Adds "working" signup and success page, from front-end
branch.
This commit is contained in:
commit
a615119afc
11 changed files with 252 additions and 74 deletions
1
.env
Normal file
1
.env
Normal file
|
@ -0,0 +1 @@
|
||||||
|
DATABASE_URL=sqlite://${HOME}/.witch-watch.db
|
7
Cargo.lock
generated
7
Cargo.lock
generated
|
@ -2447,6 +2447,12 @@ dependencies = [
|
||||||
"percent-encoding",
|
"percent-encoding",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "urlencoding"
|
||||||
|
version = "2.1.2"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "e8db7427f936968176eaa7cdf81b7f98b980b18495ec28f1b5791ac3bfe3eea9"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "uuid"
|
name = "uuid"
|
||||||
version = "0.8.2"
|
version = "0.8.2"
|
||||||
|
@ -2793,6 +2799,7 @@ dependencies = [
|
||||||
"tracing",
|
"tracing",
|
||||||
"tracing-subscriber",
|
"tracing-subscriber",
|
||||||
"unicode-segmentation",
|
"unicode-segmentation",
|
||||||
|
"urlencoding",
|
||||||
"uuid 1.3.1",
|
"uuid 1.3.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
|
@ -23,3 +23,4 @@ justerror = "1.1.0"
|
||||||
password-hash = { version = "0.5.0", features = ["std", "getrandom"] }
|
password-hash = { version = "0.5.0", features = ["std", "getrandom"] }
|
||||||
axum-login = { version = "0.5.0", features = ["sqlite", "sqlx"] }
|
axum-login = { version = "0.5.0", features = ["sqlite", "sqlx"] }
|
||||||
unicode-segmentation = "1.10.1"
|
unicode-segmentation = "1.10.1"
|
||||||
|
urlencoding = "2.1.2"
|
||||||
|
|
|
@ -3,4 +3,5 @@ extern crate justerror;
|
||||||
|
|
||||||
pub mod db;
|
pub mod db;
|
||||||
pub mod handlers;
|
pub mod handlers;
|
||||||
|
pub(crate) mod templates;
|
||||||
pub mod users;
|
pub mod users;
|
||||||
|
|
15
src/main.rs
15
src/main.rs
|
@ -2,7 +2,10 @@ use std::net::SocketAddr;
|
||||||
|
|
||||||
use axum::{routing::get, Router};
|
use axum::{routing::get, Router};
|
||||||
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
|
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
|
||||||
use witch_watch::{db, handlers};
|
use witch_watch::{
|
||||||
|
db,
|
||||||
|
users::{get_create_user, handle_signup_success, post_create_user},
|
||||||
|
};
|
||||||
|
|
||||||
#[tokio::main]
|
#[tokio::main]
|
||||||
async fn main() {
|
async fn main() {
|
||||||
|
@ -16,16 +19,12 @@ async fn main() {
|
||||||
|
|
||||||
let pool = db::get_pool().await;
|
let pool = db::get_pool().await;
|
||||||
|
|
||||||
let _ = witch_watch::users::create_user("joe", &None, &None, &[], &pool)
|
|
||||||
.await
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
// build our application with some routes
|
// build our application with some routes
|
||||||
use handlers::*;
|
|
||||||
let app = Router::new()
|
let app = Router::new()
|
||||||
|
.route("/signup", get(get_create_user).post(post_create_user))
|
||||||
.route(
|
.route(
|
||||||
"/",
|
"/signup_success/:id",
|
||||||
get(using_connection_pool_extractor).post(using_connection_extractor),
|
get(handle_signup_success).post(handle_signup_success),
|
||||||
)
|
)
|
||||||
.with_state(pool);
|
.with_state(pool);
|
||||||
|
|
||||||
|
|
|
@ -1,35 +0,0 @@
|
||||||
use askama::Template;
|
|
||||||
use axum::{
|
|
||||||
extract,
|
|
||||||
http::StatusCode,
|
|
||||||
response::{Html, IntoResponse, Response},
|
|
||||||
};
|
|
||||||
|
|
||||||
pub(crate) async fn greet(extract::Path(name): extract::Path<String>) -> impl IntoResponse {
