zed/crates/collab/src/api.rs

use crate::{
    auth,
    db::{User, UserId},
    rpc::{self, ResultExt},
    AppState, Error, Result,
};
use anyhow::anyhow;
use axum::{
    body::Body,
    extract::{Path, Query},
    http::{self, Request, StatusCode},
    middleware::{self, Next},
    response::IntoResponse,
    routing::{get, post, put},
    Extension, Json, Router,
};
use axum_extra::response::ErasedJson;
use serde::{Deserialize, Serialize};
use std::sync::Arc;
use tower::ServiceBuilder;
use tracing::instrument;

pub fn routes(rpc_server: &Arc<rpc::Server>, state: Arc<AppState>) -> Router<Body> {
    Router::new()
        .route("/users", get(get_users).post(create_user))
        .route(
            "/users/:id",
            put(update_user).delete(destroy_user).get(get_user),
        )
        .route("/users/:id/access_tokens", post(create_access_token))
        .route("/invite_codes/:code", get(get_user_for_invite_code))
        .route("/panic", post(trace_panic))
        .route("/rpc_server_snapshot", get(get_rpc_server_snapshot))
        .layer(
            ServiceBuilder::new()
                .layer(Extension(state))
                .layer(Extension(rpc_server.clone()))
                .layer(middleware::from_fn(validate_api_token)),
        )
}

pub async fn validate_api_token<B>(req: Request<B>, next: Next<B>) -> impl IntoResponse {
    let token = req
        .headers()
        .get(http::header::AUTHORIZATION)
        .and_then(|header| header.to_str().ok())
        .ok_or_else(|| {
            Error::Http(
                StatusCode::BAD_REQUEST,
                "missing authorization header".to_string(),
            )
        })?
        .strip_prefix("token ")
        .ok_or_else(|| {
            Error::Http(
                StatusCode::BAD_REQUEST,
                "invalid authorization header".to_string(),
            )
        })?;

    let state = req.extensions().get::<Arc<AppState>>().unwrap();

    if token != state.api_token {
        Err(Error::Http(
            StatusCode::UNAUTHORIZED,
            "invalid authorization token".to_string(),
        ))?
    }

    Ok::<_, Error>(next.run(req).await)
}

async fn get_users(Extension(app): Extension<Arc<AppState>>) -> Result<Json<Vec<User>>> {
    let users = app.db.get_all_users().await?;
    Ok(Json(users))
}

#[derive(Deserialize, Debug)]
struct CreateUserParams {
    github_login: String,
    invite_code: Option<String>,
    email_address: Option<String>,
    admin: bool,
}

async fn create_user(
    Json(params): Json<CreateUserParams>,
    Extension(app): Extension<Arc<AppState>>,
    Extension(rpc_server): Extension<Arc<rpc::Server>>,
) -> Result<Json<User>> {
    let user_id = if let Some(invite_code) = params.invite_code {
        let invitee_id = app
            .db
            .redeem_invite_code(
                &invite_code,
                &params.github_login,
                params.email_address.as_deref(),
            )
            .await?;
        rpc_server
            .invite_code_redeemed(&invite_code, invitee_id)
            .await
            .trace_err();
        invitee_id
    } else {
        app.db
            .create_user(
                &params.github_login,
                params.email_address.as_deref(),
                params.admin,
            )
            .await?
    };

    let user = app
        .db
        .get_user_by_id(user_id)
        .await?
        .ok_or_else(|| anyhow!("couldn't find the user we just created"))?;

    Ok(Json(user))
}

#[derive(Deserialize)]
struct UpdateUserParams {
    admin: Option<bool>,
    invite_count: Option<u32>,
}

async fn update_user(
    Path(user_id): Path<i32>,
    Json(params): Json<UpdateUserParams>,
    Extension(app): Extension<Arc<AppState>>,
    Extension(rpc_server): Extension<Arc<rpc::Server>>,
) -> Result<()> {
    let user_id = UserId(user_id);

    if let Some(admin) = params.admin {
        app.db.set_user_is_admin(user_id, admin).await?;
    }

    if let Some(invite_count) = params.invite_count {
        app.db.set_invite_count(user_id, invite_count).await?;
        rpc_server.invite_count_updated(user_id).await.trace_err();
    }

