feat(api): implement all apikeys handlers

Akinator31 · Akinator31 · commit 3815fc842663 · 2025-11-20T15:09:56.000+01:00
diff --git a/rustmail/src/api/handler/apikeys/create.rs b/rustmail/src/api/handler/apikeys/create.rs
@@ -0,0 +1,82 @@
+use crate::db::operations::{create_api_key, generate_api_key};
+use crate::db::repr::Permission;
+use crate::prelude::types::*;
+use axum::Json;
+use axum::extract::State;
+use axum::http::StatusCode;
+use serde::{Deserialize, Serialize};
+use std::sync::Arc;
+use tokio::sync::Mutex;
+
+#[derive(Deserialize)]
+pub struct CreateApiKeyRequest {
+    pub name: String,
+    pub permissions: Vec<Permission>,
+    pub expires_at: Option<i64>,
+}
+
+#[derive(Serialize)]
+pub struct CreateApiKeyResponse {
+    pub api_key: String,
+    pub id: i64,
+    pub name: String,
+    pub permissions: Vec<Permission>,
+    pub created_at: i64,
+    pub expires_at: Option<i64>,
+}
+
+pub async fn create_api_key_handler(
+    State(bot_state): State<Arc<Mutex<BotState>>>,
+    Json(req): Json<CreateApiKeyRequest>,
+) -> Result<Json<CreateApiKeyResponse>, (StatusCode, String)> {
+    if req.name.trim().is_empty() {
+        return Err((StatusCode::BAD_REQUEST, "Name cannot be empty".to_string()));
+    }
+
+    if req.permissions.is_empty() {
+        return Err((
+            StatusCode::BAD_REQUEST,
+            "At least one permission is required".to_string(),
+        ));
+    }
+
+    let db_pool = {
+        let state_lock = bot_state.lock().await;
+        match &state_lock.db_pool {
+            Some(pool) => pool.clone(),
+            None => {
+                return Err((
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    "Database not initialized".to_string(),
+                ));
+            }
+        }
+    };
+
+    let (plain_key, key_hash) = match generate_api_key() {
+        Ok(keys) => keys,
+        Err(e) => return Err((StatusCode::INTERNAL_SERVER_ERROR, e)),
+    };
+
+    let api_key = match create_api_key(
+        &db_pool,
+        key_hash,
+        req.name,
+        req.permissions,
+        req.expires_at,
+    )
+    .await
+    {
+        Ok(key) => key,
+        Err(e) => return Err((StatusCode::INTERNAL_SERVER_ERROR, e)),
+    };
+
+    Ok(Json(CreateApiKeyResponse {
+        api_key: plain_key,
+        id: api_key.id,
+        name: api_key.name,
+        permissions: api_key.permissions,
+        created_at: api_key.created_at,
+        expires_at: api_key.expires_at,
+    }))
+}
diff --git a/rustmail/src/api/handler/apikeys/delete.rs b/rustmail/src/api/handler/apikeys/delete.rs
@@ -0,0 +1,29 @@
+use crate::db::operations::delete_api_key;
+use crate::prelude::types::*;
+use axum::extract::{Path, State};
+use axum::http::StatusCode;
+use std::sync::Arc;
+use tokio::sync::Mutex;
+
+pub async fn delete_api_key_handler(
+    State(bot_state): State<Arc<Mutex<BotState>>>,
+    Path(id): Path<i64>,
+) -> Result<StatusCode, (StatusCode, String)> {
+    let db_pool = {
+        let state_lock = bot_state.lock().await;
+        match &state_lock.db_pool {
+            Some(pool) => pool.clone(),
+            None => {
+                return Err((
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    "Database not initialized".to_string(),
+                ))
+            }
+        }
+    };
+
+    match delete_api_key(&db_pool, id).await {
+        Ok(_) => Ok(StatusCode::NO_CONTENT),
+        Err(e) => Err((StatusCode::INTERNAL_SERVER_ERROR, e)),
+    }
+}