|
|
||||||
let template = HelloTemplate { name };
|
|
||||||
HtmlTemplate(template)
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Template)]
|
|
||||||
#[template(path = "hello.html")]
|
|
||||||
struct HelloTemplate {
|
|
||||||
name: String,
|
|
||||||
}
|
|
||||||
|
|
||||||
struct HtmlTemplate<T>(T);
|
|
||||||
|
|
||||||
impl<T> IntoResponse for HtmlTemplate<T>
|
|
||||||
where
|
|
||||||
T: Template,
|
|
||||||
{
|
|
||||||
fn into_response(self) -> Response {
|
|
||||||
match self.0.render() {
|
|
||||||
Ok(html) => Html(html).into_response(),
|
|
||||||
Err(err) => (
|
|
||||||
StatusCode::INTERNAL_SERVER_ERROR,
|
|
||||||
format!("Failed to render template. Error: {}", err),
|
|
||||||
)
|
|
||||||
.into_response(),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
12
src/templates.rs
Normal file
12
src/templates.rs
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
use askama::Template;
|
||||||
|
use serde::Deserialize;
|
||||||
|
|
||||||
|
#[derive(Debug, Default, Template, Deserialize)]
|
||||||
|
#[template(path = "signup.html")]
|
||||||
|
pub struct CreateUser {
|
||||||
|
pub username: String,
|
||||||
|
pub displayname: Option<String>,
|
||||||
|
pub email: Option<String>,
|
||||||
|
pub password: String,
|
||||||
|
pub pw_verify: String,
|
||||||
|
}
|
197
src/users.rs
197
src/users.rs
|
@ -1,57 +1,177 @@
|
||||||
|
use std::fmt::Display;
|
||||||
|
|
||||||
use argon2::{
|
use argon2::{
|
||||||
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
|
password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString},
|
||||||
Argon2,
|
Argon2,
|
||||||
};
|
};
|
||||||
use sqlx::{error::DatabaseError, Sqlite, SqlitePool};
|
use askama::Template;
|
||||||
use tracing::log::log;
|
use axum::{
|
||||||
|
extract::{Form, Path, State},
|
||||||
|
http::StatusCode,
|
||||||
|
response::{IntoResponse, Response},
|
||||||
|
};
|
||||||
|
use sqlx::{sqlite::SqliteRow, Row, SqlitePool};
|
||||||
use unicode_segmentation::UnicodeSegmentation;
|
use unicode_segmentation::UnicodeSegmentation;
|
||||||
use uuid::Uuid;
|
use uuid::Uuid;
|
||||||
|
|
||||||
|
use crate::templates::CreateUser;
|
||||||
|
|
||||||
const CREATE_QUERY: &str =
|
const CREATE_QUERY: &str =
|
||||||
"insert into witches (id, username, displayname, email, pwhash) values ($1, $2, $3, $4, $5)";
|
"insert into witches (id, username, displayname, email, pwhash) values ($1, $2, $3, $4, $5)";
|
||||||
|
|
||||||
|
const ID_QUERY: &str = "select * from witches where id = $1";
|
||||||
|
|
||||||
|
#[derive(Debug, Default, Clone, PartialEq, Eq)]
|
||||||
pub struct User {
|
pub struct User {
|
||||||
id: Uuid,
|
id: Uuid,
|
||||||
username: String,
|
username: String,
|
||||||
displayname: Option<String>,
|
displayname: Option<String>,
|
||||||
email: Option<String>,
|
email: Option<String>,
|
||||||
|
last_seen: Option<i64>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Clone, sqlx::FromRow, sqlx::Encode)]
|
impl Display for User {
|
||||||
pub(crate) struct DbUser {
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
|
||||||
id: Uuid,
|
let uname = &self.username;
|
||||||
username: String,
|
let dname = if let Some(ref n) = self.displayname {
|
||||||
displayname: Option<String>,
|
n
|
||||||
email: Option<String>,
|
} else {
|
||||||
last_seen: Option<u64>,
|
""
|
||||||
pwhash: String,
|
};
|
||||||
}
|
let email = if let Some(ref e) = self.email { e } else { "" };
