gburri/recipes
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Add asynchronous call to database.

Browse source 
See file 'asynchronous.ts'.
This commit is contained in:
Greg Burri 2022-11-29 15:58:06 +01:00
parent 8a3fef096d
commit d28e765e39
20 changed files with 1323 additions and 1049 deletions
Download patch file Download diff file Expand all files Collapse all files

37
Cargo.lock generated
View file

@ -452,9 +452,9 @@ dependencies = [
[[package]]
name = "clap"
version = "4.0.27"
version = "4.0.29"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0acbd8d28a0a60d7108d7ae850af6ba34cf2d1257fc646980e5f97ce14275966"
checksum = "4d63b9e9c07271b9957ad22c173bae2a4d9a81127680962039296abcd2f8251d"
dependencies = [
"bitflags",
"clap_derive",
@ -1068,9 +1068,9 @@ dependencies = [
[[package]]
name = "io-lifetimes"
version = "1.0.2"
version = "1.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e394faa0efb47f9f227f1cd89978f854542b318a6f64fa695489c9c993056656"
checksum = "46112a93252b123d31a119a8d1a1ac19deac4fac6e0e8b0df58f0d4e5870e63c"
dependencies = [
"libc",
"windows-sys",
@ -1078,9 +1078,9 @@ dependencies = [
[[package]]
name = "is-terminal"
version = "0.4.0"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aae5bc6e2eb41c9def29a3e0f1306382807764b9b53112030eff57435667352d"
checksum = "927609f78c2913a6f6ac3c27a4fe87f43e2a35367c0c4b0f8265e8f49a104330"
dependencies = [
"hermit-abi 0.2.6",
"io-lifetimes",
@ -1350,9 +1350,9 @@ dependencies = [
[[package]]
name = "parking_lot_core"
version = "0.9.4"
version = "0.9.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4dc9e0dc2adc1c69d09143aff38d3d30c5c3f0df0dad82e6d25547af174ebec0"
checksum = "7ff9f3fef3968a3ec5945535ed654cb38ff72d7495a25619e2247fb15a2ed9ba"
dependencies = [
"cfg-if",
"libc",
@ -1563,6 +1563,7 @@ dependencies = [
"chrono",
"clap",
"common",
"derive_more",
"env_logger",
"futures",
"itertools",
@ -1666,9 +1667,9 @@ dependencies = [
[[package]]
name = "rustix"
version = "0.36.3"
version = "0.36.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b1fbb4dfc4eb1d390c02df47760bb19a84bb80b301ecc947ab5406394d8223e"
checksum = "cb93e85278e08bb5788653183213d3a60fc242b10cb9be96586f5a73dcb67c23"
dependencies = [
"bitflags",
"errno",
@ -1744,18 +1745,18 @@ checksum = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4"
[[package]]
name = "serde"
version = "1.0.147"
version = "1.0.148"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d193d69bae983fc11a79df82342761dfbf28a99fc8d203dca4c3c1b590948965"
checksum = "e53f64bb4ba0191d6d0676e1b141ca55047d83b74f5607e6d8eb88126c52c2dc"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.147"
version = "1.0.148"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4f1d362ca8fc9c3e3a7484440752472d68a6caa98f1ab81d99b5dfe517cec852"
checksum = "a55492425aa53521babf6137309e7d34c20bbfbbfcfe2c7f3a047fd1f6b92c0c"
dependencies = [
"proc-macro2",
"quote",
@ -1856,9 +1857,9 @@ checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
[[package]]
name = "syn"
version = "1.0.103"
version = "1.0.104"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a864042229133ada95abf3b54fdc62ef5ccabe9515b64717bcb9a1919e59445d"
checksum = "4ae548ec36cf198c0ef7710d3c230987c2d6d7bd98ad6edc0274462724c585ce"
dependencies = [
"proc-macro2",
"quote",
@ -2327,9 +2328,9 @@ dependencies = [
[[package]]
name = "zstd-sys"
version = "2.0.3+zstd.1.5.2"
version = "2.0.4+zstd.1.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44ccf97612ac95f3ccb89b2d7346b345e52f1c3019be4984f0455fb4ba991f8a"
checksum = "4fa202f2ef00074143e219d15b62ffc317d17cc33909feac471c044087cad7b0"
dependencies = [
"cc",
"libc",

6
TODO.md
View file

@ -1,10 +1,14 @@
* Asynchonous email sending and database requests
* Try using WASM for all the client logic (test on signup page)
* Describe the use cases.
* Define the UI (mockups).
* Two CSS: one for desktop and one for mobile
* Define the logic behind each page and action.
[ok] Check cookie lifetime -> Session by default
[ok] Asynchonous email sending and database requests
[ok] Try to return Result for async routes (and watch what is printed in log)
[ok] Then try to make async database calls
[ok] Set email sending as async and show a waiter when sending email. Handle (and test) a timeout (~10s). -> (timeout put to 60s)
[ok] How to log error to journalctl?
[ok] Sign out
[ok] Read all the askama doc and see if the current approach is good

