SadlyNotSappho
/
login-template
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: SadlyNotSappho:d6c418a89958688c8e5bf08be31ac2d6541b1fa8
Branches Tags
SadlyNotSappho:main
..
compare: SadlyNotSappho:a97ee0586f96c562ba65d0e5c375f63da621e770
Branches Tags
SadlyNotSappho:main

No commits in common. "d6c418a89958688c8e5bf08be31ac2d6541b1fa8" and "a97ee0586f96c562ba65d0e5c375f63da621e770" have entirely different histories.
d6c418a899 ... a97ee0586f

6 changed files with 86 additions and 140 deletions
Show Stats Expand all files Collapse all files

8
.env.example
View File

@ -1,8 +0,0 @@
POSTGRES_DB=fossil_postgres
POSTGRES_PASSWORD=password
ROCKET_SECRET_KEY=openssl rand -base64 32
ADMIN_USERNAME=admin
ADMIN_PASSWORD=password

3
.gitignore vendored
View File

@ -1,3 +1,4 @@
/target
docker-compose.yml
db/password.txt
.env

10
README.md
View File

@ -1,7 +1,9 @@
# login template
# fossil
this is pretty much just some shitty code that'll handle logging into and out of a website, with the default features being a blog, but it should be easy to change to something else
Free and Open Source Software - Library
setup: remove .example from `.env.example`
\nfill it with the correct values (for `ROCKET_SECRET_KEY`, run that command to generate it)
yeah yeah there's no i in the name, i just wanted the acronym to be an actual word
setup: remove .example from `docker-compose.yml.example` and `db/password.txt.example`
\nfill out those files with the correct values
\nrun `docker compose build` to build it, `docker compose run` to run, and `docker compose run -d` to run it in the background

19
docker-compose.yml → docker-compose.yml.example
View File

@ -15,16 +15,14 @@ services:
ports:
- 8000:8000
environment:
- ROCKET_DATABASES={fossil_postgres={url="postgres://postgres:$POSTGRES_PASSWORD@db/$POSTGRES_DB", max_connections=10, connect_timeout=10}}
# name in main.rs db.user POSTGRES_PASSWORD POSTGRES_DB
- ROCKET_DATABASES={diesel_postgres={url="postgres://postgres:passwordpasswordpassword@db/example"}}
- ROCKET_ADDRESS=0.0.0.0
- ROCKET_PORT=$PORT
- ROCKET_PORT=8000
- RUST_LOG=debug
- ROCKET_SECRET_KEY=$ROCKET_SECRET_KEY
- ADMIN_USERNAME=$ADMIN_USERNAME
- ADMIN_PASSWORD=$ADMIN_PASSWORD
- ROCKET_SECRET_KEY=openssl rand -base64 32
volumes:
- type: bind
source: ./web
@ -42,11 +40,13 @@ services:
image: postgres
restart: always
user: postgres
secrets:
- db-password
volumes:
- db-data:/var/lib/postgresql/data
environment:
- POSTGRES_DB=$POSTGRES_DB
- POSTGRES_PASSWORD=$POSTGRES_PASSWORD
- POSTGRES_DB=example
- POSTGRES_PASSWORD=passwordpasswordpassword
expose:
- 5432
healthcheck:
@ -56,3 +56,6 @@ services:
retries: 5
volumes:
db-data:
secrets:
db-password:
file: db/password.txt