|
||||||
|
write!(f, "Username: {uname}\nDisplayname: {dname}\nEmail: {email}")
|
||||||
impl From<DbUser> for User {
|
|
||||||
fn from(dbu: DbUser) -> Self {
|
|
||||||
User {
|
|
||||||
id: dbu.id,
|
|
||||||
username: dbu.username,
|
|
||||||
displayname: dbu.displayname,
|
|
||||||
email: dbu.email,
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn create_user(
|
#[derive(Debug, Clone, Template)]
|
||||||
username: &str,
|
#[template(path = "signup_success.html")]
|
||||||
displayname: &Option<String>,
|
pub struct CreateUserSuccess(User);
|
||||||
email: &Option<String>,
|
|
||||||
password: &[u8],
|
impl sqlx::FromRow<'_, SqliteRow> for User {
|
||||||
pool: &SqlitePool,
|
fn from_row(row: &SqliteRow) -> Result<Self, sqlx::Error> {
|
||||||
) -> Result<User, CreateUserError> {
|
let bytes: Vec<u8> = row.get("id");
|
||||||
|
let bytes = bytes.as_slice();
|
||||||
|
let bytes: [u8; 16] = bytes.try_into().unwrap();
|
||||||
|
let id = Uuid::from_bytes_le(bytes);
|
||||||
|
let username: String = row.get("username");
|
||||||
|
let displayname: Option<String> = row.get("displayname");
|
||||||
|
let last_seen: Option<i64> = row.get("last_seen");
|
||||||
|
let email: Option<String> = row.get("email");
|
||||||
|
|
||||||
|
Ok(Self {
|
||||||
|
id,
|
||||||
|
username,
|
||||||
|
displayname,
|
||||||
|
email,
|
||||||
|
last_seen,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Get Handler: displays the form to create a user
|
||||||
|
pub async fn get_create_user() -> CreateUser {
|
||||||
|
CreateUser::default()
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Post Handler: validates form values and calls the actual, private user
|
||||||
|
/// creation function
|
||||||
|
#[axum::debug_handler]
|
||||||
|
pub async fn post_create_user(
|
||||||
|
State(pool): State<SqlitePool>,
|
||||||
|
Form(signup): Form<CreateUser>,
|
||||||
|
) -> Result<Response, CreateUserError> {
|
||||||
|
let username = &signup.username;
|
||||||
|
let displayname = &signup.displayname;
|
||||||
|
let email = &signup.email;
|
||||||
|
let password = &signup.password;
|
||||||
|
let verify = &signup.pw_verify;
|
||||||
let username = username.trim();
|
let username = username.trim();
|
||||||
|
|
||||||
let name_len = username.graphemes(true).size_hint().1.unwrap();
|
let name_len = username.graphemes(true).size_hint().1.unwrap();
|
||||||
// we are not ascii exclusivists around here
|
// we are not ascii exclusivists around here
|
||||||
if !(1..=20).contains(&name_len) {
|
if !(1..=20).contains(&name_len) {
|
||||||
return Err(CreateUserErrorKind::BadUsername.into());
|
return Err(CreateUserErrorKind::BadUsername.into());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if let Some(ref dn) = displayname {
|
||||||
|
if dn.len() > 50 {
|
||||||
|
return Err(CreateUserErrorKind::BadDisplayname.into());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if password != verify {
|
||||||
|
return Err(CreateUserErrorKind::PasswordMismatch.into());
|
||||||
|
}
|
||||||
|
|
||||||
|
let password = urlencoding::decode(password)
|
||||||
|
.map_err(|_| CreateUserErrorKind::BadPassword)?
|
||||||
|
.to_string();
|
||||||
|
let password = password.as_bytes();
|
||||||
|
|
||||||
|
let displayname = if let Some(dn) = displayname {
|
||||||
|
let dn = urlencoding::decode(dn)
|
||||||
|
.map_err(|_| CreateUserErrorKind::BadDisplayname)?
