Compare commits
2 Commits
b1feb86204
...
efb2c485a5
Author | SHA1 | Date | |
---|---|---|---|
efb2c485a5 | |||
19289e8b36 |
@ -2,6 +2,13 @@
|
|||||||
|
|
||||||
create table person(
|
create table person(
|
||||||
person_id serial primary key,
|
person_id serial primary key,
|
||||||
person_email varchar(100),
|
person_email varchar(100) not null,
|
||||||
person_password varchar(100)
|
person_password varchar(100) not null
|
||||||
|
);
|
||||||
|
|
||||||
|
-- Sessions
|
||||||
|
create table session(
|
||||||
|
session_id serial primary key,
|
||||||
|
session_person_id integer not null,
|
||||||
|
session_created_at timestamp with time zone not null
|
||||||
);
|
);
|
||||||
|
@ -1,8 +1,15 @@
|
|||||||
use std::time::Duration;
|
|
||||||
|
|
||||||
use maud::Markup;
|
use maud::Markup;
|
||||||
use rocket::{form::Form, http::Status, response::Redirect, tokio::time::sleep};
|
use rocket::{
|
||||||
|
form::Form,
|
||||||
|
http::{CookieJar, Status},
|
||||||
|
response::Redirect,
|
||||||
|
};
|
||||||
|
use session::new_session;
|
||||||
|
use utils::RS_SESSION_ID;
|
||||||
|
|
||||||
|
use crate::db;
|
||||||
|
|
||||||
|
mod session;
|
||||||
mod utils;
|
mod utils;
|
||||||
|
|
||||||
#[get("/")]
|
#[get("/")]
|
||||||
@ -11,8 +18,10 @@ pub fn homepage() -> Markup {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[get("/new")]
|
#[get("/new")]
|
||||||
pub fn new_definition(_user: utils::User) -> (Status, Markup) {
|
pub fn new_definition(user: utils::Person) -> (Status, String) {
|
||||||
todo!()
|
log::info!("reached /new");
|
||||||
|
|
||||||
|
(Status::Ok, format!("User: {}", user.person_id))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/new", rank = 2)]
|
#[get("/new", rank = 2)]
|
||||||
@ -27,20 +36,46 @@ pub struct LoginData {
|
|||||||
pub login_password: String,
|
pub login_password: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#[get("/login")]
|
#[get("/login")]
|
||||||
pub fn login_page() -> Markup {
|
pub fn login_page() -> Markup {
|
||||||
crate::view::login::login()
|
crate::view::login::login()
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/login", data = "<data>")]
|
#[post("/login", data = "<data>")]
|
||||||
pub async fn login(data: Form<LoginData>) -> (Status, String) {
|
pub async fn login(data: Form<LoginData>, cookies: &CookieJar<'_>) -> (Status, String) {
|
||||||
println!("begin request: {}", data.login_email);
|
println!("begin request: {}", data.login_email);
|
||||||
|
|
||||||
|
let db = match db().await {
|
||||||
|
Ok(handle) => handle,
|
||||||
|
Err(reason) => return (Status::InternalServerError, reason),
|
||||||
|
};
|
||||||
|
|
||||||
|
let result = sqlx::query!(
|
||||||
|
"select * from person where person_email = $1 and person_password = $2",
|
||||||
|
&data.login_email,
|
||||||
|
&data.login_password,
|
||||||
|
)
|
||||||
|
.fetch_all(db)
|
||||||
|
.await;
|
||||||
|
|
||||||
// Simulate trip to db
|
let re = match result {
|
||||||
sleep(Duration::new(5, 0)).await;
|
Ok(r) => r,
|
||||||
println!("end request: {}", data.login_password);
|
Err(reason) => return (Status::InternalServerError, format!("{:?}", reason)),
|
||||||
(Status::Ok, ":D".into())
|
};
|
||||||
|
|
||||||
|
if re.len() == 1 {
|
||||||
|
// TODO: generate a session id and assign
|
||||||
|
let person = &re[0];
|
||||||
|
|
||||||
|
let session_id = match new_session(person.person_id).await {
|
||||||
|
Ok(s) => s,
|
||||||
|
Err(error) => return (Status::Unauthorized, error),
|
||||||
|
};
|
||||||
|
|
||||||
|
cookies.add_private((RS_SESSION_ID, session_id.to_string()));
|
||||||
|