    Ok(())
}

async fn destroy_user(
    Path(user_id): Path<i32>,
    Extension(app): Extension<Arc<AppState>>,
) -> Result<()> {
    app.db.destroy_user(UserId(user_id)).await?;
    Ok(())
}

async fn get_user(
    Path(login): Path<String>,
    Extension(app): Extension<Arc<AppState>>,
) -> Result<Json<User>> {
    let user = app
        .db
        .get_user_by_github_login(&login)
        .await?
        .ok_or_else(|| Error::Http(StatusCode::NOT_FOUND, "User not found".to_string()))?;
    Ok(Json(user))
}

#[derive(Debug, Deserialize)]
struct Panic {
    version: String,
    text: String,
}

#[instrument(skip(panic))]
async fn trace_panic(panic: Json<Panic>) -> Result<()> {
    tracing::error!(version = %panic.version, text = %panic.text, "panic report");
    Ok(())
}

async fn get_rpc_server_snapshot(
    Extension(rpc_server): Extension<Arc<rpc::Server>>,
) -> Result<ErasedJson> {
    Ok(ErasedJson::pretty(rpc_server.snapshot().await))
}

#[derive(Deserialize)]
struct CreateAccessTokenQueryParams {
    public_key: String,
    impersonate: Option<String>,
}

#[derive(Serialize)]
struct CreateAccessTokenResponse {
    user_id: UserId,
    encrypted_access_token: String,
}

async fn create_access_token(
    Path(login): Path<String>,
    Query(params): Query<CreateAccessTokenQueryParams>,
    Extension(app): Extension<Arc<AppState>>,
) -> Result<Json<CreateAccessTokenResponse>> {
    //     request.require_token().await?;

    let user = app
        .db
        .get_user_by_github_login(&login)
        .await?
        .ok_or_else(|| anyhow!("user not found"))?;

    let mut user_id = user.id;
    if let Some(impersonate) = params.impersonate {
        if user.admin {
            if let Some(impersonated_user) = app.db.get_user_by_github_login(&impersonate).await? {
                user_id = impersonated_user.id;
            } else {
                return Err(Error::Http(
                    StatusCode::UNPROCESSABLE_ENTITY,
                    format!("user {impersonate} does not exist"),
                ));
            }
        } else {
            return Err(Error::Http(
                StatusCode::UNAUTHORIZED,
                format!("you do not have permission to impersonate other users"),
            ));
        }
    }

    let access_token = auth::create_access_token(app.db.as_ref(), user_id).await?;
    let encrypted_access_token =
        auth::encrypt_access_token(&access_token, params.public_key.clone())?;

    Ok(Json(CreateAccessTokenResponse {
        user_id,
        encrypted_access_token,
    }))
}

