feat: login form submission

master
Aravinth Manivannan 2022-02-22 22:03:03 +05:30
parent dba0834eff
commit 3b6a5938d7
Signed by: realaravinth
GPG Key ID: AD9F0F08E855ED88
2 changed files with 62 additions and 2 deletions

View File

@ -69,6 +69,32 @@ pub async fn get_login(data: AppData) -> impl Responder {
pub fn services(cfg: &mut web::ServiceConfig) {
cfg.service(get_login);
cfg.service(login_submit);
}
#[my_codegen::post(path = "PAGES.auth.login")]
pub async fn login_submit(
id: Identity,
payload: web::Form<LoginPayload>,
query: web::Query<RedirectQuery>,
data: AppData,
db: crate::DB,
) -> PageResult<impl Responder, Login> {
let username = data
.login(&(**db), &payload)
.await
.map_err(|e| PageError::new(Login::new(&data.settings, Some(&payload)), e))?;
id.remember(username);
let query = query.into_inner();
if let Some(redirect_to) = query.redirect_to {
Ok(HttpResponse::Found()
.insert_header((http::header::LOCATION, redirect_to))
.finish())
} else {
Ok(HttpResponse::Found()
.insert_header((http::header::LOCATION, PAGES.home))
.finish())
}
}
#[cfg(test)]

View File

@ -14,6 +14,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
use actix_auth_middleware::GetLoginRoute;
use actix_web::http::header;
use actix_web::http::StatusCode;
@ -21,7 +22,7 @@ use actix_web::test;
use super::*;
use crate::data::api::v1::auth::Register;
use crate::data::api::v1::auth::{Login, Register};
use crate::data::Data;
use crate::errors::*;
use crate::tests::*;
@ -81,7 +82,40 @@ async fn auth_works(data: Arc<Data>, db: BoxDB) {
assert_eq!(resp.status(), StatusCode::FOUND);
let headers = resp.headers();
assert_eq!(headers.get(header::LOCATION).unwrap(), PAGES.auth.login);
let _ = data.delete_user(&db, NAME, PASSWORD).await;
// sign in
let msg = Login {
login: NAME.into(),
password: PASSWORD.into(),
};
let resp = test::call_service(
&app,
post_request!(&msg, PAGES.auth.login, FORM).to_request(),
)
.await;
assert_eq!(resp.status(), StatusCode::FOUND);
let headers = resp.headers();
assert_eq!(headers.get(header::LOCATION).unwrap(), PAGES.home);
// redirect after signin
let redirect = "/foo/bar/nonexistantuser";
let url = PAGES.get_login_route(Some(redirect));
let resp = test::call_service(&app, post_request!(&msg, &url, FORM).to_request()).await;
assert_eq!(resp.status(), StatusCode::FOUND);
let headers = resp.headers();
assert_eq!(headers.get(header::LOCATION).unwrap(), &redirect);
// wrong password signin
let msg = Login {
login: NAME.into(),
password: NAME.into(),
};
let resp = test::call_service(
&app,
post_request!(&msg, PAGES.auth.login, FORM).to_request(),
)
.await;
assert_eq!(resp.status(), ServiceError::WrongPassword.status_code());
}
async fn serverside_password_validation_works(data: Arc<Data>, db: BoxDB) {