async fn developer_from_token(
+    pool: &mut PgConnection,
+    user: serde_json::Value
+) -> Result<Uuid, Option<ApiError>> {
+    let id = user.get("id").ok_or(None)?.as_i64().unwrap();
+    let username = user.get("login").ok_or(None)?;
+
+    let dev_id = match Developer::get_by_github_id(id, pool).await? {
+        Some(x) => x.id,
+        None => Developer::create(id, username.to_string(), pool).await?
+    };
+
+    create_token_for_developer(dev_id, pool).await.map_err(Some)
+}
+
 #[post("v1/login/github")]
 pub async fn start_github_login(
     data: web::Data<AppData>,
@@ -138,17 +158,6 @@ pub async fn poll_github_login(
         log::error!("{}", e);
         return Err(ApiError::InternalError);
     };
-    let user = match client.get_user(token).await {
-        Err(e) => {
-            transaction
-                .rollback()
-                .await
-                .or(Err(ApiError::TransactionError))?;
-            log::error!("{}", e);
-            return Err(ApiError::InternalError);
-        }
-        Ok(u) => u,
-    };
 
     // Create a new transaction after this point, because we need to commit the removal of the login attempt
 
@@ -157,71 +166,62 @@ pub async fn poll_github_login(
         .await
         .or(Err(ApiError::TransactionError))?;
 
+    let user = client.get_user(&token).await.map_err(|_| ApiError::InternalError)?;
     let mut transaction = pool.begin().await.or(Err(ApiError::TransactionError))?;
 
-    let id = match user.get("id") {
-        None => return Err(ApiError::InternalError),
-        Some(id) => id.as_i64().unwrap(),
-    };
-    if let Some(x) = Developer::get_by_github_id(id, &mut transaction).await? {
-        let token = match create_token_for_developer(x.id, &mut transaction).await {
-            Err(_) => {
-                transaction
-                    .rollback()
-                    .await
-                    .or(Err(ApiError::TransactionError))?;
-                return Err(ApiError::InternalError);
-            }
-            Ok(t) => t,
-        };
-        transaction
-            .commit()
-            .await
-            .or(Err(ApiError::TransactionError))?;
-        return Ok(web::Json(ApiResponse {
-            error: "".to_string(),
-            payload: token.to_string(),
-        }));
-    }
-    let username = match user.get("login") {
-        None => {
-            transaction
-                .rollback()
-                .await
-                .or(Err(ApiError::TransactionError))?;
-            return Err(ApiError::InternalError);
-        }
-        Some(user) => user.to_string(),
-    };
-    let id = match Developer::create(id, username, &mut transaction).await {
+    let token = match developer_from_token(&mut transaction, user).await {
+        Ok(t) => t,
         Err(e) => {
-            transaction
-                .rollback()
-                .await
-                .or(Err(ApiError::TransactionError))?;
-            log::error!("{}", e);
-            return Err(ApiError::InternalError);
+            if let Some(e) = e {
+                log::error!("{}", e);
+            }
+
+            transaction.rollback().await.map_or_else(
+                |_| Err(ApiError::TransactionError),
+                |_| Err(ApiError::InternalError)
+            )?
         }
-        Ok(i) => i,
     };
-    let token = match create_token_for_developer(id, &mut transaction).await {
+
+    Ok(web::Json(ApiResponse {
+        error: "".to_string(),
+        payload: token.to_string(),
+    }))
+}
+
+#[post("v1/login/github/token")]
+pub async fn github_token_login(
+    json: web::Json<TokenLoginParams>,
+    data: web::Data<AppData>,
+) -> Result<impl Responder, ApiError> {
+    let client = github::GithubClient::new(
+        data.github_client_id.to_string(),
+        data.github_client_secret.to_string(),
+    );
+
+    let user = client.get_user(&json.token).await
+        .map_err(|_| ApiError::BadRequest(format!("Invalid access token: {}", json.token)))?;
+
+    let mut pool = data.db.acquire().await.or(Err(ApiError::DbAcquireError))?;
+    let mut transaction = pool.begin().await.or(Err(ApiError::TransactionError))?;
+
+    let token = match developer_from_token(&mut transaction, user).await {
+        Ok(t) => t,
+
         Err(e) => {
-            transaction
-                .rollback()
-                .await
-                .or(Err(ApiError::TransactionError))?;
-            log::error!("{}", e);
-            return Err(ApiError::InternalError);
+            if let Some(e) = e {
+                log::error!("{}", e);
+            }
+
+            transaction.rollback().await.map_or_else(
+                |_| Err(ApiError::TransactionError),
+                |_| Err(ApiError::InternalError)
+            )?
         }
-        Ok(t) => t,
     };
-    transaction
-        .commit()
-        .await
-        .or(Err(ApiError::TransactionError))?;
 
     Ok(web::Json(ApiResponse {
         error: "".to_string(),
-        payload: token.to_string(),
+        payload: token.to_string()
     }))
 }
diff --git a/src/main.rs b/src/main.rs
@@ -119,6 +119,7 @@ async fn main() -> anyhow::Result<()> {
             .service(endpoints::mod_versions::create_version)
             .service(endpoints::mod_versions::update_version)
             .service(endpoints::auth::github::poll_github_login)
+            .service(endpoints::auth::github::github_token_login)
             .service(endpoints::auth::github::start_github_login)
             .service(endpoints::developers::developer_index)
             .service(endpoints::developers::get_developer)

Original file line number	Diff line number	Diff line change
`@@ -164,7 +164,7 @@ impl GithubClient {`
`164`	`164`	`}`
`165`	`165`	`}`
`166`	`166`
`167`		`- pub async fn get_user(&self, token: String) -> Result<serde_json::Value, ApiError> {`
	`167`	`+ pub async fn get_user(&self, token: &str) -> Result<serde_json::Value, ApiError> {`
`168`	`168`	`let client = Client::new();`
`169`	`169`	`let resp = match client`
`170`	`170`	`.get("https://api.github.com/user")`