diff --git a/src/tera/mod.rs b/src/tera/mod.rs index 3e403fa..b9e8dcb 100644 --- a/src/tera/mod.rs +++ b/src/tera/mod.rs @@ -124,65 +124,17 @@ async fn wikiauth(db: &State, login: Form>) -> String "FAIL".into() } -struct BasicAuth { - username: String, - password: String, -} - -#[rocket::async_trait] -impl<'r> FromRequest<'r> for BasicAuth { - type Error = (); - - async fn from_request(request: &'r Request<'_>) -> Outcome { - // Get the Authorization header - let auth_header = match request.headers().get_one("Authorization") { - Some(h) => h, - None => return Outcome::Error((Status::Unauthorized, ())), - }; - - // Check if it's a Basic auth header - if !auth_header.starts_with("Basic ") { - return Outcome::Error((Status::Unauthorized, ())); - } - - // Decode the base64 credentials - let credentials = match base64::decode(&auth_header[6..]) { - Ok(c) => c, - Err(_) => return Outcome::Error((Status::Unauthorized, ())), - }; - - // Convert to UTF-8 string - let credentials_str = match std::str::from_utf8(&credentials) { - Ok(s) => s, - Err(_) => return Outcome::Error((Status::Unauthorized, ())), - }; - - // Split into username and password - let mut parts = credentials_str.splitn(2, ':'); - let username = match parts.next() { - Some(u) => u.to_string(), - None => return Outcome::Error((Status::Unauthorized, ())), - }; - let password = match parts.next() { - Some(p) => p.to_string(), - None => return Outcome::Error((Status::Unauthorized, ())), - }; - - Outcome::Success(BasicAuth { username, password }) - } -} - -#[get("/")] -async fn nextcloud_auth(db: &State, auth: BasicAuth) -> Status { - if let Ok(user) = User::login(db, &auth.username, &auth.password).await { +#[post("/", data = "")] +async fn nextcloud_auth(db: &State, login: Form>) -> String { + if let Ok(user) = User::login(db, login.name, login.password).await { if user.has_role(db, "admin").await { - return Status::Ok; + return String::from("SUCC"); } if user.has_role(db, "Vorstand").await { - return Status::Ok; + return String::from("SUCC"); } } - Status::BadRequest + "FAIL".into() } #[catch(401)] //Unauthorized