82
src/main.rs
View File

@ -69,18 +69,34 @@ async fn createuser(
}
}
#[get("/getuser/<username>")]
async fn getuser(db: Connection<Db>, username: String) -> String {
let user = User::get_by_username(db, &username).await;
match user {
Some(user) => format!(
"id: {}\nusername: {}\nhashed password: {}\ntoken: {}",
user.id,
user.username,
user.password,
match user.token {
Some(t) => t,
None => "no token".to_string()
}
),
None => format!("User {} doesn't exist.", &username),
}
}
#[get("/account")]
async fn account(db: Connection<Db>, cookies: &CookieJar<'_>) -> String {
let token = cookies.get_private("token");
match token {
Some(t) => {
match User::get_by_token(db, t.to_string().split('=').collect::<Vec<&str>>()[1].to_string() /*GOD I LOVE RUST*/).await {
Some(user) => format!("Username: {}\nAdmin: {}\nMake Posts: {}\nComment: {}", user.username, user.admin, user.make_posts, user.comment),
None => "User doesn't exist.".to_string()
}
let user = User::get_by_token(db, t.to_string().split("=").collect::<Vec<&str>>()[1].to_string() /*GOD I LOVE RUST*/).await;
format!("Username: {}", user.username)
},
None => {
"Not logged in".to_string()
format!("Not logged in")
}
}
}
@ -89,8 +105,12 @@ async fn account(db: Connection<Db>, cookies: &CookieJar<'_>) -> String {
async fn login(db: Connection<Db>, db2: Connection<Db>, info: Json<LoginInfo>, cookies: &CookieJar<'_>) -> String {
let token = cookies.get_private("token");
match token {
Some(_) => {
"already logged in".to_string()
Some(t) => {
if User::get_by_token(db, t.to_string()).await.exists() /*god i fucking love rust, this function literally just returns true*/ {
"logged in with token".to_string()
} else {
"unknown token".to_string()
}
}
None => {
match User::get_by_username(db, &info.username).await {
@ -120,12 +140,12 @@ async fn login(db: Connection<Db>, db2: Connection<Db>, info: Json<LoginInfo>, c
}
#[post("/logout")]
async fn logout(cookies: &CookieJar<'_>) -> &'static str {
match cookies.get_private("token") {
Some(_) => {
cookies.remove_private("token");
"Logged out."
},
None => "Not logged in."
let token = cookies.get_private("token");
if token.is_some() {
cookies.remove_private("token");
"logged out"
} else {
"not logged in"
}
}
@ -172,7 +192,7 @@ async fn migrate(rocket: Rocket<Build>) -> Rocket<Build> {
)",
))
.await;
let _ = conn
let _2 = conn
.fetch_one(sqlx::query(
"CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
@ -183,38 +203,6 @@ async fn migrate(rocket: Rocket<Build>) -> Rocket<Build> {
))
.await;
let _ = conn.fetch_one(sqlx::query(
"ALTER TABLE users
ADD COLUMN IF NOT EXISTS admin BOOLEAN NOT NULL DEFAULT FALSE,
ADD COLUMN IF NOT EXISTS make_posts BOOLEAN NOT NULL DEFAULT FALSE,
ADD COLUMN IF NOT EXISTS comment BOOLEAN NOT NULL DEFAULT TRUE
"
)).await;
match conn.fetch_one(sqlx::query("SELECT * from users WHERE username = $1").bind(std::env::var("ADMIN_USERNAME").expect("make ADMIN_USERNAME env var"))).await {
Ok(_) => (),
Err(_) => {
// yes, User::create() exists. no, conn isn't the right type. no, i won't even attempt
// to fix it. yes, this works just as well as that. fuck you.
let username = std::env::var("ADMIN_USERNAME").expect("make ADMIN_USERNAME env var");
let password = sha256::digest(std::env::var("ADMIN_PASSWORD").expect("make ADMIN_PASSWORD env var"));
eprintln!("{username}\n{password}");
conn.fetch_one(sqlx::query(
r#"
INSERT INTO users (username, password, admin)
VALUES ($1, $2, true);
"#,
)
.bind(username)
.bind(password)
)
.await
.expect("couldn't create admin user");
}
}
rocket
}
@ -226,7 +214,7 @@ async fn main() {
.attach(AdHoc::on_ignite("DB Migrations", migrate))
.mount(
"/",
routes![hello, get_book, delay, login, logout, dbtest, dbcreate, createuser, account],
routes![hello, get_book, delay, login, logout, dbtest, dbcreate, createuser, getuser, account],
)
.register("/", catchers![default_catcher])
.mount("/login", FileServer::from("/srv/web"))