2
backend/Cargo.toml
View file

@ -35,3 +35,5 @@ rand_core = {version = "0.6", features = ["std"]}
rand = "0.8"
lettre = {version = "0.10", default-features = false, features = ["smtp-transport", "pool", "hostname", "builder", "rustls-tls"]}
derive_more = "0.99"

20
backend/sql/version_1.sql
View file

@ -46,6 +46,26 @@ CREATE TABLE [Recipe] (
FOREIGN KEY([user_id]) REFERENCES [User]([id]) ON DELETE SET NULL
);
CREATE TABLE [RecipeTag] (
[id] INTEGER PRIMARY KEY,
[recipe_id] INTEGER NOT NULL,
[tag_id] INTEGER NO NULL,
FOREIGN KEY([recipe_id]) REFERENCES [Recipe]([id]) ON DELETE CASCADE,
FOREIGN KEY([tag_id]) REFERENCES [Tag]([id]) ON DELETE CASCADE
);
CREATE TABLE [Tag] (
[id] INTEGER PRIMARY KEY,
[recipe_tag_id] INTEGER,
[name] TEXT NOT NULL,
FOREIGN KEY([recipe_tag_id]) REFERENCES [RecipeTag]([id]) ON DELETE SET NULL
);
CREATE UNIQUE INDEX [Tag_name_index] ON [Tag] ([name]);
CREATE TABLE [Quantity] (
[id] INTEGER PRIMARY KEY,
[value] REAL,

5
backend/src/consts.rs
View file

@ -1,7 +1,12 @@
use std::time::Duration;
pub const FILE_CONF: &str = "conf.ron";
pub const DB_DIRECTORY: &str = "data";
pub const DB_FILENAME: &str = "recipes.sqlite";
pub const SQL_FILENAME: &str = "sql/version_{VERSION}.sql";
pub const VALIDATION_TOKEN_DURATION: i64 = 1 * 60 * 60; // 1 hour. [s].
pub const REVERSE_PROXY_IP_HTTP_FIELD: &str = "x-real-ip";
pub const COOKIE_AUTH_TOKEN_NAME: &str = "auth_token";
pub const AUTHENTICATION_TOKEN_SIZE: usize = 32; // Number of alphanumeric characters for cookie authentication token.
pub const SEND_EMAIL_TIMEOUT: Duration = Duration::from_secs(60);

