final touches

2023-02-16 11:26:41 +01:00
parent a95445c53c
commit 6e54b29288
11 changed files with 114 additions and 32 deletions
--- a/src/rest/mod.rs
+++ b/src/rest/mod.rs
@ -14,6 +14,7 @@ use rocket::{
 };
 use rocket_dyn_templates::{context, Template};
 use sea_orm::{Database, DatabaseConnection};
+use sha3::{Digest, Sha3_256};

 use super::models::{all::DayWithTrips, day, user};

@ -35,17 +36,18 @@ impl Deref for NaiveDateForm {
    }
 }

-#[get("/")]
-async fn index(db: &State<DatabaseConnection>, user: user::Model) -> Template {
+#[get("/?<all>")]
+async fn index(db: &State<DatabaseConnection>, user: user::Model, all: Option<String>) -> Template {
    let mut data = Vec::new();

    let mut show_next_n_days = 6;
-    if user.is_cox {
-        let end_of_year = NaiveDate::from_ymd_opt(Local::now().year(), 5, 31).unwrap();
-        show_next_n_days = end_of_year
-            .signed_duration_since(Local::now().date_naive())
-            .num_days()
-            + 1;
+    if let Some(_) = all {
+        if user.is_cox {
+            let end_of_year = NaiveDate::from_ymd_opt(Local::now().year(), 12, 31).unwrap();
+            show_next_n_days = end_of_year
+                .signed_duration_since(Local::now().date_naive())
+                .num_days();
+        }
    }

    for i in 0..show_next_n_days {
@ -65,17 +67,45 @@ fn name() -> Template {
 #[derive(FromForm)]
 struct NameForm {
    name: String,
+    pw: Option<String>,
 }

 #[put("/name", data = "<name>")]
-fn savename(name: Form<NameForm>, cookies: &CookieJar) -> Redirect {
-    cookies.add(Cookie::new("name", name.name.clone()));
+async fn savename(
+    name: Form<NameForm>,
+    cookies: &CookieJar<'_>,
+    db: &State<DatabaseConnection>,
+) -> Redirect {
+    let user = user::Model::find_or_create_user(&name.name, db.inner()).await;
+    match user.pw {
+        Some(pw) => {
+            match &name.pw {
+                Some(entered_pw) => {
+                    let mut hasher = Sha3_256::new();
+                    hasher.update(entered_pw);
+                    let entered_pw = hasher.finalize();
+
+                    if hex::encode(entered_pw) == pw {
+                        cookies.add_private(Cookie::new("name", name.name.clone()));
+                    } else {
+                        Redirect::to("/"); // Wrong PW
+                    }
+                }
+                None => {
+                    Redirect::to("/"); // No PW supplied
+                }
+            }
+        }
+        None => {
+            cookies.add_private(Cookie::new("name", name.name.clone()));
+        }
+    }
    Redirect::to("/")
 }

 #[get("/logout")]
 fn logout(cookies: &CookieJar) -> Redirect {
-    cookies.remove(Cookie::new("name", ""));
+    cookies.remove_private(Cookie::new("name", ""));
    Redirect::to("/")
 }