|
||||||
|
(Status::Ok, "<div _='init go to url /new'></div>".into())
|
||||||
|
} else {
|
||||||
|
(Status::Unauthorized, "Correo o contraseña invalida".into())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
64
src/controller/session.rs
Normal file
64
src/controller/session.rs
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
use sqlx::types::chrono::Local;
|
||||||
|
|
||||||
|
use crate::db;
|
||||||
|
|
||||||
|
/// 30 minutes
|
||||||
|
const SESSION_LEN: i64 = 1000 * 60 * 30;
|
||||||
|
|
||||||
|
/// Checks that the session signaled by session_id
|
||||||
|
/// is valid, and returns its person_id
|
||||||
|
pub async fn check_session(session_id: i32) -> Result<i32, String> {
|
||||||
|
let db = match db().await {
|
||||||
|
Ok(handle) => handle,
|
||||||
|
Err(e) => return Err(e),
|
||||||
|
};
|
||||||
|
|
||||||
|
// TODO: return the user info on the same trip
|
||||||
|
let result = sqlx::query!("select * from session where session_id = $1", session_id,)
|
||||||
|
.fetch_one(db)
|
||||||
|
.await;
|
||||||
|
|
||||||
|
let result = match result {
|
||||||
|
Ok(r) => r,
|
||||||
|
Err(e) => return Err(format!("{:?}", e)),
|
||||||
|
};
|
||||||
|
|
||||||
|
let person_id = result.session_person_id;
|
||||||
|
let created_at = result.session_created_at.timestamp_millis();
|
||||||
|
let current_time = Local::now().to_utc().timestamp_millis();
|
||||||
|
|
||||||
|
let time_difference = current_time - created_at;
|
||||||
|
|
||||||
|
if time_difference < SESSION_LEN {
|
||||||
|
Ok(person_id)
|
||||||
|
} else {
|
||||||
|
// TODO: also remove all expired sessions
|
||||||
|
|
||||||
|
Err("Expired".into())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Creates a new session for the person_id. Deletes any
|
||||||
|
/// previous session.
|
||||||
|
pub async fn new_session(person_id: i32) -> Result<i32, String> {
|
||||||
|
let db = match db().await {
|
||||||
|
Ok(handle) => handle,
|
||||||
|
Err(e) => return Err(e),
|
||||||
|
};
|
||||||
|
|
||||||
|
let now = Local::now().to_utc();
|
||||||
|
|
||||||
|
let result = sqlx::query!(
|
||||||
|
"insert into session (session_person_id, session_created_at) values
|
||||||
|
($1, $2) returning session_id",
|
||||||
|
person_id,
|
||||||
|
now,
|
||||||
|
)
|
||||||
|
.fetch_one(db)
|
||||||
|
.await;
|
||||||
|
|
||||||
|
match result {
|
||||||
|
Ok(r) => Ok(r.session_id),
|
||||||
|
Err(reason) => return Err(format!("{:?}", reason)),
|
||||||
|
}
|
||||||
|
}
|
@ -3,26 +3,61 @@ use rocket::{
|
|||||||
request::{FromRequest, Outcome, Request},
|
request::{FromRequest, Outcome, Request},
|
||||||
};
|
};
|
||||||
|
|
||||||
/// Name of the header that stores the session ID of an user
|
use super::session::check_session;
|
||||||
const RS_SESSION_ID: &str = "x-rs-session-id";
|
|
||||||
|
|
||||||
pub struct User {}
|
/// Name of the header that stores the session ID of an user
|
||||||
|
pub const RS_SESSION_ID: &str = "x-rs-session-id";
|
||||||
|
|
||||||
|
pub struct Person {
|
||||||
|
pub person_id: i32,
|
||||||
|
}
|
||||||
|
|
||||||
#[rocket::async_trait]
|
#[rocket::async_trait]
|
||||||
impl<'r> FromRequest<'r> for User {
|
impl<'r> FromRequest<'r> for Person {
|
||||||
type Error = String;
|
type Error = String;
|
||||||
|
|
||||||
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||||||
let session_cookie = req.cookies().get_private(RS_SESSION_ID);
|
let session_cookie = req.cookies().get_private(RS_SESSION_ID);
|
||||||
|
|
||||||
let _session_cookie = match session_cookie {
|
let session_cookie = match session_cookie {
|
||||||