104
backend/src/data/asynchronous.rs Normal file
View file

@ -0,0 +1,104 @@
//! Functions to be called from actix code. They are asynchonrous and won't block worker thread caller.
use std::fmt;
use chrono::{prelude::*, Duration};
use actix_web::{web, error::BlockingError};
use super::db::*;
use crate::model;
use crate::user::User;
#[derive(Debug)]
pub enum DBAsyncError {
DBError(DBError),
ActixError(BlockingError),
Other(String),
}
impl fmt::Display for DBAsyncError {
fn fmt(&self, f: &mut fmt::Formatter) -> std::result::Result<(), fmt::Error> {
write!(f, "{:?}", self)
}
}
impl std::error::Error for DBAsyncError { }
impl From<DBError> for DBAsyncError {
fn from(error: DBError) -> Self {
DBAsyncError::DBError(error)
}
}
impl From<BlockingError> for DBAsyncError {
fn from(error: BlockingError) -> Self {
DBAsyncError::ActixError(error)
}
}
impl DBAsyncError {
fn from_dyn_error(error: Box<dyn std::error::Error>) -> Self {
DBAsyncError::Other(error.to_string())
}
}
fn combine_errors<T>(error: std::result::Result<std::result::Result<T, DBAsyncError>, BlockingError>) -> Result<T> {
error?
}
type Result<T> = std::result::Result<T, DBAsyncError>;
impl Connection {
pub async fn get_all_recipe_titles_async(&self) -> Result<Vec<(i32, String)>> {
let self_copy = self.clone();
web::block(move || { self_copy.get_all_recipe_titles().unwrap_or_default() }).await.map_err(DBAsyncError::from)
}
pub async fn get_recipe_async(&self, id: i32) -> Result<model::Recipe> {
let self_copy = self.clone();
combine_errors(web::block(move || { self_copy.get_recipe(id).map_err(DBAsyncError::from) }).await)
}
pub async fn load_user_async(&self, user_id: i32) -> Result<User> {
let self_copy = self.clone();
combine_errors(web::block(move || { self_copy.load_user(user_id).map_err(DBAsyncError::from) }).await)
}
pub async fn sign_up_async(&self, email: &str, password: &str) -> Result<SignUpResult> {
let self_copy = self.clone();
let email_copy = email.to_string();
let password_copy = password.to_string();
combine_errors(web::block(move || { self_copy.sign_up(&email_copy, &password_copy).map_err(DBAsyncError::from) }).await)
}
pub async fn validation_async(&self, token: &str, validation_time: Duration, ip: &str, user_agent: &str) -> Result<ValidationResult> {
let self_copy = self.clone();
let token_copy = token.to_string();
let ip_copy = ip.to_string();
let user_agent_copy = user_agent.to_string();
combine_errors(web::block(move || { self_copy.validation(&token_copy, validation_time, &ip_copy, &user_agent_copy).map_err(DBAsyncError::from) }).await)
}
pub async fn sign_in_async(&self, email: &str, password: &str, ip: &str, user_agent: &str) -> Result<SignInResult> {
let self_copy = self.clone();
let email_copy = email.to_string();
let password_copy = password.to_string();
let ip_copy = ip.to_string();
let user_agent_copy = user_agent.to_string();
combine_errors(web::block(move || { self_copy.sign_in(&email_copy, &password_copy, &ip_copy, &user_agent_copy).map_err(DBAsyncError::from) }).await)
}
pub async fn authentication_async(&self, token: &str, ip: &str, user_agent: &str) -> Result<AuthenticationResult> {
let self_copy = self.clone();
let token_copy = token.to_string();
let ip_copy = ip.to_string();
let user_agent_copy = user_agent.to_string();
combine_errors(web::block(move || { self_copy.authentication(&token_copy, &ip_copy, &user_agent_copy).map_err(DBAsyncError::from) }).await)
}
pub async fn sign_out_async(&self, token: &str) -> Result<()> {
let self_copy = self.clone();
let token_copy = token.to_string();
combine_errors(web::block(move || { self_copy.sign_out(&token_copy).map_err(DBAsyncError::from) }).await)
}
}

15
backend/src/db.rs → backend/src/data/db.rs
View file

@ -42,7 +42,6 @@ impl From<r2d2::Error> for DBError {
}
}
// TODO: Is there a better solution?
impl DBError {
fn from_dyn_error(error: Box<dyn std::error::Error>) -> Self {
DBError::Other(error.to_string())
@ -177,12 +176,15 @@ impl Connection {
pub fn get_all_recipe_titles(&self) -> Result<Vec<(i32, String)>> {
let con = self.pool.get()?;
let mut stmt = con.prepare("SELECT [id], [title] FROM [Recipe] ORDER BY [title]")?;
let titles =
let titles: std::result::Result<Vec<(i32, String)>, rusqlite::Error> =
stmt.query_map([], |row| {
Ok((row.get(0)?, row.get(1)?))
})?.map(|r| r.unwrap()).collect_vec(); // TODO: remove unwrap.
Ok(titles)
Ok((row.get("id")?, row.get("title")?))
})?.collect();
titles.map_err(DBError::from)
}
/* Not used for the moment.
@ -223,7 +225,6 @@ impl Connection {
}).map_err(DBError::from)
}
///
pub fn sign_up(&self, email: &str, password: &str) -> Result<SignUpResult> {
self.sign_up_with_given_time(email, password, Utc::now())
}
@ -362,7 +363,7 @@ fn load_sql_file<P: AsRef<Path> + fmt::Display>(sql_file: P) -> Result<String> {
}
fn generate_token() -> String {
Alphanumeric.sample_string(&mut rand::thread_rng(), 24)
Alphanumeric.sample_string(&mut rand::thread_rng(), consts::AUTHENTICATION_TOKEN_SIZE)
}
#[cfg(test)]

2
backend/src/data/mod.rs Normal file
View file

@ -0,0 +1,2 @@
pub mod asynchronous;
pub mod db;