async fn get_user_for_invite_code(
    Path(code): Path<String>,
    Extension(app): Extension<Arc<AppState>>,
) -> Result<Json<User>> {
    Ok(Json(app.db.get_user_for_invite_code(&code).await?))
}
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`use crate::{`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`auth,`
			`db::{User, UserId},`
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`rpc::{self, ResultExt},`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`AppState, Error, Result,`
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`};`
			`use anyhow::anyhow;`
WIP: Switch to axum 2022-04-24 17:08:25 +00:00			`use axum::{`
			`body::Body,`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`extract::{Path, Query},`
WIP 2022-04-26 02:05:09 +00:00			`http::{self, Request, StatusCode},`
			`middleware::{self, Next},`
			`response::IntoResponse,`
			`routing::{get, post, put},`
			`Extension, Json, Router,`
WIP: Switch to axum 2022-04-24 17:08:25 +00:00			`};`
Pretty-print JSON of server snapshot 2022-05-26 07:34:39 +00:00			`use axum_extra::response::ErasedJson;`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`use serde::{Deserialize, Serialize};`
Add the fetching of user JSON by github login with a token header 2021-12-19 16:43:13 +00:00			`use std::sync::Arc;`
WIP 2022-04-26 02:05:09 +00:00			`use tower::ServiceBuilder;`
Capture crash reports and upload them the next time Zed launches 2022-05-02 13:17:43 +00:00			`use tracing::instrument;`
WIP 2022-04-24 16:45:20 +00:00
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`pub fn routes(rpc_server: &Arc<rpc::Server>, state: Arc<AppState>) -> Router<Body> {`
WIP 2022-04-26 02:05:09 +00:00			`Router::new()`
			`.route("/users", get(get_users).post(create_user))`
Get zed.dev working with new collab backend Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-26 17:15:41 +00:00			`.route(`
			`"/users/:id",`
			`put(update_user).delete(destroy_user).get(get_user),`
			`)`
			`.route("/users/:id/access_tokens", post(create_access_token))`
Add ability to get the user for an invite code in collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-19 18:35:07 +00:00			`.route("/invite_codes/:code", get(get_user_for_invite_code))`
Rename "crash" to "panic" We are not really sending crash reports but Rust panics, so might as well be clear about that. 2022-05-02 15:36:56 +00:00			`.route("/panic", post(trace_panic))`
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`.route("/rpc_server_snapshot", get(get_rpc_server_snapshot))`
WIP 2022-04-26 02:05:09 +00:00			`.layer(`
			`ServiceBuilder::new()`
			`.layer(Extension(state))`
Update users and invite count after an invite gets redeemed 2022-05-20 10:02:31 +00:00			`.layer(Extension(rpc_server.clone()))`
WIP 2022-04-26 02:05:09 +00:00			`.layer(middleware::from_fn(validate_api_token)),`
			`)`
WIP 2022-04-24 16:45:20 +00:00			`}`

WIP 2022-04-26 02:05:09 +00:00			`pub async fn validate_api_token<B>(req: Request<B>, next: Next<B>) -> impl IntoResponse {`
Validate API token for all API routes 2022-04-26 02:10:14 +00:00			`let token = req`
WIP 2022-04-26 02:05:09 +00:00			`.headers()`
			`.get(http::header::AUTHORIZATION)`
			`.and_then(\|header\| header.to_str().ok())`
			`.ok_or_else(\|\| {`
			`Error::Http(`
			`StatusCode::BAD_REQUEST,`
			`"missing authorization header".to_string(),`
			`)`
Validate API token for all API routes 2022-04-26 02:10:14 +00:00			`})?`
			`.strip_prefix("token ")`
			`.ok_or_else(\|\| {`
			`Error::Http(`
			`StatusCode::BAD_REQUEST,`
			`"invalid authorization header".to_string(),`
			`)`
WIP 2022-04-26 02:05:09 +00:00			`})?;`

Validate API token for all API routes 2022-04-26 02:10:14 +00:00			`let state = req.extensions().get::<Arc<AppState>>().unwrap();`

			`if token != state.api_token {`
			`Err(Error::Http(`
			`StatusCode::UNAUTHORIZED,`
			`"invalid authorization token".to_string(),`
			`))?`
			`}`

WIP 2022-04-26 02:05:09 +00:00			`Ok::<_, Error>(next.run(req).await)`
			`}`

			`async fn get_users(Extension(app): Extension<Arc<AppState>>) -> Result<Json<Vec<User>>> {`
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`let users = app.db.get_all_users().await?;`
			`Ok(Json(users))`
WIP: Switch to axum 2022-04-24 17:08:25 +00:00			`}`

