// CSRF protection // https://github.com/heartsucker/iron-csrf extern crate iron; #[macro_use] extern crate log; #[macro_use] extern crate router; extern crate env_logger; #[macro_use] extern crate horrorshow; extern crate systemhttp; extern crate iron_sessionstorage; use iron_sessionstorage::traits::*; use iron_sessionstorage::SessionStorage; use iron_sessionstorage::backends::SignedCookieBackend; use iron::status; use iron::modifiers::Header; use iron::headers::ContentType; use iron::{Iron, Request, IronResult, Response, Chain}; use router::Router; use horrorshow::prelude::*; use horrorshow::Raw; use systemhttp::systemd::unit; struct Aaa(String); impl iron_sessionstorage::Value for Aaa { fn get_key() -> &'static str { "aaa" } fn into_raw(self) -> String { self.0 } fn from_raw(v: String) -> Option { Some(Aaa(v)) } } fn render_message(message: &str, units: &[unit::Unit]) -> String { (html!{ : Raw(""); html { head { title: "Title"; } body { p { : message } h1 { : "Units" } ol { @ for unit in units { li { : &unit.name } } } } } }) .into_string() .unwrap() } fn hello(r: &mut Request) -> IronResult { let mut session_value = match try!(r.session().get::()) { Some(aaa) => aaa, None => Aaa("".to_owned()), }; let name = r.extensions .get::() .unwrap() .find("name") .unwrap_or("World").to_owned(); let units = unit::get_units().unwrap(); let res = Ok(Response::with((status::Ok, Header(ContentType::html()), render_message(&format!("Hello, {} ({})", name, session_value.0), &units)))); info!("Updating session value. Current value: {}", session_value.0); session_value.0.push('a'); try!(r.session().set(session_value)); res } fn main() { env_logger::init().unwrap(); let secret = b"secret2".to_vec(); let router = router!( root: get "/" => hello, name: get "/:name" => hello); let mut chain = Chain::new(router); chain.link_around(SessionStorage::new(SignedCookieBackend::new(secret))); let _server = Iron::new(chain).http(":::8080").unwrap(); println!("On 8080"); }