34
backend/src/email.rs
View file

@ -1,7 +1,35 @@
use std::time::Duration;
use derive_more::Display;
use lettre::{transport::smtp::authentication::Credentials, Message, SmtpTransport, Transport};
///
pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &str, smtp_password: &str) -> Result<(), Box<dyn std::error::Error>> {
use crate::consts;
#[derive(Debug, Display)]
pub enum Error {
ParseError(lettre::address::AddressError),
SmtpError(lettre::transport::smtp::Error),
Email(lettre::error::Error),
}
impl From<lettre::address::AddressError> for Error {
fn from(error: lettre::address::AddressError) -> Self {
Error::ParseError(error)
}
}
impl From<lettre::transport::smtp::Error> for Error {
fn from(error: lettre::transport::smtp::Error) -> Self {
Error::SmtpError(error)
}
}
impl From<lettre::error::Error> for Error {
fn from(error: lettre::error::Error) -> Self {
Error::Email(error)
}
}
pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &str, smtp_password: &str) -> Result<(), Error> {
let email = Message::builder()
.message_id(None)
.from("recipes@gburri.org".parse()?)
@ -11,7 +39,7 @@ pub fn send_validation(site_url: &str, email: &str, token: &str, smtp_login: &st
let credentials = Credentials::new(smtp_login.to_string(), smtp_password.to_string());
let mailer = SmtpTransport::relay("mail.gandi.net")?.credentials(credentials).build();
let mailer = SmtpTransport::relay("mail.gandi.net")?.credentials(credentials).timeout(Some(consts::SEND_EMAIL_TIMEOUT)).build();
if let Err(error) = mailer.send(&email) {
eprintln!("Error when sending E-mail:\n{:?}", &error);