Accept an optional email address when creating new users 2022-05-21 02:24:02 +00:00			`#[derive(Deserialize, Debug)]`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`struct CreateUserParams {`
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`github_login: String,`
WIP 2022-05-18 17:51:47 +00:00			`invite_code: Option<String>,`
Accept an optional email address when creating new users 2022-05-21 02:24:02 +00:00			`email_address: Option<String>,`
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`admin: bool,`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`async fn create_user(`
			`Json(params): Json<CreateUserParams>,`
WIP 2022-04-26 02:05:09 +00:00			`Extension(app): Extension<Arc<AppState>>,`
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`Extension(rpc_server): Extension<Arc<rpc::Server>>,`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`) -> Result<Json<User>> {`
WIP 2022-05-18 22:14:58 +00:00			`let user_id = if let Some(invite_code) = params.invite_code {`
Update users and invite count after an invite gets redeemed 2022-05-20 10:02:31 +00:00			`let invitee_id = app`
			`.db`
Accept an optional email address when creating new users 2022-05-21 02:24:02 +00:00			`.redeem_invite_code(`
			`&invite_code,`
			`&params.github_login,`
			`params.email_address.as_deref(),`
			`)`
Update users and invite count after an invite gets redeemed 2022-05-20 10:02:31 +00:00			`.await?;`
			`rpc_server`
			`.invite_code_redeemed(&invite_code, invitee_id)`
			`.await`
			`.trace_err();`
			`invitee_id`
WIP 2022-05-18 17:51:47 +00:00			`} else {`
WIP 2022-05-18 22:14:58 +00:00			`app.db`
Accept an optional email address when creating new users 2022-05-21 02:24:02 +00:00			`.create_user(`
			`&params.github_login,`
			`params.email_address.as_deref(),`
			`params.admin,`
			`)`
WIP 2022-05-18 17:51:47 +00:00			`.await?`
			`};`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
WIP 2022-05-18 22:14:58 +00:00			`let user = app`
			`.db`
			`.get_user_by_id(user_id)`
			`.await?`
			`.ok_or_else(\|\| anyhow!("couldn't find the user we just created"))?;`

WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`Ok(Json(user))`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`#[derive(Deserialize)]`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`struct UpdateUserParams {`
Add ability to update invite count to collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-18 16:23:08 +00:00			`admin: Option<bool>,`
			`invite_count: Option<u32>,`
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`async fn update_user(`
			`Path(user_id): Path<i32>,`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`Json(params): Json<UpdateUserParams>,`
WIP 2022-04-26 02:05:09 +00:00			`Extension(app): Extension<Arc<AppState>>,`
Update connected users' invite info when they are granted invite codes 2022-06-06 18:14:01 +00:00			`Extension(rpc_server): Extension<Arc<rpc::Server>>,`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`) -> Result<()> {`
Update connected users' invite info when they are granted invite codes 2022-06-06 18:14:01 +00:00			`let user_id = UserId(user_id);`

Add ability to update invite count to collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-18 16:23:08 +00:00			`if let Some(admin) = params.admin {`
Update connected users' invite info when they are granted invite codes 2022-06-06 18:14:01 +00:00			`app.db.set_user_is_admin(user_id, admin).await?;`
Add ability to update invite count to collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-18 16:23:08 +00:00			`}`

			`if let Some(invite_count) = params.invite_count {`
Update connected users' invite info when they are granted invite codes 2022-06-06 18:14:01 +00:00			`app.db.set_invite_count(user_id, invite_count).await?;`
			`rpc_server.invite_count_updated(user_id).await.trace_err();`
Add ability to update invite count to collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-18 16:23:08 +00:00			`}`

WIP Continue adding in more API routes 2022-04-25 00:02:14 +00:00			`Ok(())`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
WIP 2022-04-26 02:05:09 +00:00			`async fn destroy_user(`
			`Path(user_id): Path<i32>,`
			`Extension(app): Extension<Arc<AppState>>,`
			`) -> Result<()> {`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`app.db.destroy_user(UserId(user_id)).await?;`
			`Ok(())`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
WIP 2022-04-26 02:05:09 +00:00			`async fn get_user(`
			`Path(login): Path<String>,`
			`Extension(app): Extension<Arc<AppState>>,`
			`) -> Result<Json<User>> {`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`let user = app`
			`.db`
			`.get_user_by_github_login(&login)`
			`.await?`
Return 404 from API if no user is found Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-18 16:32:58 +00:00			`.ok_or_else(\|\| Error::Http(StatusCode::NOT_FOUND, "User not found".to_string()))?;`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`Ok(Json(user))`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
Capture crash reports and upload them the next time Zed launches 2022-05-02 13:17:43 +00:00			`#[derive(Debug, Deserialize)]`
Rename "crash" to "panic" We are not really sending crash reports but Rust panics, so might as well be clear about that. 2022-05-02 15:36:56 +00:00			`struct Panic {`
Capture crash reports and upload them the next time Zed launches 2022-05-02 13:17:43 +00:00			`version: String,`
			`text: String,`
			`}`

