feat: get candidate details

2026-06-16 21:11:06 +00:00 · 2022-11-08 01:22:10 +01:00 · 2022-11-08 01:22:10 +01:00 · 7b4707fae6
commit 7b4707fae6
parent 077adfd117
5 changed files with 66 additions and 11 deletions
--- a/api/src/lib.rs
+++ b/api/src/lib.rs
@ -42,6 +42,7 @@ async fn start() -> Result<(), rocket::Error> {
                routes::candidate::login,
                routes::candidate::whoami,
                routes::candidate::fill_details,
+                routes::candidate::get_details,
            ],
        )
        .mount(
--- a/api/src/requests.rs
+++ b/api/src/requests.rs
@ -21,4 +21,10 @@ pub struct RegisterRequest {
 pub struct AdminLoginRequest {
    pub admin_id: i32,
    pub password: String,
+}
+
+#[derive(Serialize, Deserialize)]
+#[serde(crate = "rocket::serde")]
+pub struct PasswordRequest {
+    pub password: String,
 }
--- a/api/src/routes/candidate.rs
+++ b/api/src/routes/candidate.rs
@ -8,6 +8,7 @@ use rocket::serde::json::Json;

 use sea_orm_rocket::Connection;

+use crate::requests::PasswordRequest;
 use crate::{guards::request::auth::CandidateAuth, pool::Db, requests};

 #[post("/login", data = "<login_form>")]
@ -70,3 +71,49 @@ pub async fn fill_details(

    Ok("Details added".to_string())
 }
+
+#[post("/get_details", data = "<password_form>")]
+pub async fn get_details(
+    conn: Connection<'_, Db>,
+    password_form: Json<PasswordRequest>,
+    session: CandidateAuth,
+) -> Result<Json<UserDetails>, Custom<String>> {
+    let db = conn.into_inner();
+    let candidate: entity::candidate::Model = session.into();
+    let password = password_form.password.clone();
+
+    // let handle = tokio::spawn(async move {
+    let details = CandidateService::decrypt_details(db, candidate.application, password).await.map_err(|e| {
+        Custom(
+            Status::from_code(e.code()).unwrap_or_default(),
+            e.message(),
+        )
+    });
+
+    details.map(|d| Json(d))
+}
+
+// #[post("/details", data = "<password_form>")]
+// pub async fn get_details(
+//     conn: Connection<'_, Db>,
+//     password_form: Json<PasswordRequest>,
+//     session: CandidateAuth,
+// ) -> Result<String, Custom<String>> {
+//     let db = conn.into_inner();
+//     let candidate: entity::candidate::Model = session.into();
+//     let password = password_form.password.clone();
+
+//     let details = CandidateService::decrypt_details(db, candidate.application, password).await;
+
+//     if details.is_err() {
+//         // TODO cleanup
+//         let e = details.err().unwrap();
+//         return Err(Custom(
+//             Status::from_code(e.code()).unwrap_or_default(),
+//             e.message(),
+//         ));
+//     }
+
+//     // Ok(Json(details.unwrap()))
+//     Ok("coming soon".to_string())
+// }
--- a/core/src/crypto.rs
+++ b/core/src/crypto.rs
@ -11,6 +11,8 @@ use std::iter;
 use std::path::Path;
 use std::str::FromStr;

+use crate::error::ServiceError;
+
 /// Foolproof random 8 char string
 /// only uppercase letters (except for 0 and O) and numbers
 /// TODO tests
@ -265,14 +267,14 @@ pub async fn encrypt_password_with_recipients(
 pub async fn decrypt_password_with_private_key(
    password_encrypted: &str,
    key: &str,
-) -> Result<String, Box<dyn std::error::Error>> {
-    let encrypted = base64::decode(password_encrypted)?;
+) -> Result<String, ServiceError> {
+    let encrypted = base64::decode(password_encrypted).unwrap();

    let mut decrypt_buffer = Vec::new();

-    age_decrypt_with_private_key(encrypted.as_slice(), &mut decrypt_buffer, key).await?;
+    age_decrypt_with_private_key(encrypted.as_slice(), &mut decrypt_buffer, key).await.unwrap();

-    Ok(String::from_utf8(decrypt_buffer)?)
+    Ok(String::from_utf8(decrypt_buffer).ok().unwrap())
 }

 pub async fn encrypt_file_with_recipients<P: AsRef<Path>>(
--- a/core/src/services/candidate_service.rs
+++ b/core/src/services/candidate_service.rs
@ -1,6 +1,6 @@
 use entity::candidate;
 use sea_orm::{prelude::Uuid, DbConn};
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};

 use crate::{
    crypto::{self, hash_password},
@ -169,7 +169,7 @@ impl EncryptedUserDetails {
    }
 }

-#[derive(Debug, Deserialize)]
+#[derive(Debug, Serialize, Deserialize)]
 pub struct UserDetails {
    pub name: String,
    pub surname: String,
@ -273,11 +273,10 @@ impl CandidateService {
        candidate_id: i32,
        password: String,
    ) -> Result<UserDetails, ServiceError> {
-        // compare passwords // TODO: login in api?? // TODO: dedicated function
-        let candidate = Query::find_candidate_by_id(db, candidate_id)
-            .await
-            .map_err(|_| ServiceError::DbError)?
-            .ok_or(ServiceError::UserNotFound)?;
+        let candidate = match Query::find_candidate_by_id(db, candidate_id).await {
+            Ok(candidate) => candidate.unwrap(),
+            Err(_) => return Err(ServiceError::DbError), // TODO: logging
+        };

        match crypto::verify_password((&password).to_string(), candidate.code.clone()).await {
            Ok(valid) => {