gitdata.ai/gitks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
931d82cbb909ce387e66ec4d7990cc39923a1e3d
gitks/api/auth/register.rs
T
zhenyi 0d3b53f7a0 feat(auth): add comprehensive authentication system with 2FA support 
- Add new auth module with captcha, login, logout, register, and email verification endpoints
- Implement two-factor authentication with TOTP enable, disable, verify, and backup codes regeneration
- Create RSA public key endpoint for secure password encryption
- Add user profile management with get current user and email retrieval
- Integrate OpenAPI documentation for all authentication endpoints
- Implement password reset functionality with email verification flow
- Add comprehensive API response structures with proper error handling
- Configure all auth routes under /api/v1/auth scope with proper tagging
2026-06-07 18:09:38 +08:00

65 lines
2.6 KiB
Rust
Raw Blame History

use actix_web::{HttpResponse, web};
use serde::Serialize;
use uuid::Uuid;
use crate::api::response::{ApiErrorResponse, ApiResponse};
use crate::error::AppError;
use crate::models::users::User;
use crate::service::AppService;
use crate::service::auth::register::RegisterParams;
use crate::session::Session;
#[derive(Debug, Serialize, utoipa::ToSchema)]
pub struct RegisterResponse {
/// Newly created user id.
pub id: Uuid,
/// Unique username used for login and profile URL.
pub username: String,
/// Display name initialized from username.
pub display_name: Option<String>,
/// Avatar URL; usually absent right after registration.
pub avatar_url: Option<String>,
}
impl From<User> for RegisterResponse {
fn from(user: User) -> Self {
Self {
id: user.id,
username: user.username,
display_name: user.display_name,
avatar_url: user.avatar_url,
}
}
}
#[utoipa::path(
post,
path = "/api/v1/auth/register",
tag = "Auth",
operation_id = "authRegister",
summary = "Register a new account",
description = "Create an account after validating username, email, password, captcha, and email verification code. password must be encrypted with the current session RSA public key; captcha and email_code are one-time credentials. On successful registration, the new user is written to the session and does not need to log in again.",
request_body(
content = RegisterParams,
description = "Registration parameters. email_code comes from /auth/register/email-code; password is a Base64 ciphertext encrypted with RSA-OAEP-SHA256.",
content_type = "application/json"
),
responses(
(status = 200, description = "Registration succeeded; the current session is automatically signed in as the new user.", body = ApiResponse<RegisterResponse>),
(status = 400, description = "Captcha error, email verification code error, weak password, RSA decryption failure, or missing required fields.", body = ApiErrorResponse),
(status = 409, description = "The username or email is already in use.", body = ApiErrorResponse),
(status = 500, description = "Database transaction, password hashing, cache, or session write failed.", body = ApiErrorResponse)
)
)]
pub async fn handle(
service: web::Data<AppService>,
session: Session,
params: web::Json<RegisterParams>,
) -> Result<HttpResponse, AppError> {
let user = service
.auth
.auth_register(params.into_inner(), &session)
.await?;
Ok(HttpResponse::Ok().json(ApiResponse::new(RegisterResponse::from(user))))
}
Reference in New Issue View Git Blame Copy Permalink