|
||||||
|
.to_string();
|
||||||
|
Some(dn)
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
};
|
||||||
|
let displayname = &displayname;
|
||||||
|
|
||||||
|
// TODO(2023-05-17): validate email
|
||||||
|
let email = if let Some(email) = email {
|
||||||
|
let email = urlencoding::decode(email)
|
||||||
|
.map_err(|_| CreateUserErrorKind::BadEmail)?
|
||||||
|
.to_string();
|
||||||
|
Some(email)
|
||||||
|
} else {
|
||||||
|
None
|
||||||
|
};
|
||||||
|
let email = &email;
|
||||||
|
|
||||||
|
let user = create_user(username, displayname, email, password, &pool).await?;
|
||||||
|
tracing::debug!("created {user:?}");
|
||||||
|
let id = user.id.simple().to_string();
|
||||||
|
let location = format!("/signup_success/{id}");
|
||||||
|
|
||||||
|
let resp = axum::response::Redirect::temporary(&location).into_response();
|
||||||
|
|
||||||
|
Ok(resp)
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Get handler for successful signup
|
||||||
|
pub async fn handle_signup_success(
|
||||||
|
Path(id): Path<String>,
|
||||||
|
State(pool): State<SqlitePool>,
|
||||||
|
) -> Response {
|
||||||
|
let user: User = {
|
||||||
|
let id = id;
|
||||||
|
let id = Uuid::try_parse(&id).unwrap_or_default();
|
||||||
|
let id_bytes = id.to_bytes_le();
|
||||||
|
sqlx::query_as(ID_QUERY)
|
||||||
|
.bind(id_bytes.as_slice())
|
||||||
|
.fetch_one(&pool)
|
||||||
|
.await
|
||||||
|
.unwrap_or_default()
|
||||||
|
};
|
||||||
|
|
||||||
|
let mut resp = CreateUserSuccess(user.clone()).into_response();
|
||||||
|
|
||||||
|
if user.username.is_empty() {
|
||||||
|
// redirect to front page if we got here without a valid witch header
|
||||||
|
*resp.status_mut() = StatusCode::TEMPORARY_REDIRECT;
|
||||||
|
resp.headers_mut().insert("Location", "/".parse().unwrap());
|
||||||
|
}
|
||||||
|
resp
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn create_user(
|
||||||
|
username: &str,
|
||||||
|
displayname: &Option<String>,
|
||||||
|
email: &Option<String>,
|
||||||
|
password: &[u8],
|
||||||
|
pool: &SqlitePool,
|
||||||
|
) -> Result<User, CreateUserError> {
|
||||||
// Argon2 with default params (Argon2id v19)
|
// Argon2 with default params (Argon2id v19)
|
||||||
let argon2 = Argon2::default();
|
let argon2 = Argon2::default();
|
||||||
let salt = SaltString::generate(&mut OsRng);
|
let salt = SaltString::generate(&mut OsRng);
|
||||||
|
@ -79,6 +199,7 @@ pub async fn create_user(
|
||||||
username: username.to_string(),
|
username: username.to_string(),
|
||||||
displayname: displayname.to_owned(),
|
displayname: displayname.to_owned(),
|
||||||
email: email.to_owned(),
|
email: email.to_owned(),
|
||||||
|
last_seen: None,
|
||||||
};
|
};
|
||||||
Ok(user)
|
Ok(user)
|
||||||
}
|
}
|
||||||
|
@ -89,13 +210,13 @@ pub async fn create_user(
|
||||||
if exit == 2067u32 || exit == 1555 {
|
if exit == 2067u32 || exit == 1555 {
|
||||||
Err(CreateUserErrorKind::AlreadyExists.into())
|
Err(CreateUserErrorKind::AlreadyExists.into())
|
||||||
} else {
|
} else {
|
||||||
Err(CreateUserErrorKind::Unknown.into())
|
Err(CreateUserErrorKind::UnknownDBError.into())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
Err(CreateUserErrorKind::Unknown.into())
|
Err(CreateUserErrorKind::UnknownDBError.into())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
_ => Err(CreateUserErrorKind::Unknown.into()),
|
_ => Err(CreateUserErrorKind::UnknownDBError.into()),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -103,6 +224,17 @@ pub async fn create_user(
|
||||||
#[non_exhaustive]
|
#[non_exhaustive]
|
||||||