422
backend/src/main.rs
View file

@ -1,403 +1,20 @@
use std::collections::HashMap;
use actix_files as fs;
use actix_web::{http::header, get, post, web, Responder, middleware, App, HttpServer, HttpRequest, HttpResponse, cookie::Cookie};
use askama_actix::{Template, TemplateToResponse};
use chrono::{prelude::*, Duration};
use actix_web::{web, middleware, App, HttpServer};
use chrono::prelude::*;
use clap::Parser;
use serde::Deserialize;
use log::{debug, error, log_enabled, info, Level};
use log::error;
use config::Config;
use user::User;
use data::db;
mod consts;
mod db;
mod utils;
mod data;
mod hash;
mod model;
mod user;
mod email;
mod config;
const COOKIE_AUTH_TOKEN_NAME: &str = "auth_token";
///// UTILS /////
fn get_ip_and_user_agent(req: &HttpRequest) -> (String, String) {
let ip =
match req.headers().get(consts::REVERSE_PROXY_IP_HTTP_FIELD) {
Some(v) => v.to_str().unwrap_or_default().to_string(),
None => req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default()
};
let user_agent = req.headers().get(header::USER_AGENT).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default().to_string();
(ip, user_agent)
}
fn get_current_user(req: &HttpRequest, connection: &web::Data<db::Connection>) -> Option<User> {
let (client_ip, client_user_agent) = get_ip_and_user_agent(req);
match req.cookie(COOKIE_AUTH_TOKEN_NAME) {
Some(token_cookie) =>
match connection.authentication(token_cookie.value(), &client_ip, &client_user_agent) {
Ok(db::AuthenticationResult::NotValidToken) =>
// TODO: remove cookie?
None,
Ok(db::AuthenticationResult::Ok(user_id)) =>
match connection.load_user(user_id) {
Ok(user) =>
Some(user),
Err(error) => {
error!("Error during authentication: {}", error);
None
}
},
Err(error) => {
error!("Error during authentication: {}", error);
None
},
},
None => None
}
}
///// HOME /////
#[derive(Template)]
#[template(path = "home.html")]
struct HomeTemplate {
user: Option<user::User>,
recipes: Vec<(i32, String)>,
}
#[get("/")]
async fn home_page(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
HomeTemplate { user: get_current_user(&req, &connection), recipes: connection.get_all_recipe_titles().unwrap_or_default() }
}
///// VIEW RECIPE /////
#[derive(Template)]
#[template(path = "view_recipe.html")]
struct ViewRecipeTemplate {
user: Option<user::User>,
recipes: Vec<(i32, String)>,
current_recipe: model::Recipe,
}
#[get("/recipe/view/{id}")]
async fn view_recipe(req: HttpRequest, path: web::Path<(i32,)>, connection: web::Data<db::Connection>) -> impl Responder {
let (id,)= path.into_inner();
let recipes = connection.get_all_recipe_titles().unwrap_or_default();
let user = get_current_user(&req, &connection);
match connection.get_recipe(id) {
Ok(recipe) =>
ViewRecipeTemplate {
user,
recipes,
current_recipe: recipe,
}.to_response(),
Err(_error) =>
MessageTemplate {
user,
recipes,
message: format!("Unable to get recipe #{}", id),
}.to_response(),
}
}
///// MESSAGE /////
#[derive(Template)]
#[template(path = "message.html")]
struct MessageTemplate {
user: Option<user::User>,
recipes: Vec<(i32, String)>,
message: String,
}
//// SIGN UP /////
#[derive(Template)]
#[template(path = "sign_up_form.html")]
struct SignUpFormTemplate {
user: Option<user::User>,
email: String,
message: String,
message_email: String,
message_password: String,
}
#[get("/signup")]
async fn sign_up_get(req: HttpRequest, query: web::Query<HashMap<String, String>>, connection: web::Data<db::Connection>) -> impl Responder {
SignUpFormTemplate { user: get_current_user(&req, &connection), email: String::new(), message: String::new(), message_email: String::new(), message_password: String::new() }
}
#[derive(Deserialize)]
struct SignUpFormData {
email: String,
password_1: String,
password_2: String,
}
enum SignUpError {
InvalidEmail,
PasswordsNotEqual,
InvalidPassword,
UserAlreadyExists,
DatabaseError,
UnableSendEmail,
}
#[post("/signup")]
async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connection: web::Data<db::Connection>, config: web::Data<Config>) -> impl Responder {
fn error_response(error: SignUpError, form: &web::Form<SignUpFormData>, user: Option<User>) -> HttpResponse {
SignUpFormTemplate {
user,
email: form.email.clone(),
message_email:
match error {
SignUpError::InvalidEmail => "Invalid email",
_ => "",
}.to_string(),
message_password:
match error {
SignUpError::PasswordsNotEqual => "Passwords don't match",
SignUpError::InvalidPassword => "Password must have at least eight characters",
_ => "",
}.to_string(),
message:
match error {
SignUpError::UserAlreadyExists => "This email is already taken",
SignUpError::DatabaseError => "Database error",
SignUpError::UnableSendEmail => "Unable to send the validation email",
_ => "",
}.to_string(),
}.to_response()
}
let user = get_current_user(&req, &connection);
// Validation of email and password.
if let common::utils::EmailValidation::NotValid = common::utils::validate_email(&form.email) {
return error_response(SignUpError::InvalidEmail, &form, user);
}
if form.password_1 != form.password_2 {
return error_response(SignUpError::PasswordsNotEqual, &form, user);
}
if let common::utils::PasswordValidation::TooShort = common::utils::validate_password(&form.password_1) {
return error_response(SignUpError::InvalidPassword, &form, user);
}
match connection.sign_up(&form.email, &form.password_1) {
Ok(db::SignUpResult::UserAlreadyExists) => {
error_response(SignUpError::UserAlreadyExists, &form, user)
},
Ok(db::SignUpResult::UserCreatedWaitingForValidation(token)) => {
let url = {
let host = req.headers().get(header::HOST).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default();
let port: Option<i32> = 'p: {
let split_port: Vec<&str> = host.split(':').collect();
if split_port.len() == 2 {
if let Ok(p) = split_port[1].parse::<i32>() {
break 'p Some(p)
}
}
None
};
format!("http{}://{}", if port.is_some() && port.unwrap() != 443 { "" } else { "s" }, host)
};
match email::send_validation(&url, &form.email, &token, &config.smtp_login, &config.smtp_password) {
Ok(()) =>
HttpResponse::Found()
.insert_header((header::LOCATION, "/signup_check_email"))
.finish(),
Err(error) => {
