Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 7c024bfd6b | |||
| dd3c208fe1 |
@@ -6,6 +6,9 @@ license = "AGPL-3.0"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[features]
|
||||
mastlogin = ["url", "reqwest"]
|
||||
|
||||
[dependencies]
|
||||
rocket = { version = "0.5.0-rc.1", features = ["json"] }
|
||||
rocket_sync_db_pools = { version = "0.1.0-cr.1", features = ["diesel_postgres_pool"] }
|
||||
@@ -20,5 +23,5 @@ sha2 = "0.10.2"
|
||||
log = "0.4.16"
|
||||
env_logger = "0.9.0"
|
||||
|
||||
url = "2.2.2"
|
||||
reqwest = { version = "0.11.10", features = ["json"] }
|
||||
url = { version="2.2.2",optional = true }
|
||||
reqwest = { version = "0.11.10", features = ["json"], optional = true }
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# hole-backend-rust v1.0.0
|
||||
# hole-backend-rust v1.1.0
|
||||
|
||||
|
||||
## 部署
|
||||
@@ -67,4 +67,4 @@ cargo run --release
|
||||
|
||||
+ 如果你希望使用自己的登录系统,将 `/_login/` 路径交由另外的后端处理,只需最终将用户名和token写入users表,并跳转到 `/?token=<token>`。
|
||||
|
||||
+ 如果你希望也使用闭社提供的授权来维护账号系统,使用 `https://thu.closed.social/api/v1/apps` 接口创建应用,并在.env或环境变量中填入client与secret。此操作不需要闭社账号。详情见[文档](https://docs.joinmastodon.org/client/token/#app)。
|
||||
+ 如果你希望也使用闭社提供的授权来维护账号系统,使用 `https://thu.closed.social/api/v1/apps` 接口创建应用,并在.env或环境变量中填入client与secret。此操作不需要闭社账号。详情见[文档](https://docs.joinmastodon.org/client/token/#app)。编译运行时,增加`--features mastlogin`: `cargo run --release --features mastlogin`
|
||||
|
||||
@@ -25,7 +25,7 @@ pub async fn attention_post(
|
||||
rconn: RdsConn,
|
||||
) -> JsonAPI {
|
||||
// 临时用户不允许手动关注
|
||||
user.id.ok_or_else(|| NotAllowed)?;
|
||||
user.id.ok_or_else(|| YouAreTmp)?;
|
||||
|
||||
let mut p = Post::get(&db, &rconn, ai.pid).await?;
|
||||
p.check_permission(&user, "r")?;
|
||||
|
||||
@@ -61,9 +61,14 @@ pub async fn c2output<'r>(
|
||||
BlockedUsers::check_blocked(rconn, user.id, &user.namehash, &c.author_hash)
|
||||
.await
|
||||
.unwrap_or_default();
|
||||
let can_view = !is_blocked && user.id.is_some() || user.namehash.eq(&c.author_hash);
|
||||
Some(CommentOutput {
|
||||
cid: c.id,
|
||||
text: format!("{}{}", if c.is_tmp { "[tmp]\n" } else { "" }, c.content),
|
||||
text: format!(
|
||||
"{}{}",
|
||||
if c.is_tmp { "[tmp]\n" } else { "" },
|
||||
if can_view { &c.content } else { "" }
|
||||
),
|
||||
author_title: c.author_title.to_string(),
|
||||
can_del: c.check_permission(user, "wd").is_ok(),
|
||||
name_id: name_id,
|
||||
|
||||
@@ -92,6 +92,7 @@ pub enum PolicyError {
|
||||
IsDeleted,
|
||||
NotAllowed,
|
||||
TitleUsed,
|
||||
YouAreTmp,
|
||||
}
|
||||
|
||||
#[derive(Debug)]
|
||||
@@ -121,6 +122,7 @@ impl<'r> Responder<'r, 'static> for APIError {
|
||||
PolicyError::IsDeleted => "内容被删除",
|
||||
PolicyError::NotAllowed => "不允许的操作",
|
||||
PolicyError::TitleUsed => "头衔已被使用",
|
||||
PolicyError::YouAreTmp => "临时用户只可发布内容和进入单个洞"
|
||||
}
|
||||
})
|
||||
.respond_to(req),
|
||||
|
||||
@@ -124,6 +124,8 @@ pub struct BlockInput {
|
||||
|
||||
#[post("/block", data = "<bi>")]
|
||||
pub async fn block(bi: Form<BlockInput>, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
|
||||
user.id.ok_or_else(|| NotAllowed)?;
|
||||
|
||||
let mut blk = BlockedUsers::init(user.id.ok_or_else(|| NotAllowed)?, &rconn);
|
||||
|
||||
let nh_to_block = match bi.content_type.as_str() {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use crate::api::comment::{c2output, CommentOutput};
|
||||
use crate::api::vote::get_poll_dict;
|
||||
use crate::api::{CurrentUser, JsonAPI, UGC};
|
||||
use crate::api::{CurrentUser, JsonAPI, UGC, PolicyError::*};
|
||||
use crate::db_conn::Db;
|
||||
use crate::libs::diesel_logger::LoggingConnection;
|
||||
use crate::models::*;
|
||||
