implement auth login with a JWT cookie

2024-10-22 23:21:11 +02:00 · 2024-10-22 23:21:11 +02:00 · 84bffc5f72
commit 84bffc5f72
parent b5a71c87ad
6 changed files with 86 additions and 6 deletions
--- a/nixin_farm_ssr/assets/views/home/index.html
+++ b/nixin_farm_ssr/assets/views/home/index.html
@ -8,7 +8,10 @@ Login
 <div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
  <div class="sm:mx-auto sm:w-full sm:max-w-sm">
    <img class="mx-auto h-12 w-auto" src="https://nixin.distrilab.eu/logo-nixin.svg" alt="NixiN">
-    <h2 class="mt-10 text-center text-2xl font-bold leading-9 tracking-tight text-gray-900">Index</h2>
+    <h2 class="mt-10 text-center text-2xl font-bold leading-9 tracking-tight text-gray-900">
        Index
    </h2>
    hello user {{user.name}}
  </div>
 </div>
--- a/nixin_farm_ssr/assets/views/home/login.html
+++ b/nixin_farm_ssr/assets/views/home/login.html
@ -34,7 +34,7 @@ Login
  </div>
  <div class="mt-10 sm:mx-auto sm:w-full sm:max-w-sm">
-    <form class="space-y-6" action="#" method="POST">
+    <form class="space-y-6" action="/login" method="POST">
      <div>
        <label for="email" class="block text-sm font-medium leading-6 text-gray-900">Email address</label>
        <div class="mt-2">
--- a/nixin_farm_ssr/assets/views/home/register.html
+++ b/nixin_farm_ssr/assets/views/home/register.html
@ -0,0 +1,17 @@
 {% extends "base.html" %}
 {% block title %}
 Login
 {% endblock title %}
 {% block content %}
 <div class="flex min-h-full flex-col justify-center px-6 py-12 lg:px-8">
  <div class="sm:mx-auto sm:w-full sm:max-w-sm">
    <img class="mx-auto h-12 w-auto" src="https://nixin.distrilab.eu/logo-nixin.svg" alt="NixiN">
    <h2 class="mt-10 text-center text-2xl font-bold leading-9 tracking-tight text-gray-900">
        Register a new account
    </h2>
  </div>
 </div>
 {% endblock content %}
--- a/nixin_farm_ssr/config/development.yaml
+++ b/nixin_farm_ssr/config/development.yaml
@ -146,3 +146,6 @@ auth:
    secret: jECGaGSsMtQmKyYyGuk7
    # Token expiration time in seconds
    expiration: 604800 # 7 days
    location:
      from: Cookie
      name: token
--- a/nixin_farm_ssr/src/controllers/home.rs
+++ b/nixin_farm_ssr/src/controllers/home.rs
@ -2,8 +2,18 @@
 #![allow(clippy::unnecessary_struct_initialization)]
 #![allow(clippy::unused_async)]
 use loco_rs::prelude::*;
-use axum::debug_handler;
+
-use axum::{extract::State, Json};
+use axum::{
    debug_handler,
    extract::State,
    extract::Query,
    response::{IntoResponse, Redirect},
    http::StatusCode,
    Json,
    Form};
 use axum_extra::extract::cookie::{CookieJar, Cookie};
 use serde::{Deserialize, Serialize};
 use loco_rs::{
    app::AppContext,
    controller::middleware,
@ -11,7 +21,10 @@ use loco_rs::{
 };
 use crate::{
-    models::users,
+    models::{
        users,
        //users::{LoginParams, RegisterParams},
    },
    views,
    controllers::middleware::auth_no_error,
 };
@ -36,8 +49,52 @@ pub async fn home(
    }
 }
 #[derive(Debug, Serialize, Deserialize)]
 pub struct LoginParams {
    pub email: Option<String>,
    pub password: Option<String>,
 }
 /// Creates a user login and returns a token
 #[debug_handler]
 pub async fn login(
    auth: auth_no_error::JWTWithUserOpt<users::Model>,
    //ViewEngine(v): ViewEngine<TeraView>,
    State(ctx): State<AppContext>,
    jar: CookieJar,
    Form(params): Form<LoginParams>) -> Result<(CookieJar, Redirect), StatusCode> {
    println!("Auth: {:?}",auth);
    println!("Form parameters: {:?}",params);
    println!("Cookie jar: {:?}",jar);
    match params {
        LoginParams{email: Some(email), password: Some(password)} => {
            let user = users::Model::find_by_email(&ctx.db, &email).await
                .or_else(|_| Err(StatusCode::UNAUTHORIZED))?;
            let valid = user.verify_password(&password);
            if !valid {
                return  Err(StatusCode::UNAUTHORIZED);
            }
            let jwt_secret = ctx.config.get_jwt_config()
                .or_else(|_| Err(StatusCode::UNAUTHORIZED))?;
            let token = user
                .generate_jwt(&jwt_secret.secret, &jwt_secret.expiration)
                .or_else(|_| Err(StatusCode::UNAUTHORIZED))?;
            Ok((
                // the updated jar must be returned for the changes
                // to be included in the response
                jar.add(Cookie::new("token", token)),
                    Redirect::to("/"),))
        }
        _ => {
            Err(StatusCode::UNAUTHORIZED)
        }
    }
 }
 pub fn routes() -> Routes {
    Routes::new()
        //.prefix("homes")
        .add("/", get(home))
        .add("/login", post(login))
 }
--- a/nixin_farm_ssr/src/views/home.rs
+++ b/nixin_farm_ssr/src/views/home.rs
@ -17,6 +17,6 @@ pub fn login(v: &impl ViewRenderer) -> Result<Response> {
 ///
 /// When there is an issue with rendering the view.
 pub fn index(v: &impl ViewRenderer, user: &users::Model) -> Result<Response> {
-    format::render().view(v, "server/show.html", data!({"user": user}))
+    format::render().view(v, "home/index.html", data!({"user": user}))
 }