пароль на семьи

2025-12-15 16:51:09 +03:00
parent 1e393c79b5
commit 27d8d8ff4c
12 changed files with 330 additions and 28 deletions
--- a/backend/src/routes/family.rs
+++ b/backend/src/routes/family.rs
@@ -4,16 +4,30 @@ use axum::{
    Json,
 };
 use sea_orm::DatabaseConnection;
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};
 use utoipa::ToSchema;
+use tower_sessions::Session;

 use crate::models::family::Model as FamilyModel;
 use crate::services::FamilyService;

 #[derive(Debug, Deserialize, ToSchema)]
-#[schema(example = json!({"name": "Smith Family"}))]
+#[schema(example = json!({"name": "Smith Family", "password": "secret123"}))]
 pub struct CreateFamilyRequest {
    pub name: String,
+    pub password: String,
+}
+
+#[derive(Debug, Deserialize, ToSchema)]
+#[schema(example = json!({"password": "secret123"}))]
+pub struct VerifyFamilyPasswordRequest {
+    pub password: String,
+}
+
+#[derive(Debug, Serialize, ToSchema)]
+#[schema(example = json!({"valid": true}))]
+pub struct VerifyFamilyPasswordResponse {
+    pub valid: bool,
 }

 #[derive(Debug, Deserialize, ToSchema)]
@@ -36,7 +50,7 @@ pub async fn create_family(
    State(db): State<DatabaseConnection>,
    Json(payload): Json<CreateFamilyRequest>,
 ) -> Result<Json<FamilyModel>, StatusCode> {
-    FamilyService::create(&db, payload.name)
+    FamilyService::create(&db, payload.name, payload.password)
        .await
        .map(Json)
        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)
@@ -129,3 +143,48 @@ pub async fn delete_family(
        .map(|_| StatusCode::NO_CONTENT)
        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)
 }
+
+#[utoipa::path(
+    post,
+    path = "/families/{id}/verify",
+    tag = "families",
+    params(
+        ("id" = i32, Path, description = "Family ID")
+    ),
+    request_body = VerifyFamilyPasswordRequest,
+    responses(
+        (status = 200, description = "Password verified", body = VerifyFamilyPasswordResponse),
+        (status = 401, description = "Invalid password"),
+        (status = 500, description = "Internal server error")
+    )
+)]
+pub async fn verify_family_password(
+    State(db): State<DatabaseConnection>,
+    Path(id): Path<i32>,
+    session: Session,
+    Json(payload): Json<VerifyFamilyPasswordRequest>,
+) -> Result<Json<VerifyFamilyPasswordResponse>, StatusCode> {
+    let valid = FamilyService::verify_password(&db, id, payload.password)
+        .await
+        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+
+    if valid {
+        let mut authorized_families: Vec<i32> = session
+            .get("authorized_families")
+            .await
+            .unwrap_or(None)
+            .unwrap_or_default();
+
+        if !authorized_families.contains(&id) {
+            authorized_families.push(id);
+            session
+                .insert("authorized_families", authorized_families)
+                .await
+                .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+        }
+
+        Ok(Json(VerifyFamilyPasswordResponse { valid: true }))
+    } else {
+        Err(StatusCode::UNAUTHORIZED)
+    }
+}