pub struct CreateUserError(#[from] CreateUserErrorKind);
|
pub struct CreateUserError(#[from] CreateUserErrorKind);
|
||||||
|
|
||||||
|
impl IntoResponse for CreateUserError {
|
||||||
|
fn into_response(self) -> askama_axum::Response {
|
||||||
|
match self.0 {
|
||||||
|
CreateUserErrorKind::UnknownDBError => {
|
||||||
|
(StatusCode::INTERNAL_SERVER_ERROR, format!("{self}")).into_response()
|
||||||
|
}
|
||||||
|
_ => (StatusCode::BAD_REQUEST, format!("{self}")).into_response(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[Error]
|
#[Error]
|
||||||
#[non_exhaustive]
|
#[non_exhaustive]
|
||||||
pub enum CreateUserErrorKind {
|
pub enum CreateUserErrorKind {
|
||||||
|
@ -110,6 +242,9 @@ pub enum CreateUserErrorKind {
|
||||||
#[error(desc = "Usernames must be between 1 and 20 non-whitespace characters long")]
|
#[error(desc = "Usernames must be between 1 and 20 non-whitespace characters long")]
|
||||||
BadUsername,
|
BadUsername,
|
||||||
PasswordMismatch,
|
PasswordMismatch,
|
||||||
|
BadPassword,
|
||||||
|
BadDisplayname,
|
||||||
|
BadEmail,
|
||||||
MissingFields,
|
MissingFields,
|
||||||
Unknown,
|
UnknownDBError,
|
||||||
}
|
}
|
||||||
|
|
18
templates/base.html
Normal file
18
templates/base.html
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<title>{% block title %}{{ title }} - Witch Watch{% endblock %}</title>
|
||||||
|
{% block head %}{% endblock %}
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div id="header">
|
||||||
|
{% block header %}{% endblock %}
|
||||||
|
</div>
|
||||||
|
<div id="content">
|
||||||
|
{% block content %}{% endblock %}
|
||||||
|
</div>
|
||||||
|
<div id="footer">
|
||||||
|
{% block footer %}{% endblock %}
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
23
templates/signup.html
Normal file
23
templates/signup.html
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{% extends "base.html" %}
|
||||||
|
|
||||||
|
{% block title %}Sign Up for Witch Watch, Bish{% endblock %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<p>
|
||||||
|
<form action="/signup" enctype="application/x-www-form-urlencoded" method="post">
|
||||||
|
<label for="username">Username</label>
|
||||||
|
<input type="text" name="username" id="username" minlength="1" maxlength="20" required></br>
|
||||||
|
<label for="displayname">Displayname (optional)</label>
|
||||||
|
<input type="text" name="displayname" id="displayname"></br>
|
||||||
|
<label for="email">Email (optional)</label>
|
||||||
|
<input type="text" name="email"></br>
|
||||||
|
<label for="password">Password</label>
|
||||||
|
<input type="password" name="password" id="password" required></br>
|
||||||
|
<label for="confirm_password">Confirm Password</label>
|
||||||
|
<input type="password" name="pw_verify" id="pw_verify" required></br>
|
||||||
|
<input type="submit" value="Signup">
|
||||||
|
</form>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
{% endblock %}
|
16
templates/signup_success.html
Normal file
16
templates/signup_success.html
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
{% extends "base.html" %}
|
||||||
|
|
||||||
|
{% block title %}Thanks for Signing Up for Witch Watch, Bish{% endblock %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
|
||||||
|
<h1>You did it!</h1>
|
||||||
|
|
||||||
|
<div id="signup_success"><p>
|
||||||
|
{{ self.0 }}
|
||||||
|
</p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<p>Now, head on over to <a href="/login">the login page</a> and get watchin'!</p>
|
||||||
|
|
||||||
|
{% endblock %}
|
Loading…
Reference in a new issue