Add signup endpoint

src/api/auth.rs

@@ -8,12 +8,45 @@ if #[cfg(feature = "server")] {
 
 use dioxus::server::axum::Extension;
 
-use crate::server::auth::AuthSession;
+use crate::server::{auth::{AuthSession, create_user}, config::Config, database::DbPool};
 use crate::util::error::{AuthError, Contextualize, Error, ErrorType};
 
 }
 }
 
+#[post("/api/v1/auth/signup", mut auth: Extension<AuthSession>, db_pool: Extension<DbPool>, config: Extension<Config>)]
+pub async fn signup(credentials: UserCredentials) -> Result<User> {
+    if !config.auth.open_signup {
+        return Err(Error::new_here(ErrorType::Auth(AuthError::Unauthorized)));
+    }
+
+    // Don't allow signup when already logged in
+    if auth.user.is_some() {
+        return Err(Error::new_here(ErrorType::Auth(AuthError::Unauthorized)));
+    }
+
+    let hashed_creds = credentials
+        .try_hash()
+        .map_err(|e| Error::message_here(e.to_string()))
+        .err_context("Error hashing new user credentials")?;
+
+    let mut db_conn = db_pool
+        .get()
+        .await
+        .err_context("Failed to get database pool connection")?;
+
+    let new_user = create_user(&mut db_conn, &hashed_creds)
+        .await
+        .err_context("Error creating user")?;
+
+    // Don't return this to the client, logging in immediately isn't strictly necessary
+    if let Err(e) = auth.login(&new_user).await {
+        tracing::warn!("Failed to log in user after creating: {e}");
+    }
+
+    Ok(new_user.into())
+}
+
 #[post("/api/v1/auth/login", mut auth: Extension<AuthSession>)]
 pub async fn login(credentials: UserCredentials) -> Result<User> {
     let db_user = match auth.authenticate(credentials).await {