mirror of https://github.com/realaravinth/gitpad
feat: login form submission
parent
dba0834eff
commit
3b6a5938d7
|
@ -69,6 +69,32 @@ pub async fn get_login(data: AppData) -> impl Responder {
|
|||
|
||||
pub fn services(cfg: &mut web::ServiceConfig) {
|
||||
cfg.service(get_login);
|
||||
cfg.service(login_submit);
|
||||
}
|
||||
|
||||
#[my_codegen::post(path = "PAGES.auth.login")]
|
||||
pub async fn login_submit(
|
||||
id: Identity,
|
||||
payload: web::Form<LoginPayload>,
|
||||
query: web::Query<RedirectQuery>,
|
||||
data: AppData,
|
||||
db: crate::DB,
|
||||
) -> PageResult<impl Responder, Login> {
|
||||
let username = data
|
||||
.login(&(**db), &payload)
|
||||
.await
|
||||
.map_err(|e| PageError::new(Login::new(&data.settings, Some(&payload)), e))?;
|
||||
id.remember(username);
|
||||
let query = query.into_inner();
|
||||
if let Some(redirect_to) = query.redirect_to {
|
||||
Ok(HttpResponse::Found()
|
||||
.insert_header((http::header::LOCATION, redirect_to))
|
||||
.finish())
|
||||
} else {
|
||||
Ok(HttpResponse::Found()
|
||||
.insert_header((http::header::LOCATION, PAGES.home))
|
||||
.finish())
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
use actix_auth_middleware::GetLoginRoute;
|
||||
|
||||
use actix_web::http::header;
|
||||
use actix_web::http::StatusCode;
|
||||
|
@ -21,7 +22,7 @@ use actix_web::test;
|
|||
|
||||
use super::*;
|
||||
|
||||
use crate::data::api::v1::auth::Register;
|
||||
use crate::data::api::v1::auth::{Login, Register};
|
||||
use crate::data::Data;
|
||||
use crate::errors::*;
|
||||
use crate::tests::*;
|
||||
|
@ -81,7 +82,40 @@ async fn auth_works(data: Arc<Data>, db: BoxDB) {
|
|||
assert_eq!(resp.status(), StatusCode::FOUND);
|
||||
let headers = resp.headers();
|
||||
assert_eq!(headers.get(header::LOCATION).unwrap(), PAGES.auth.login);
|
||||
let _ = data.delete_user(&db, NAME, PASSWORD).await;
|
||||
|
||||
// sign in
|
||||
let msg = Login {
|
||||
login: NAME.into(),
|
||||
password: PASSWORD.into(),
|
||||
};
|
||||
let resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&msg, PAGES.auth.login, FORM).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(resp.status(), StatusCode::FOUND);
|
||||
let headers = resp.headers();
|
||||
assert_eq!(headers.get(header::LOCATION).unwrap(), PAGES.home);
|
||||
|
||||
// redirect after signin
|
||||
let redirect = "/foo/bar/nonexistantuser";
|
||||
let url = PAGES.get_login_route(Some(redirect));
|
||||
let resp = test::call_service(&app, post_request!(&msg, &url, FORM).to_request()).await;
|
||||
assert_eq!(resp.status(), StatusCode::FOUND);
|
||||
let headers = resp.headers();
|
||||
assert_eq!(headers.get(header::LOCATION).unwrap(), &redirect);
|
||||
|
||||
// wrong password signin
|
||||
let msg = Login {
|
||||
login: NAME.into(),
|
||||
password: NAME.into(),
|
||||
};
|
||||
let resp = test::call_service(
|
||||
&app,
|
||||
post_request!(&msg, PAGES.auth.login, FORM).to_request(),
|
||||
)
|
||||
.await;
|
||||
assert_eq!(resp.status(), ServiceError::WrongPassword.status_code());
|
||||
}
|
||||
|
||||
async fn serverside_password_validation_works(data: Arc<Data>, db: BoxDB) {
|
||||
|
|
Loading…
Reference in New Issue