From cbf64a8a5c7d748722369a2ec47c1230650d7b88 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kjetil.orbekk@gmail.com>
Date: Wed, 29 Jan 2020 20:45:21 -0500
Subject: authentication

---
 src/server.rs | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 64 insertions(+), 7 deletions(-)

(limited to 'src/server.rs')

diff --git a/src/server.rs b/src/server.rs
index 2c7baad..4f98337 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -1,17 +1,29 @@
-use rocket::config;
+use diesel::pg::PgConnection;
+use rocket::http::Cookies;
+use rocket::http::Cookie;
+use rocket::config::Config;
 use rocket::config::Environment;
 use rocket::config::Value;
+use rocket::http::Status;
+use rocket::request::Form;
+use rocket::request::FromForm;
 use rocket::response;
+use rocket::response::Redirect;
 use rocket::State;
 use rocket_contrib::templates::Template;
 use std::collections::HashMap;
 
+use crate::db;
+use crate::error::Error;
 use crate::strava;
 
 pub struct Params {
     pub base_url: String,
 }
 
+#[database("db")]
+pub struct Db(diesel::PgConnection);
+
 #[get("/")]
 fn index() -> Template {
     let mut context = HashMap::new();
@@ -20,6 +32,36 @@ fn index() -> Template {
     Template::render("index", context)
 }
 
+#[get("/login?<failed>")]
+fn login(failed: bool) -> Template {
+    let mut context = HashMap::new();
+    context.insert("parent", "layout");
+    if failed {
+        context.insert("message", "Incorrect username or password");
+    }
+    Template::render("login", context)
+}
+
+#[derive(FromForm)]
+struct LoginData {
+    username: String,
+    password: String,
+}
+
+// Request guard for logged in user: https://api.rocket.rs/v0.4/rocket/request/trait.FromRequest.html
+
+#[post("/login", data = "<data>")]
+fn login_submit(conn: Db, data: Form<LoginData>, mut cookies: Cookies) -> Result<Redirect, Error> {
+    match db::authenticate(&*conn, &data.username, &data.password) {
+        Ok(user) => {
+            cookies.add_private(Cookie::new("user", data.username.clone()));
+            Ok(Redirect::to(uri!(index).to_string()))
+        },
+        Err(Error::NotFound) => Ok(Redirect::to(uri!(login: failed = true).to_string())),
+        Err(e) => Err(e),
+    }
+}
+
 #[get("/link_strava_callback?<code>")]
 fn link_strava_callback(
     config: State<Params>,
@@ -30,8 +72,8 @@ fn link_strava_callback(
 }
 
 #[get("/link_strava")]
-fn link_strava(config: State<Params>) -> response::Redirect {
-    response::Redirect::to(format!(
+fn link_strava(config: State<Params>) -> Redirect {
+    Redirect::to(format!(
         concat!(
             "https://www.strava.com/oauth/authorize?",
             "client_id={}&",
@@ -45,15 +87,30 @@ fn link_strava(config: State<Params>) -> response::Redirect {
     ))
 }
 
-pub fn start(db_url: &str, config: Params) {
+pub fn start(db_url: &str, params: Params) {
     let mut database_config = HashMap::new();
     let mut databases = HashMap::new();
     database_config.insert("url", Value::from(db_url));
     databases.insert("db", Value::from(database_config));
 
-    rocket::ignite()
-        .manage(config)
-        .mount("/", routes![index, link_strava, link_strava_callback])
+    let config = Config::build(Environment::Development)
+        .extra("databases", databases)
+        .finalize()
+        .unwrap();
+
+    rocket::custom(config)
+        .manage(params)
+        .mount(
+            "/",
+            routes![
+                index,
+                login,
+                login_submit,
+                link_strava,
+                link_strava_callback
+            ],
+        )
         .attach(Template::fairing())
+        .attach(Db::fairing())
         .launch();
 }
-- 
cgit v1.2.3