From f67e856169869c47c25b47c3ea2bdf00e0615544 Mon Sep 17 00:00:00 2001
From: Erin Nova <erin@the-system.eu.org>
Date: Sun, 18 Jul 2021 16:36:23 -0400
Subject: [PATCH] Add json api for changing user details

---
 README.md   |  6 ++++-
 src/auth.rs | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++--
 src/main.rs |  3 ++-
 3 files changed, 74 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index c836df7..9b5f7ff 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,11 @@ or
 `GET /api/users/<name>/<pin>` Check if the user exists, and if the pin provided matches
 Returns status & reason json.
 
-`POST /api/users/change/<name>/<pin>/<new-name>/<new-pin>` Change a users pin/name
+`POST /api/users/change {"name":"<username>","pin":"<pin>","changed_event":"name/pin/pronouns","new_event":"<new name/pin/pronouns>"` Change a users details via a json post.
+
+eg. `POST /api/users/change {"name":"example","pin":"10","changed_event":"name","new_event":"test"` to change the user "example"'s name to "test"
+
+DEPRECATED `POST /api/users/change/<name>/<pin>/<new-name>/<new-pin>` Change a users pin/name
 Returns status & reason json.
 
 
diff --git a/src/auth.rs b/src/auth.rs
index bd0f09e..8e3b841 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -2,9 +2,10 @@ extern crate log;
 use crate::file_io::{append_json, read_json, write_json};
 use rocket::http::{Cookie, Cookies};
 use crate::user::User;
-use rocket_contrib::json::JsonValue;
+use rocket_contrib::json::{Json, JsonValue};
 use random_string::generate;
 extern crate sha1;
+use serde::Deserialize;
 
 #[get("/")]
 pub fn index() -> &'static str {
@@ -60,7 +61,7 @@ pub fn register_user(name: String, pin: i32, pronouns: String) -> JsonValue {
     );
     return json!({
         "status": "ok",
-        "reason": format!("user {} registered", users[users.len()-1].name.to_string().to_lowercase()),
+        "reason": format!("user {} registered", new_user.name.to_string().to_lowercase()),
     });
 }
 
@@ -121,6 +122,70 @@ pub fn check_pin(mut cookies: Cookies, name: String, pin: i32) -> JsonValue {
     });
 }
 
+#[derive(Deserialize)]
+pub struct Event {
+    pub name: String,
+    pub pin: String,
+    pub changed_event: String,
+    pub new_event: String,
+}
+
+// Change info about a user
+#[post("/users/change", format = "json", data = "<input>")]
+pub fn change_info(input: Json<Event>) -> JsonValue {
+    // read in the users & hash the pin
+    let mut users: Vec<User> = read_json();
+    let hashed_pin = sha1::Sha1::from(&input.pin).digest().to_string();
+
+    // loop through the users
+    for i in 0..users.len() {
+        if input.name.to_lowercase() == users[i].name { // if user found...
+            if hashed_pin == users[i].pin_hashed { // & if pin matches:
+                if input.changed_event == "name" {
+                    // change the name
+                    users[i].name = input.new_event.clone();
+                    info!("changed name of {} to {}", input.name, input.new_event);
+                    write_json(&users);
+                    return json!({
+                        "status": "ok",
+                        "reason": format!("changed name of {} to {}", input.name, input.new_event),
+                    });
+                } else if input.changed_event == "pin" {
+                    // change the pin
+                    let new_hashed_pin = sha1::Sha1::from(&input.new_event).digest().to_string();
+                    users[i].pin_hashed = new_hashed_pin.clone();
+                    write_json(&users);
+                    info!("changed pin of {}", input.name);
+                    return json!({
+                        "status": "ok",
+                        "reason": "changed pin",
+                    });
+                } else if input.changed_event == "pronouns" {
+                    // change the pronouns
+                    users[i].pronouns = input.new_event.clone();
+                    info!("changed pronouns of {} to {}", input.name, input.new_event);
+                    write_json(&users);
+                    return json!({
+                        "status": "ok",
+                        "reason": "successfully changed pronouns",
+                    });
+                };
+            } else {
+                warn!("incorrect pin for user {}", input.name);
+                return json!({
+                    "status": "fail",
+                    "reason": "incorrect pin",
+                });
+            };
+        };
+    };
+    warn!("couldn't change users info, user does not exist");
+    return json!({
+        "status": "fail",
+        "reason": "user doesn't exist",
+    });
+}
+
 // Change a users pin/name
 #[post("/users/change/<name>/<pin>/<new_name>/<new_pin>")]
 pub fn change(name: String, pin: i32, new_name: String, new_pin: i32) -> JsonValue {
diff --git a/src/main.rs b/src/main.rs
index d81aa01..a3db2e1 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -34,7 +34,8 @@ fn main() {
                 auth::check_pin,
                 auth::change,
                 chat::send_message,
-                chat::fetch_messages
+                chat::fetch_messages,
+                auth::change_info
             ],
         )
         .mount("/", StaticFiles::from("frontend"))