Rename "crash" to "panic" We are not really sending crash reports but Rust panics, so might as well be clear about that. 2022-05-02 15:36:56 +00:00			`#[instrument(skip(panic))]`
			`async fn trace_panic(panic: Json<Panic>) -> Result<()> {`
			`tracing::error!(version = %panic.version, text = %panic.text, "panic report");`
Capture crash reports and upload them the next time Zed launches 2022-05-02 13:17:43 +00:00			`Ok(())`
			`}`

Pretty-print JSON of server snapshot 2022-05-26 07:34:39 +00:00			`async fn get_rpc_server_snapshot(`
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`Extension(rpc_server): Extension<Arc<rpc::Server>>,`
Pretty-print JSON of server snapshot 2022-05-26 07:34:39 +00:00			`) -> Result<ErasedJson> {`
			`Ok(ErasedJson::pretty(rpc_server.snapshot().await))`
Implement /rpc_server_snapshot endpoint This returns a JSON snapshot of the state of the server 2022-05-25 23:42:25 +00:00			`}`

Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`#[derive(Deserialize)]`
			`struct CreateAccessTokenQueryParams {`
			`public_key: String,`
			`impersonate: Option<String>,`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`#[derive(Serialize)]`
			`struct CreateAccessTokenResponse {`
			`user_id: UserId,`
			`encrypted_access_token: String,`
			`}`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`async fn create_access_token(`
			`Path(login): Path<String>,`
			`Query(params): Query<CreateAccessTokenQueryParams>,`
WIP 2022-04-26 02:05:09 +00:00			`Extension(app): Extension<Arc<AppState>>,`
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`) -> Result<Json<CreateAccessTokenResponse>> {`
			`// request.require_token().await?;`
WIP: Get compiling with Tokio by commenting almost everything Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-04-22 19:33:19 +00:00
Finish adding API routes We haven't tested them yet. Co-Authored-By: Max Brunsfeld <maxbrunsfeld@gmail.com> 2022-04-25 23:51:13 +00:00			`let user = app`
			`.db`
			`.get_user_by_github_login(&login)`
			`.await?`
			`.ok_or_else(\|\| anyhow!("user not found"))?;`

			`let mut user_id = user.id;`
			`if let Some(impersonate) = params.impersonate {`
			`if user.admin {`
			`if let Some(impersonated_user) = app.db.get_user_by_github_login(&impersonate).await? {`
			`user_id = impersonated_user.id;`
			`} else {`
			`return Err(Error::Http(`
			`StatusCode::UNPROCESSABLE_ENTITY,`
			`format!("user {impersonate} does not exist"),`
			`));`
			`}`
			`} else {`
			`return Err(Error::Http(`
			`StatusCode::UNAUTHORIZED,`
			`format!("you do not have permission to impersonate other users"),`
			`));`
			`}`
			`}`

			`let access_token = auth::create_access_token(app.db.as_ref(), user_id).await?;`
			`let encrypted_access_token =`
			`auth::encrypt_access_token(&access_token, params.public_key.clone())?;`

			`Ok(Json(CreateAccessTokenResponse {`
			`user_id,`
			`encrypted_access_token,`
			`}))`
			`}`
Add ability to get the user for an invite code in collab API Co-Authored-By: Antonio Scandurra <me@as-cii.com> 2022-05-19 18:35:07 +00:00
			`async fn get_user_for_invite_code(`
			`Path(code): Path<String>,`
			`Extension(app): Extension<Arc<AppState>>,`
			`) -> Result<Json<User>> {`
			`Ok(Json(app.db.get_user_for_invite_code(&code).await?))`
			`}`