-
Notifications
You must be signed in to change notification settings - Fork 2
/
sessions_controller.rs
79 lines (73 loc) · 2.01 KB
/
sessions_controller.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
use rocket::form::Form;
use rocket::response::{Redirect, Responder};
use rocket::State;
use crate::controllers::pages_controller::rocket_uri_macro_home_page;
use crate::ephemeral::session::{
stored_redirect_or, SessionCookie, UserSession,
};
use crate::errors::{Either, Result, ZauthError};
use crate::models::session::Session;
use crate::models::user::User;
use crate::Config;
use crate::DbConn;
use rocket::http::CookieJar;
#[get("/login")]
pub fn new_session<'r>(
session: Option<UserSession>,
cookies: &CookieJar,
) -> Either<Redirect, impl Responder<'r, 'static>> {
match session {
None => Either::Right(template! {
"session/login.html";
error: Option<String> = None
}),
_ => Either::Left(stored_redirect_or(cookies, uri!(home_page))),
}
}
#[get("/logout")]
pub fn delete_session<'r>(session: UserSession) -> impl Responder<'r, 'static> {
template! {
"session/logout.html";
current_user: User = session.user
}
}
#[derive(FromForm, Debug)]
pub struct LoginFormData {
username: String,
password: String,
}
#[post("/login", data = "<form>")]
pub async fn create_session<'r>(
form: Form<LoginFormData>,
cookies: &'r CookieJar<'_>,
config: &'r State<Config>,
db: DbConn,
) -> Result<Either<Redirect, impl Responder<'r, 'static>>> {
let form = form.into_inner();
match User::find_and_authenticate(form.username, form.password, &db).await {
Err(ZauthError::LoginError(login_error)) => {
Ok(Either::Right(template! {
"session/login.html";
error: Option<String> = Some(login_error.to_string()),
}))
},
Ok(user) => {
let session =
Session::create(&user, config.user_session_duration(), &db)
.await?;
SessionCookie::new(session).login(cookies);
user.update_last_login(&db).await?;
Ok(Either::Left(stored_redirect_or(cookies, uri!(home_page))))
},
Err(err) => Err(err),
}
}
#[post("/logout")]
pub async fn destroy_session<'r>(
session: UserSession,
cookies: &'r CookieJar<'_>,
db: DbConn,
) -> Result<Redirect> {
session.destroy(cookies, &db).await?;
Ok(Redirect::to("/"))
}