Some(cookie) => cookie.value().to_string(),
|
Some(cookie) => cookie.value().to_string(),
|
||||||
None => return Outcome::Forward(Status::Unauthorized),
|
None => {
|
||||||
|
// remove cookie
|
||||||
|
req.cookies().remove_private(RS_SESSION_ID);
|
||||||
|
return Outcome::Forward(Status::Unauthorized);
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
// Check if session cookie is valid
|
// Check if session cookie is valid
|
||||||
// TODO
|
// TODO
|
||||||
|
// If the session cookie is not valid,
|
||||||
|
// remove it and forward to login
|
||||||
|
|
||||||
Outcome::Success(User {})
|
let session_id: i32 = match session_cookie.parse() {
|
||||||
|
Ok(v) => v,
|
||||||
|
Err(e) => {
|
||||||
|
// remove cookie
|
||||||
|
req.cookies().remove_private(RS_SESSION_ID);
|
||||||
|
log::error!(
|
||||||
|
"Error converting session_id to i32 ({}):\n{:?}",
|
||||||
|
session_cookie,
|
||||||
|
e
|
||||||
|
);
|
||||||
|
return Outcome::Error((
|
||||||
|
Status::Unauthorized,
|
||||||
|
"Invalid session id: not a number".into(),
|
||||||
|
));
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
match check_session(session_id).await {
|
||||||
|
Ok(person_id) => Outcome::Success(Person { person_id }),
|
||||||
|
Err(reason) => {
|
||||||
|
// remove cookie
|
||||||
|
req.cookies().remove_private(RS_SESSION_ID);
|
||||||
|
log::info!("session check fail: {}", reason);
|
||||||
|
Outcome::Forward(Status::Unauthorized)
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -8,12 +8,15 @@ pub fn login() -> Markup {
|
|||||||
"Jerguero"
|
"Jerguero"
|
||||||
}
|
}
|
||||||
div class="flex items-center h-screen w-full" {
|
div class="flex items-center h-screen w-full" {
|
||||||
div class="container mx-auto" {
|
div class="container mx-auto" "hx-ext"="response-targets" {
|
||||||
p class="my-4 p-2 rounded bg-c-bg-2 text-c-on-bg" {
|
p class="my-4 p-2 rounded bg-c-bg-2 text-c-on-bg" {
|
||||||
"¡Iniciá sesión para comenzar a crear definiciones!"
|
"¡Iniciá sesión para comenzar a crear definiciones!"
|
||||||
}
|
}
|
||||||
form class="my-4 py-4 px-2 rounded bg-c-bg-2 text-c-on-bg"
|
form class="my-4 py-4 px-2 rounded bg-c-bg-2 text-c-on-bg"
|
||||||
"hx-post"="/login"
|
"hx-post"="/login"
|
||||||
|
"hx-swap"="innerHTML"
|
||||||
|
"hx-target"="#login-result"
|
||||||
|
"hx-target-error"="#login-result-error"
|
||||||
{
|
{
|
||||||
div class="py-2" {
|
div class="py-2" {
|
||||||
label class="text-sm opacity-85" for="login-email" {"Correo electronico:"}
|
label class="text-sm opacity-85" for="login-email" {"Correo electronico:"}
|
||||||
@ -49,7 +52,11 @@ pub fn login() -> Markup {
|
|||||||
"Iniciar sesión"
|
"Iniciar sesión"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
div id="login-result" class="text-center pt-2" {}
|
||||||
|
div id="login-result-error" class="text-center pt-2 text-red-400" {}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
@ -24,6 +24,7 @@ pub fn skeleton(body: Markup) -> Markup {
|
|||||||
// htmx
|
// htmx
|
||||||
script src="https://unpkg.com/htmx.org@2.0.0" {}
|
script src="https://unpkg.com/htmx.org@2.0.0" {}
|
||||||
script src="https://unpkg.com/htmx-ext-loading-states@2.0.0/loading-states.js" {}
|
script src="https://unpkg.com/htmx-ext-loading-states@2.0.0/loading-states.js" {}
|
||||||
|
script src="https://unpkg.com/htmx-ext-response-targets@2.0.0/response-targets.js" {}
|
||||||
// hyperscript
|
// hyperscript
|
||||||
script src="https://unpkg.com/hyperscript.org@0.9.12" defer {}
|
script src="https://unpkg.com/hyperscript.org@0.9.12" defer {}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user