104
src/tables.rs
View File

@ -1,4 +1,4 @@
use rand::{RngCore, SeedableRng};
use rand::{SeedableRng, RngCore};
use rocket_db_pools::sqlx::Executor;
use rocket_db_pools::Connection;
use sqlx::FromRow;
@ -60,14 +60,6 @@ pub struct User {
pub username: String,
pub password: String,
pub token: Option<String>,
pub admin: bool,
pub make_posts: bool,
pub comment: bool,
}
pub enum UserRole {
Admin,
MakePosts,
Comment,
}
impl User {
pub async fn create(mut db: Connection<Db>, username: &String, password: &String) {
@ -90,53 +82,42 @@ impl User {
}
}
}
pub async fn get_by_id(mut db: Connection<Db>, id: i32) -> Option<User> {
match db
pub async fn get_by_id(mut db: Connection<Db>, id: i32) -> User {
let res = db
.fetch_one(sqlx::query("SELECT * FROM users WHERE id = $1;").bind(id))
.await
{
Ok(user) => Some(User {
id: user.get::<i32, _>("id"),
username: user.get::<String, _>("username"),
password: user.get::<String, _>("password"),
token: user.get::<Option<String>, _>("token"),
admin: user.get::<bool, _>("admin"),
make_posts: user.get::<bool, _>("make_posts"),
comment: user.get::<bool, _>("comment"),
}),
Err(_) => None,
.unwrap();
User {
id: res.get::<i32, _>("id"),
username: res.get::<String, _>("username"),
password: res.get::<String, _>("password"),
token: res.get::<Option<String>, _>("token"),
}
}
pub async fn get_by_token(mut db: Connection<Db>, token: String) -> Option<User> {
match db
pub async fn get_by_token(mut db: Connection<Db>, token: String) -> User {
let res = db
.fetch_one(sqlx::query("SELECT * FROM users WHERE token = $1;").bind(token))
.await
{
Ok(user) => Some(User {
id: user.get::<i32, _>("id"),
username: user.get::<String, _>("username"),
password: user.get::<String, _>("password"),
token: user.get::<Option<String>, _>("token"),
admin: user.get::<bool, _>("admin"),
make_posts: user.get::<bool, _>("make_posts"),
comment: user.get::<bool, _>("comment"),
}),
Err(_) => None,
// TODO: this errors sometimes i dont know why
.unwrap();
User {
id: res.get::<i32, _>("id"),
username: res.get::<String, _>("username"),
password: res.get::<String, _>("password"),
token: res.get::<Option<String>, _>("token"),
}
}
pub async fn get_by_username(mut db: Connection<Db>, username: &String) -> Option<User> {
match db
let res = db
.fetch_one(sqlx::query("SELECT * FROM users WHERE username = $1;").bind(username))
.await
{
Ok(user) => Some(User {
id: user.get::<i32, _>("id"),
username: user.get::<String, _>("username"),
password: user.get::<String, _>("password"),
token: user.get::<Option<String>, _>("token"),
admin: user.get::<bool, _>("admin"),
make_posts: user.get::<bool, _>("make_posts"),
comment: user.get::<bool, _>("comment"),
.await;
match res {
Ok(res) => Some(User {
id: res.get::<i32, _>("id"),
username: res.get::<String, _>("username"),
password: res.get::<String, _>("password"),
token: res.get::<Option<String>, _>("token"),
}),
Err(_) => None,
}
@ -147,35 +128,14 @@ impl User {
let token = sha256::digest(format!("{token_start}-{token_end}"));
match db
.fetch_one(
sqlx::query("UPDATE users SET token = $1 WHERE id = $2")
.bind(&token)
.bind(self.id),
)
.await
{
match db.fetch_one(sqlx::query("UPDATE users SET token = $1 WHERE id = $2").bind(&token).bind(self.id)).await {
Ok(_) => Ok(token),
Err(why) => Err(why.to_string()),
Err(why) => Err(why.to_string())
}
}
pub async fn set_role(&self, mut db: Connection<Db>, role: UserRole, value: bool) -> Result<String, String> {
match db
.fetch_one(
sqlx::query("UPDATE users SET $1 = $2 WHERE id = $3")
.bind(match role {
UserRole::Admin => "admin",
UserRole::MakePosts => "make_posts",
UserRole::Comment => "comment",
})
.bind(value)
.bind(self.id),
)
.await
{
Ok(_) => Ok("Succesfully updated role.".to_string()),
Err(why) => Err(why.to_string()),
}
// god i fucking love rust
pub fn exists(&self) -> bool {
true
}
}