ITsolved/rezervovator
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implemented user menu. Replaced favicon with app logo.

Browse Source
This commit is contained in:
Josef Rokos
2023-09-27 11:36:52 +02:00
parent 17f628739f
commit 2122b3a4f7
16 changed files with 466 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/backend/data.rs
+54
View File
@@ -37,6 +37,7 @@ pub struct User {
pub login: String,
pub password: String,
pub full_name: Option<String>,
#[validate(email(message = "Enter valid email address"))]
pub email: Option<String>,
pub admin: bool,
pub get_emails: bool,
@@ -48,6 +49,59 @@ impl User {
}
}
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq, Validate, Default)]
pub struct UserProfile {
login: String,
full_name: String,
#[validate(email(message = "Enter valid email address"))]
email: String,
get_emails: Option<String>
}
impl UserProfile {
pub fn login(&self) -> &str {
&self.login
}
pub fn full_name(&self) -> &str {
&self.full_name
}
pub fn email(&self) -> &str {
&self.email
}
pub fn get_emails(&self) -> bool {
self.get_emails.is_some()
}
}
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq, Validate, Default)]
pub struct PwdChange {
login: String,
old_password: String,
#[validate(length(min = 1, message = "Enter new password"),
must_match(other = "password_ver", message = "Passwords doesn't match"))]
password: String,
password_ver: String
}
impl PwdChange {
pub fn login(&self) -> &str {
&self.login
}
pub fn old_password(&self) -> &str {
&self.old_password
}
pub fn password(&self) -> &str {
&self.password
}
pub fn password_ver(&self) -> &str {
&self.password_ver
}
}
/*pub struct Property {
id: u16,
name: String,
src/backend/mod.rs
+17
View File
@@ -21,6 +21,23 @@ macro_rules! perm_check {
}
}
#[macro_export]
macro_rules! user_check {
($check:expr) => {
use crate::perm_check;
use crate::backend::user::logged_in_user;
perm_check!(is_logged_in);
if logged_in_user().await.unwrap_or(User::default()).login != $check {
let response = expect_context::<ResponseOptions>();
response.set_status(StatusCode::FORBIDDEN);
return Ok(ApiResponse::Error("You can change your own profile only".to_string()))
}
}
}
cfg_if!{
if #[cfg(feature = "ssr")] {
use sqlx::PgPool;
src/backend/user.rs
+70 -7
View File
@@ -1,11 +1,11 @@
use cfg_if::cfg_if;
use leptos::*;
use crate::backend::data::{ApiResponse, PwdChange, User, UserProfile};
cfg_if! { if #[cfg(feature = "ssr")] {
use sqlx::{query_as, Error, PgPool, query};
use actix_session::*;
use leptos_actix::{extract, redirect};
use crate::backend::data::User;
pub async fn has_admin_user(pool: &PgPool) -> Result<bool, Error> {
let count: (i64,) = query_as(r#"SELECT COUNT(id) FROM "user" WHERE admin = $1"#)
@@ -57,27 +57,32 @@ cfg_if! { if #[cfg(feature = "ssr")] {
}}
#[server(Login, "/api")]
pub async fn login(username: String, password: String) -> Result<(), ServerFnError> {
pub async fn login(username: String, password: String) -> Result<ApiResponse<()>, ServerFnError> {
use crate::backend::AppData;
use actix_session::*;
use actix_web::web::Data;
use leptos_actix::extract;
use actix_web::http::StatusCode;
use leptos_actix::ResponseOptions;
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
let user = user_from_login(&pool, &username).await?;
let user = user_from_login(&pool, &username).await.unwrap_or(User::default());
if pwhash::bcrypt::verify(password, &user.password) {
if !user.login.is_empty() && pwhash::bcrypt::verify(password, &user.password) {
extract(|session: Session| async move {
let _ = session.insert("user", user);
})
.await?;
redirect("/admin");
return Ok(());
return Ok(ApiResponse::Data(()));
}
Err(ServerFnError::ServerError("Bad login".to_string()))
let response = expect_context::<ResponseOptions>();
response.set_status(StatusCode::UNAUTHORIZED);
return Ok(ApiResponse::Error("Bad username or password".to_string()))
}
#[server]
@@ -87,7 +92,6 @@ pub async fn logout() -> Result<(), ServerFnError> {
}).await?;
redirect("/login");
Ok(())
}
@@ -99,4 +103,63 @@ pub async fn auth_check() -> Result<bool, ServerFnError> {
#[server]
pub async fn admin_check() -> Result<bool, ServerFnError> {
Ok(is_admin().await)
}
#[server]
pub async fn get_user() -> Result<Option<User>, ServerFnError> {
Ok(logged_in_user().await)
}
#[server]
pub async fn update_profile(user: UserProfile) -> Result<ApiResponse<()>, ServerFnError> {
use crate::backend::AppData;
use actix_web::web::Data;
use leptos_actix::extract;
use crate::user_check;
user_check!(user.login());
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
sqlx::query(r#"UPDATE "user" SET full_name = $1, email = $2, get_emails = $3 WHERE login = $4"#)
.bind(user.full_name())
.bind(user.email())
.bind(user.get_emails())
.bind(user.login())
.execute(&pool)
.await?;
let usr = user_from_login(&pool, user.login()).await?;
extract(|session: Session| async move {
let _ = session.insert("user", usr);
}).await?;
Ok(ApiResponse::Data(()))
}
#[server]
pub async fn change_pwd(new_pw: PwdChange) -> Result<ApiResponse<()>, ServerFnError> {
use crate::backend::AppData;
use actix_web::web::Data;
use leptos_actix::extract;
use crate::user_check;
user_check!(new_pw.login());
let pool = extract(|data: Data<AppData>| async move { data.db_pool().clone() }).await?;
let usr = user_from_login(&pool, new_pw.login()).await?;
if !pwhash::bcrypt::verify(new_pw.old_password(), &usr.password) {
let response = expect_context::<ResponseOptions>();
response.set_status(StatusCode::UNAUTHORIZED);
return Ok(ApiResponse::Error("Invalid old password".to_string()))
}
sqlx::query(r#"UPDATE "user" SET password = $1 WHERE login = $2"#)
.bind(pwhash::bcrypt::hash(new_pw.password()).unwrap())
.bind(new_pw.login())
.execute(&pool)
.await?;
Ok(ApiResponse::Data(()))
}