Merge pull request #86 from campos02/main

bitfl0wer · web-flow · commit 3de193b95538 · 2025-03-13T18:30:38.000+01:00
diff --git a/src/api/mod.rs b/src/api/mod.rs
@@ -49,41 +49,11 @@ pub async fn start_api(
         ));
     }
 
-    let routes = Route::new()
-        .nest("/auth", auth::setup_routes())
-        .nest(
-            "/users",
-            users::setup_routes()
-                .with(AuthenticationMiddleware)
-                .with(CurrentUserMiddleware),
-        )
-        .nest(
-            "/guilds",
-            guilds::setup_routes()
-                .with(AuthenticationMiddleware)
-                .with(CurrentUserMiddleware),
-        )
-        .nest(
-            "/channels",
-            channels::setup_routes()
-                .with(AuthenticationMiddleware)
-                .with(CurrentUserMiddleware),
-        )
-        .nest(
-            "/invites",
-            routes::invites::setup_routes()
-                .with(AuthenticationMiddleware)
-                .with(CurrentUserMiddleware),
-        )
-        .nest("/policies", routes::policies::setup_routes())
-        .nest("/-", routes::health::setup_routes())
-        .at("/version", routes::version::setup_routes())
-        .at("/ping", routes::ping::setup_routes());
-
     let v9_api = Route::new()
         .at("/ping", routes::ping::setup_routes())
         .at("/version", routes::version::setup_routes())
-        .nest("/api/v9", routes)
+        .nest("/api", setup_api_routes())
+        .nest("/api/v9", setup_api_routes())
         .data(db)
         .data(config)
         .data(connected_users)
@@ -118,6 +88,39 @@ pub async fn start_api(
     Ok(())
 }
 
+fn setup_api_routes() -> Route {
+    Route::new()
+        .nest("/auth", auth::setup_routes())
+        .nest(
+            "/users",
+            users::setup_routes()
+                .with(AuthenticationMiddleware)
+                .with(CurrentUserMiddleware),
+        )
+        .nest(
+            "/guilds",
+            guilds::setup_routes()
+                .with(AuthenticationMiddleware)
+                .with(CurrentUserMiddleware),
+        )
+        .nest(
+            "/channels",
+            channels::setup_routes()
+                .with(AuthenticationMiddleware)
+                .with(CurrentUserMiddleware),
+        )
+        .nest(
+            "/invites",
+            routes::invites::setup_routes()
+                .with(AuthenticationMiddleware)
+                .with(CurrentUserMiddleware),
+        )
+        .nest("/policies", routes::policies::setup_routes())
+        .nest("/-", routes::health::setup_routes())
+        .at("/version", routes::version::setup_routes())
+        .at("/ping", routes::ping::setup_routes())
+}
+
 async fn custom_error(err: poem::Error) -> impl IntoResponse {
     Json(json! ({
         "success": false,
diff --git a/src/api/routes/auth/login.rs b/src/api/routes/auth/login.rs
@@ -100,13 +100,11 @@ pub async fn login(
         &cfg.security.jwt_secret,
     );
 
-    //let user_settings = user.get_settings()
-
     Ok(Response::builder()
         .body(
             json!({
                 "token": token,
-                "settings": {}
+                "settings": user.settings
             })
             .to_string(),
         )
diff --git a/src/api/routes/policies/instance/domain.rs b/src/api/routes/policies/instance/domain.rs
@@ -31,15 +31,15 @@ pub async fn domain(
     } else if let Some(endpoint) = &cfg.gateway.endpoint_public {
         endpoint.to_owned()
     } else {
-        "http://localhost:3003".to_string()
+        "ws://localhost:3003".to_string()
     };
 
     let api = if let Ok(endpoint) = std::env::var("API") {
         endpoint
     } else if let Some(endpoint) = &cfg.api.endpoint_public {
         endpoint.to_owned()
     } else {
-        "http://localhost:3001".to_string()
+        "http://localhost:3001/api".to_string()
     };
 
     Ok(Json(json!({
diff --git a/src/util/token.rs b/src/util/token.rs
@@ -23,9 +23,7 @@ pub async fn check_token(db: &PgPool, token: &str, jwt_secret: &str) -> Result<C
         .unwrap()
         .ok_or(Error::User(UserError::InvalidUser))?;
 
-    // TODO(bitfl0wer): I changed the direction of the comparison here (from < to >) to fix a bug. I don't know if this is correct,
-    // nor have I looked at this code at all to see if it's correct.
-    if chrono::DateTime::from_timestamp(token.claims.iat, 0).unwrap() > user.data.valid_tokens_since
+    if chrono::DateTime::from_timestamp(token.claims.iat, 0).unwrap() < user.data.valid_tokens_since
     {
         return Err(Error::User(UserError::InvalidToken));
     }

Original file line number	Diff line number	Diff line change
`@@ -23,9 +23,7 @@ pub async fn check_token(db: &PgPool, token: &str, jwt_secret: &str) -> Result<C`
`23`	`23`	`.unwrap()`
`24`	`24`	`.ok_or(Error::User(UserError::InvalidUser))?;`
`25`	`25`
`26`		`- // TODO(bitfl0wer): I changed the direction of the comparison here (from < to >) to fix a bug. I don't know if this is correct,`
`27`		`- // nor have I looked at this code at all to see if it's correct.`
`28`		`- if chrono::DateTime::from_timestamp(token.claims.iat, 0).unwrap() > user.data.valid_tokens_since`
	`26`	`+ if chrono::DateTime::from_timestamp(token.claims.iat, 0).unwrap() < user.data.valid_tokens_since`
`29`	`27`	`{`
`30`	`28`	`return Err(Error::User(UserError::InvalidToken));`
`31`	`29`	`}`