GKaszewski/movies-diary
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: CORS, role in auth, banner_url, diary sort, cleanup

Browse Source 
- CORS layer on API routes via CORS_ORIGINS env var
- role field in login + profile responses
- banner_url in profile response
- diary sort_by: rating_desc/rating_asc/date_asc/date_desc
- UserRole::as_str() to deduplicate role mapping
- typed DTOs for import preview (replace ad-hoc JSON)
- warn on invalid CORS origins
This commit is contained in:
Gabriel Kaszewski
2026-06-04 02:06:51 +02:00
parent 7b9b0f9ffe
commit bf73d4a695
10 changed files with 122 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/application/src/auth/login.rs
View File

@@ -10,6 +10,7 @@ pub struct LoginResult {
pub user_id: Uuid,
pub email: String,
pub expires_at: DateTime<Utc>,
pub role: String,
}
pub async fn execute(ctx: &AppContext, query: LoginQuery) -> Result<LoginResult, DomainError> {
@@ -37,6 +38,7 @@ pub async fn execute(ctx: &AppContext, query: LoginQuery) -> Result<LoginResult,
user_id: user.id().value(),
email: user.email().value().to_string(),
expires_at: generated.expires_at,
role: user.role().as_str().into(),
})
}