error!("Email validation error: {}", error);
error_response(SignUpError::UnableSendEmail, &form, user)
},
}
},
Err(error) => {
error!("Signup database error: {}", error);
error_response(SignUpError::DatabaseError, &form, user)
},
}
}
#[get("/signup_check_email")]
async fn sign_up_check_email(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let recipes = connection.get_all_recipe_titles().unwrap_or_default();
MessageTemplate {
user: get_current_user(&req, &connection),
recipes,
message: "An email has been sent, follow the link to validate your account.".to_string(),
}
}
#[get("/validation")]
async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String, String>>, connection: web::Data<db::Connection>) -> impl Responder {
let (client_ip, client_user_agent) = get_ip_and_user_agent(&req);
let user = get_current_user(&req, &connection);
let recipes = connection.get_all_recipe_titles().unwrap_or_default();
match query.get("token") {
Some(token) => {
match connection.validation(token, Duration::seconds(consts::VALIDATION_TOKEN_DURATION), &client_ip, &client_user_agent).unwrap() {
db::ValidationResult::Ok(token, user_id) => {
let cookie = Cookie::new(COOKIE_AUTH_TOKEN_NAME, token);
let user =
match connection.load_user(user_id) {
Ok(user) =>
Some(user),
Err(error) => {
error!("Error retrieving user by id: {}", error);
None
}
};
let mut response =
MessageTemplate {
user,
recipes,
message: "Email validation successful, your account has been created".to_string(),
}.to_response();
if let Err(error) = response.add_cookie(&cookie) {
error!("Unable to set cookie after validation: {}", error);
};
response
},
db::ValidationResult::ValidationExpired =>
MessageTemplate {
user,
recipes,
message: "The validation has expired. Try to sign up again.".to_string(),
}.to_response(),
db::ValidationResult::UnknownUser =>
MessageTemplate {
user,
recipes,
message: "Validation error.".to_string(),
}.to_response(),
}
},
None => {
MessageTemplate {
user,
recipes,
message: format!("No token provided"),
}.to_response()
},
}
}
///// SIGN IN /////
#[derive(Template)]
#[template(path = "sign_in_form.html")]
struct SignInFormTemplate {
user: Option<user::User>,
email: String,
message: String,
}
#[get("/signin")]
async fn sign_in_get(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
SignInFormTemplate {
user: get_current_user(&req, &connection),
email: String::new(),
message: String::new(),
}
}
#[derive(Deserialize)]
struct SignInFormData {
email: String,
password: String,
}
enum SignInError {
AccountNotValidated,
AuthenticationFailed,
}
#[post("/signin")]
async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connection: web::Data<db::Connection>) -> impl Responder {
fn error_response(error: SignInError, form: &web::Form<SignInFormData>, user: Option<User>) -> HttpResponse {
SignInFormTemplate {
user,
email: form.email.clone(),
message:
match error {
SignInError::AccountNotValidated => "This account must be validated first",
SignInError::AuthenticationFailed => "Wrong email or password",
}.to_string(),
}.to_response()
}
let user = get_current_user(&req, &connection);
let (client_ip, client_user_agent) = get_ip_and_user_agent(&req);
match connection.sign_in(&form.email, &form.password, &client_ip, &client_user_agent) {
Ok(db::SignInResult::AccountNotValidated) =>
error_response(SignInError::AccountNotValidated, &form, user),
Ok(db::SignInResult::UserNotFound) | Ok(db::SignInResult::WrongPassword) => {
error_response(SignInError::AuthenticationFailed, &form, user)
},
Ok(db::SignInResult::Ok(token, user_id)) => {
let cookie = Cookie::new(COOKIE_AUTH_TOKEN_NAME, token);
let mut response =
HttpResponse::Found()
.insert_header((header::LOCATION, "/"))
.finish();
if let Err(error) = response.add_cookie(&cookie) {
error!("Unable to set cookie after sign in: {}", error);
};
response
},
Err(error) => {
error!("Signin error: {}", error);
error_response(SignInError::AuthenticationFailed, &form, user)
},
}
}
///// SIGN OUT /////
#[get("/signout")]
async fn sign_out(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let mut response =
HttpResponse::Found()
.insert_header((header::LOCATION, "/"))
.finish();
if let Some(token_cookie) = req.cookie(COOKIE_AUTH_TOKEN_NAME) {
if let Err(error) = connection.sign_out(token_cookie.value()) {
error!("Unable to sign out: {}", error);
};
if let Err(error) = response.add_removal_cookie(&Cookie::new(COOKIE_AUTH_TOKEN_NAME, "")) {
error!("Unable to set a removal cookie after sign out: {}", error);
};
};
response
}
async fn not_found(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let recipes = connection.get_all_recipe_titles().unwrap_or_default();
MessageTemplate {
user: get_current_user(&req, &connection),
recipes,
message: "404: Not found".to_string(),
}
}
mod services;
#[actix_web::main]
async fn main() -> std::io::Result<()> {
@ -422,18 +39,19 @@ async fn main() -> std::io::Result<()> {
.wrap(middleware::Compress::default())
.app_data(db_connection.clone())
.app_data(config.clone())
.service(home_page)
.service(sign_up_get)
.service(sign_up_post)
.service(sign_up_check_email)
.service(sign_up_validation)
.service(sign_in_get)
.service(sign_in_post)
.service(sign_out)
.service(view_recipe)
.service(services::home_page)
.service(services::sign_up_get)
.service(services::sign_up_post)
.service(services::sign_up_check_email)
.service(services::sign_up_validation)
.service(services::sign_in_get)
.service(services::sign_in_post)
.service(services::sign_out)
.service(services::view_recipe)
.service(fs::Files::new("/static", "static"))
.default_service(web::to(not_found))
.default_service(web::to(services::not_found))
});
//.workers(1);
server.bind(&format!("0.0.0.0:{}", port))?.run().await
}
@ -451,13 +69,13 @@ fn process_args() -> bool {
match db::Connection::new() {
Ok(con) => {
if let Err(error) = con.execute_file("sql/data_test.sql") {
error!("{}", error);
eprintln!("{}", error);
}
// Set the creation datetime to 'now'.
con.execute_sql("UPDATE [User] SET [creation_datetime] = ?1 WHERE [email] = 'paul@test.org'", [Utc::now()]).unwrap();
},
Err(error) => {
error!("Error: {}", error)
eprintln!("{}", error);
},
}

