added api

3 files changed, 27 insertions, 13 deletions

diff --git a/server/src/routes/ui/account/mod.rs b/server/src/routes/ui/account/mod.rs
index 9007558..8e6d054 100644
--- a/server/src/routes/ui/account/mod.rs
+++ b/server/src/routes/ui/account/mod.rs
@@ -24,6 +24,7 @@ use rocket::{
     response::Redirect,
     uri, FromForm, State,
 };
+use serde::{Deserialize, Serialize};
 
 #[derive(FromForm)]
 pub struct RegisterForm {
@@ -57,7 +58,7 @@ pub async fn r_account_register() -> DynLayoutPage<'static> {
     }
 }
 
-#[derive(FromForm)]
+#[derive(FromForm, Serialize, Deserialize)]
 pub struct LoginForm {
     #[field(validate = len(4..32))]
     pub username: String,
@@ -147,12 +148,29 @@ pub fn r_account_login_post(
         None => return Err(format_form_error(form)),
     };
 
+    login_logic(jar, database, &form.username, &form.password)?;
+
+    Ok(Redirect::found(uri!(r_home())))
+}
+
+#[post("/account/logout")]
+pub fn r_account_logout_post(jar: &CookieJar) -> MyResult<Redirect> {
+    jar.remove_private(Cookie::named("user"));
+    Ok(Redirect::found(uri!(r_home())))
+}
+
+pub fn login_logic(
+    jar: &CookieJar,
+    database: &Database,
+    username: &str,
+    password: &str,
+) -> MyResult<()> {
     // hashing the password regardless if the accounts exists to prevent timing attacks
-    let password = hash_password(&form.username, &form.password);
+    let password = hash_password(username, password);
 
     let user = database
         .users
-        .get(&form.username)?
+        .get(&username.to_string())?
         .ok_or(anyhow!("invalid password"))?;
 
     if user.password != password {
@@ -168,13 +186,7 @@ pub fn r_account_login_post(
         .finish(),
     );
 
-    Ok(Redirect::found(uri!(r_home())))
-}
-
-#[post("/account/logout")]
-pub fn r_account_logout_post(jar: &CookieJar) -> MyResult<Redirect> {
-    jar.remove_private(Cookie::named("user"));
-    Ok(Redirect::found(uri!(r_home())))
+    Ok(())
 }
 
 pub fn format_form_error<T>(form: Form<Contextual<T>>) -> MyError {
diff --git a/server/src/routes/ui/layout.rs b/server/src/routes/ui/layout.rs
index 0d4e1ef..bc01c2e 100644
--- a/server/src/routes/ui/layout.rs
+++ b/server/src/routes/ui/layout.rs
@@ -38,10 +38,11 @@ markup::define! {
 
                     div.account {
                         @if let Some(session) = session {
-                            span { "Logged in as " a[href=uri!(r_account_settings())] { @session.user.display_name } }
+                            span { "Logged in as " @session.user.display_name }
                             @if session.user.admin {
                                 a[href=uri!(r_account_admin_dashboard())] { "Administration" }
                             }
+                            a[href=uri!(r_account_settings())] { "Settings" }
                             a[href=uri!(r_account_logout())] { "Log out" }
                         } else {
                             a[href=uri!(r_account_register())] { "Register" }
diff --git a/server/src/routes/ui/node.rs b/server/src/routes/ui/node.rs
index dd98a61..ad44410 100644
--- a/server/src/routes/ui/node.rs
+++ b/server/src/routes/ui/node.rs
@@ -43,11 +43,11 @@ markup::define! {
         }
     }
     DirectoryCard(dir: Arc<Directory>) {
-        div.card.dir { a[href=&uri!(r_library_node(&dir.lib_path)).to_string()] { @dir.data.name } }
+        div.card.dir { a[href=&uri!(r_library_node(&dir.lib_path)).to_string()] { @dir.info.name } }
     }
     DirectoryPage(dir: Arc<Directory>) {
         div.page.dir {
-            h1 { @dir.data.name }
+            h1 { @dir.info.name }
             ul.directorylisting {
                 @for el in &dir.children {
                     li { @match el.deref().to_owned() {
@@ -82,6 +82,7 @@ markup::define! {
             }
             div.title {
                 h1 { @item.info.title }
+                // TODO release date, duration, ratings
                 a.play[href=&player_uri(&item.lib_path)] { "Watch now" }
             }
             div.details {