diff options
Diffstat (limited to 'server/src/routes/ui')
| -rw-r--r-- | server/src/routes/ui/account/mod.rs | 32 | ||||
| -rw-r--r-- | server/src/routes/ui/layout.rs | 3 | ||||
| -rw-r--r-- | server/src/routes/ui/node.rs | 5 |
3 files changed, 27 insertions, 13 deletions
diff --git a/server/src/routes/ui/account/mod.rs b/server/src/routes/ui/account/mod.rs index 9007558..8e6d054 100644 --- a/server/src/routes/ui/account/mod.rs +++ b/server/src/routes/ui/account/mod.rs @@ -24,6 +24,7 @@ use rocket::{ response::Redirect, uri, FromForm, State, }; +use serde::{Deserialize, Serialize}; #[derive(FromForm)] pub struct RegisterForm { @@ -57,7 +58,7 @@ pub async fn r_account_register() -> DynLayoutPage<'static> { } } -#[derive(FromForm)] +#[derive(FromForm, Serialize, Deserialize)] pub struct LoginForm { #[field(validate = len(4..32))] pub username: String, @@ -147,12 +148,29 @@ pub fn r_account_login_post( None => return Err(format_form_error(form)), }; + login_logic(jar, database, &form.username, &form.password)?; + + Ok(Redirect::found(uri!(r_home()))) +} + +#[post("/account/logout")] +pub fn r_account_logout_post(jar: &CookieJar) -> MyResult<Redirect> { + jar.remove_private(Cookie::named("user")); + Ok(Redirect::found(uri!(r_home()))) +} + +pub fn login_logic( + jar: &CookieJar, + database: &Database, + username: &str, + password: &str, +) -> MyResult<()> { // hashing the password regardless if the accounts exists to prevent timing attacks - let password = hash_password(&form.username, &form.password); + let password = hash_password(username, password); let user = database .users - .get(&form.username)? + .get(&username.to_string())? .ok_or(anyhow!("invalid password"))?; if user.password != password { @@ -168,13 +186,7 @@ pub fn r_account_login_post( .finish(), ); - Ok(Redirect::found(uri!(r_home()))) -} - -#[post("/account/logout")] -pub fn r_account_logout_post(jar: &CookieJar) -> MyResult<Redirect> { - jar.remove_private(Cookie::named("user")); - Ok(Redirect::found(uri!(r_home()))) + Ok(()) } pub fn format_form_error<T>(form: Form<Contextual<T>>) -> MyError { diff --git a/server/src/routes/ui/layout.rs b/server/src/routes/ui/layout.rs index 0d4e1ef..bc01c2e 100644 --- a/server/src/routes/ui/layout.rs +++ b/server/src/routes/ui/layout.rs @@ -38,10 +38,11 @@ markup::define! { div.account { @if let Some(session) = session { - span { "Logged in as " a[href=uri!(r_account_settings())] { @session.user.display_name } } + span { "Logged in as " @session.user.display_name } @if session.user.admin { a[href=uri!(r_account_admin_dashboard())] { "Administration" } } + a[href=uri!(r_account_settings())] { "Settings" } a[href=uri!(r_account_logout())] { "Log out" } } else { a[href=uri!(r_account_register())] { "Register" } diff --git a/server/src/routes/ui/node.rs b/server/src/routes/ui/node.rs index dd98a61..ad44410 100644 --- a/server/src/routes/ui/node.rs +++ b/server/src/routes/ui/node.rs @@ -43,11 +43,11 @@ markup::define! { } } DirectoryCard(dir: Arc<Directory>) { - div.card.dir { a[href=&uri!(r_library_node(&dir.lib_path)).to_string()] { @dir.data.name } } + div.card.dir { a[href=&uri!(r_library_node(&dir.lib_path)).to_string()] { @dir.info.name } } } DirectoryPage(dir: Arc<Directory>) { div.page.dir { - h1 { @dir.data.name } + h1 { @dir.info.name } ul.directorylisting { @for el in &dir.children { li { @match el.deref().to_owned() { @@ -82,6 +82,7 @@ markup::define! { } div.title { h1 { @item.info.title } + // TODO release date, duration, ratings a.play[href=&player_uri(&item.lib_path)] { "Watch now" } } div.details { |