452
backend/src/services.rs Normal file
View file

@ -0,0 +1,452 @@
use std::collections::HashMap;
use actix_web::{http::{header, header::ContentType, StatusCode}, get, post, web, Responder, HttpRequest, HttpResponse, cookie::Cookie};
use askama_actix::{Template, TemplateToResponse};
use chrono::Duration;
use serde::Deserialize;
use log::{debug, error, log_enabled, info, Level};
use crate::utils;
use crate::email;
use crate::consts;
use crate::config::Config;
use crate::user::User;
use crate::model;
use crate::data::{db, asynchronous};
///// UTILS /////
fn get_ip_and_user_agent(req: &HttpRequest) -> (String, String) {
let ip =
match req.headers().get(consts::REVERSE_PROXY_IP_HTTP_FIELD) {
Some(v) => v.to_str().unwrap_or_default().to_string(),
None => req.peer_addr().map(|addr| addr.ip().to_string()).unwrap_or_default()
};
let user_agent = req.headers().get(header::USER_AGENT).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default().to_string();
(ip, user_agent)
}
async fn get_current_user(req: &HttpRequest, connection: web::Data<db::Connection>) -> Option<User> {
let (client_ip, client_user_agent) = get_ip_and_user_agent(req);
match req.cookie(consts::COOKIE_AUTH_TOKEN_NAME) {
Some(token_cookie) =>
match connection.authentication_async(token_cookie.value(), &client_ip, &client_user_agent).await {
Ok(db::AuthenticationResult::NotValidToken) =>
// TODO: remove cookie?
None,
Ok(db::AuthenticationResult::Ok(user_id)) =>
match connection.load_user_async(user_id).await {
Ok(user) =>
Some(user),
Err(error) => {
error!("Error during authentication: {}", error);
None
}
},
Err(error) => {
error!("Error during authentication: {}", error);
None
},
},
None => None
}
}
type Result<T> = std::result::Result<T, ServiceError>;
///// ERROR /////
#[derive(Debug)]
pub struct ServiceError {
status_code: StatusCode,
message: Option<String>,
}
impl From<asynchronous::DBAsyncError> for ServiceError {
fn from(error: asynchronous::DBAsyncError) -> Self {
ServiceError {
status_code: StatusCode::INTERNAL_SERVER_ERROR,
message: Some(format!("{:?}", error)),
}
}
}
impl From<email::Error> for ServiceError {
fn from(error: email::Error) -> Self {
ServiceError {
status_code: StatusCode::INTERNAL_SERVER_ERROR,
message: Some(format!("{:?}", error)),
}
}
}
impl From<actix_web::error::BlockingError> for ServiceError {
fn from(error: actix_web::error::BlockingError) -> Self {
ServiceError {
status_code: StatusCode::INTERNAL_SERVER_ERROR,
message: Some(format!("{:?}", error)),
}
}
}
impl std::fmt::Display for ServiceError {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::result::Result<(), std::fmt::Error> {
if let Some(ref m) = self.message {
write!(f, "**{}**\n\n", m)?;
}
write!(f, "Code: {}", self.status_code)
}
}
impl actix_web::error::ResponseError for ServiceError {
fn error_response(&self) -> HttpResponse {
MessageBaseTemplate {
message: &self.to_string(),
}.to_response()
}
fn status_code(&self) -> StatusCode {
self.status_code
}
}
///// HOME /////
#[derive(Template)]
#[template(path = "home.html")]
struct HomeTemplate {
user: Option<User>,
recipes: Vec<(i32, String)>,
current_recipe_id: Option<i32>,
}
#[get("/")]
pub async fn home_page(req: HttpRequest, connection: web::Data<db::Connection>) -> Result<HttpResponse> {
let user = get_current_user(&req, connection.clone()).await;
let recipes = connection.get_all_recipe_titles_async().await?;
Ok(HomeTemplate { user, current_recipe_id: None, recipes }.to_response())
}
///// VIEW RECIPE /////
#[derive(Template)]
#[template(path = "view_recipe.html")]
struct ViewRecipeTemplate {
user: Option<User>,
recipes: Vec<(i32, String)>,
current_recipe_id: Option<i32>,
current_recipe: model::Recipe,
}
#[get("/recipe/view/{id}")]
pub async fn view_recipe(req: HttpRequest, path: web::Path<(i32,)>, connection: web::Data<db::Connection>) -> Result<HttpResponse> {
let (id,)= path.into_inner();
let user = get_current_user(&req, connection.clone()).await;
let recipes = connection.get_all_recipe_titles_async().await?;
let recipe = connection.get_recipe_async(id).await?;
Ok(ViewRecipeTemplate {
user,
current_recipe_id: Some(recipe.id),
recipes,
current_recipe: recipe,
}.to_response())
}
///// MESSAGE /////
#[derive(Template)]
#[template(path = "message_base.html")]
struct MessageBaseTemplate<'a> {