diff --git a/rustmail/src/api/handler/apikeys/list.rs b/rustmail/src/api/handler/apikeys/list.rs
@@ -0,0 +1,68 @@
+use crate::db::operations::list_api_keys;
+use crate::db::repr::{ApiKey, Permission};
+use crate::prelude::types::*;
+use axum::Json;
+use axum::extract::State;
+use axum::http::StatusCode;
+use serde::Serialize;
+use std::sync::Arc;
+use tokio::sync::Mutex;
+
+#[derive(Serialize)]
+pub struct ApiKeyListItem {
+    pub id: i64,
+    pub name: String,
+    pub permissions: Vec<Permission>,
+    pub created_at: i64,
+    pub expires_at: Option<i64>,
+    pub last_used_at: Option<i64>,
+    pub is_active: bool,
+    pub key_preview: String,
+}
+
+impl From<ApiKey> for ApiKeyListItem {
+    fn from(key: ApiKey) -> Self {
+        let key_preview = if key.key_hash.len() > 12 {
+            format!("{}...", &key.key_hash[..12])
+        } else {
+            key.key_hash.clone()
+        };
+
+        ApiKeyListItem {
+            id: key.id,
+            name: key.name,
+            permissions: key.permissions,
+            created_at: key.created_at,
+            expires_at: key.expires_at,
+            last_used_at: key.last_used_at,
+            is_active: key.is_active,
+            key_preview,
+        }
+    }
+}
+
+pub async fn list_api_keys_handler(
+    State(bot_state): State<Arc<Mutex<BotState>>>,
+) -> Result<Json<Vec<ApiKeyListItem>>, (StatusCode, String)> {
+    let db_pool = {
+        let state_lock = bot_state.lock().await;
+        match &state_lock.db_pool {
+            Some(pool) => pool.clone(),
+            None => {
+                return Err((
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    "Database not initialized".to_string(),
+                ));
+            }
+        }
+    };
+
+    let api_keys = match list_api_keys(&db_pool).await {
+        Ok(keys) => keys,
+        Err(e) => return Err((StatusCode::INTERNAL_SERVER_ERROR, e)),
+    };
+
+    let response: Vec<ApiKeyListItem> = api_keys.into_iter().map(|k| k.into()).collect();
+
+    Ok(Json(response))
+}
diff --git a/rustmail/src/api/handler/apikeys/mod.rs b/rustmail/src/api/handler/apikeys/mod.rs
@@ -0,0 +1,9 @@
+mod create;
+mod delete;
+mod list;
+mod revoke;
+
+pub use create::*;
+pub use delete::*;
+pub use list::*;
+pub use revoke::*;
diff --git a/rustmail/src/api/handler/apikeys/revoke.rs b/rustmail/src/api/handler/apikeys/revoke.rs
@@ -0,0 +1,29 @@
+use crate::db::operations::revoke_api_key;
+use crate::prelude::types::*;
+use axum::extract::{Path, State};
+use axum::http::StatusCode;
+use std::sync::Arc;
+use tokio::sync::Mutex;
+
+pub async fn revoke_api_key_handler(
+    State(bot_state): State<Arc<Mutex<BotState>>>,
+    Path(id): Path<i64>,
+) -> Result<StatusCode, (StatusCode, String)> {
+    let db_pool = {
+        let state_lock = bot_state.lock().await;
+        match &state_lock.db_pool {
+            Some(pool) => pool.clone(),
+            None => {
+                return Err((
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    "Database not initialized".to_string(),
+                ))
+            }
+        }
+    };
+
+    match revoke_api_key(&db_pool, id).await {
+        Ok(_) => Ok(StatusCode::NO_CONTENT),
+        Err(e) => Err((StatusCode::INTERNAL_SERVER_ERROR, e)),
+    }
+}
diff --git a/rustmail/src/api/handler/mod.rs b/rustmail/src/api/handler/mod.rs
@@ -1,9 +1,11 @@
+pub mod apikeys;
 pub mod auth;
 pub mod bot;
 pub mod externals;
 pub mod panel;
 pub mod user;
 
+pub use apikeys::*;
 pub use auth::*;
 pub use bot::*;
 pub use externals::*;