@@ -67,9 +67,14 @@ async fn p2output(p: &Post, user: &CurrentUser, db: &Db, rconn: &RdsConn) -> Pos
|
||||
let is_blocked = BlockedUsers::check_blocked(rconn, user.id, &user.namehash, &p.author_hash)
|
||||
.await
|
||||
.unwrap_or_default();
|
||||
let can_view = !is_blocked && user.id.is_some() || user.namehash.eq(&p.author_hash);
|
||||
PostOutput {
|
||||
pid: p.id,
|
||||
text: format!("{}{}", if p.is_tmp { "[tmp]\n" } else { "" }, p.content),
|
||||
text: format!(
|
||||
"{}{}",
|
||||
if p.is_tmp { "[tmp]\n" } else { "" },
|
||||
if can_view { &p.content } else { "" }
|
||||
),
|
||||
cw: (!p.cw.is_empty()).then(|| p.cw.to_string()),
|
||||
n_attentions: p.n_attentions,
|
||||
n_comments: p.n_comments,
|
||||
@@ -105,7 +110,11 @@ async fn p2output(p: &Post, user: &CurrentUser, db: &Db, rconn: &RdsConn) -> Pos
|
||||
} else {
|
||||
None
|
||||
},
|
||||
poll: get_poll_dict(p.id, rconn, &user.namehash).await,
|
||||
poll: if can_view {
|
||||
get_poll_dict(p.id, rconn, &user.namehash).await
|
||||
} else {
|
||||
None
|
||||
},
|
||||
// for old version frontend
|
||||
timestamp: p.create_time.timestamp(),
|
||||
likenum: p.n_attentions,
|
||||
@@ -145,6 +154,7 @@ pub async fn get_list(
|
||||
db: Db,
|
||||
rconn: RdsConn,
|
||||
) -> JsonAPI {
|
||||
user.id.ok_or_else(|| YouAreTmp)?;
|
||||
let page = p.unwrap_or(1);
|
||||
let page_size = 25;
|
||||
let start = (page - 1) * page_size;
|
||||
@@ -205,6 +215,7 @@ pub async fn edit_cw(cwi: Form<CwInput>, user: CurrentUser, db: Db, rconn: RdsCo
|
||||
|
||||
#[get("/getmulti?<pids>")]
|
||||
pub async fn get_multi(pids: Vec<i32>, user: CurrentUser, db: Db, rconn: RdsConn) -> JsonAPI {
|
||||
user.id.ok_or_else(|| YouAreTmp)?;
|
||||
let ps = Post::get_multi(&db, &rconn, &pids).await?;
|
||||
let ps_data = ps2outputs(&ps, &user, &db, &rconn).await;
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use crate::api::post::ps2outputs;
|
||||
use crate::api::{CurrentUser, JsonAPI};
|
||||
use crate::api::{CurrentUser, JsonAPI, PolicyError::*};
|
||||
use crate::db_conn::Db;
|
||||
use crate::models::*;
|
||||
use crate::rds_conn::RdsConn;
|
||||
@@ -14,6 +14,8 @@ pub async fn search(
|
||||
db: Db,
|
||||
rconn: RdsConn,
|
||||
) -> JsonAPI {
|
||||
user.id.ok_or_else(|| YouAreTmp)?;
|
||||
|
||||
let page_size = 25;
|
||||
let start = (page - 1) * page_size;
|
||||
|
||||
|
||||
@@ -47,6 +47,8 @@ pub struct VoteInput {
|
||||
|
||||
#[post("/vote", data = "<vi>")]
|
||||
pub async fn vote(vi: Form<VoteInput>, user: CurrentUser, rconn: RdsConn) -> JsonAPI {
|
||||
user.id.ok_or_else(|| NotAllowed)?;
|
||||
|
||||
let pid = vi.pid;
|
||||
let opts = PollOption::init(pid, &rconn).get_list().await?;
|
||||
if opts.is_empty() {
|
||||
|
||||
14
src/main.rs
14
src/main.rs
@@ -16,6 +16,7 @@ mod api;
|
||||
mod cache;
|
||||
mod db_conn;
|
||||
mod libs;
|
||||
#[cfg(feature = "mastlogin")]
|
||||
mod login;
|
||||
mod models;
|
||||
mod random_hasher;
|
||||
@@ -49,6 +50,7 @@ async fn main() -> Result<(), rocket::Error> {
|
||||
models::Post::annealing(establish_connection(), &rconn).await;
|
||||
}
|
||||
});
|
||||
|
||||
rocket::build()
|
||||
.mount(
|
||||
"/_api/v1",
|
||||
@@ -71,7 +73,17 @@ async fn main() -> Result<(), rocket::Error> {
|
||||
api::vote::vote,
|
||||
],
|
||||
)
|
||||
.mount("/_login", routes![login::cs_login, login::cs_auth])
|
||||
.mount(
|
||||
"/_login",
|
||||
#[cfg(feature = "mastlogin")]
|
||||
{
|
||||
routes![login::cs_login, login::cs_auth]
|
||||
},
|
||||
#[cfg(not(feature = "mastlogin"))]
|
||||
{
|
||||
[]
|
||||
},
|
||||
)
|
||||
.register(
|
||||
"/_api",
|
||||
catchers![api::catch_401_error, api::catch_403_error,],
|
||||
|
||||
Reference in New Issue
Block a user