message: &'a str,
}
#[derive(Template)]
#[template(path = "message.html")]
struct MessageTemplate<'a> {
user: Option<User>,
message: &'a str,
}
//// SIGN UP /////
#[derive(Template)]
#[template(path = "sign_up_form.html")]
struct SignUpFormTemplate {
user: Option<User>,
email: String,
message: String,
message_email: String,
message_password: String,
}
#[get("/signup")]
pub async fn sign_up_get(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let user = get_current_user(&req, connection.clone()).await;
SignUpFormTemplate { user, email: String::new(), message: String::new(), message_email: String::new(), message_password: String::new() }
}
#[derive(Deserialize)]
pub struct SignUpFormData {
email: String,
password_1: String,
password_2: String,
}
enum SignUpError {
InvalidEmail,
PasswordsNotEqual,
InvalidPassword,
UserAlreadyExists,
DatabaseError,
UnableSendEmail,
}
#[post("/signup")]
pub async fn sign_up_post(req: HttpRequest, form: web::Form<SignUpFormData>, connection: web::Data<db::Connection>, config: web::Data<Config>) -> Result<HttpResponse> {
fn error_response(error: SignUpError, form: &web::Form<SignUpFormData>, user: Option<User>) -> Result<HttpResponse> {
Ok(SignUpFormTemplate {
user,
email: form.email.clone(),
message_email:
match error {
SignUpError::InvalidEmail => "Invalid email",
_ => "",
}.to_string(),
message_password:
match error {
SignUpError::PasswordsNotEqual => "Passwords don't match",
SignUpError::InvalidPassword => "Password must have at least eight characters",
_ => "",
}.to_string(),
message:
match error {
SignUpError::UserAlreadyExists => "This email is already taken",
SignUpError::DatabaseError => "Database error",
SignUpError::UnableSendEmail => "Unable to send the validation email",
_ => "",
}.to_string(),
}.to_response())
}
let user = get_current_user(&req, connection.clone()).await;
// Validation of email and password.
if let common::utils::EmailValidation::NotValid = common::utils::validate_email(&form.email) {
return error_response(SignUpError::InvalidEmail, &form, user);
}
if form.password_1 != form.password_2 {
return error_response(SignUpError::PasswordsNotEqual, &form, user);
}
if let common::utils::PasswordValidation::TooShort = common::utils::validate_password(&form.password_1) {
return error_response(SignUpError::InvalidPassword, &form, user);
}
match connection.sign_up_async(&form.email, &form.password_1).await {
Ok(db::SignUpResult::UserAlreadyExists) => {
error_response(SignUpError::UserAlreadyExists, &form, user)
},
Ok(db::SignUpResult::UserCreatedWaitingForValidation(token)) => {
let url = {
let host = req.headers().get(header::HOST).map(|v| v.to_str().unwrap_or_default()).unwrap_or_default();
let port: Option<i32> = 'p: {
let split_port: Vec<&str> = host.split(':').collect();
if split_port.len() == 2 {
if let Ok(p) = split_port[1].parse::<i32>() {
break 'p Some(p)
}
}
None
};
format!("http{}://{}", if port.is_some() && port.unwrap() != 443 { "" } else { "s" }, host)
};
let email = form.email.clone();
match web::block(move || { email::send_validation(&url, &email, &token, &config.smtp_login, &config.smtp_password) }).await? {
Ok(()) =>
Ok(HttpResponse::Found()
.insert_header((header::LOCATION, "/signup_check_email"))
.finish()),
Err(error) => {
error!("Email validation error: {}", error);
error_response(SignUpError::UnableSendEmail, &form, user)
},
}
},
Err(error) => {
error!("Signup database error: {}", error);
error_response(SignUpError::DatabaseError, &form, user)
},
}
}
#[get("/signup_check_email")]
pub async fn sign_up_check_email(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let user = get_current_user(&req, connection.clone()).await;
MessageTemplate {
user,
message: "An email has been sent, follow the link to validate your account.",
}
}
#[get("/validation")]
pub async fn sign_up_validation(req: HttpRequest, query: web::Query<HashMap<String, String>>, connection: web::Data<db::Connection>) -> Result<HttpResponse> {
let (client_ip, client_user_agent) = get_ip_and_user_agent(&req);
let user = get_current_user(&req, connection.clone()).await;
match query.get("token") {
Some(token) => {
match connection.validation_async(token, Duration::seconds(consts::VALIDATION_TOKEN_DURATION), &client_ip, &client_user_agent).await? {
db::ValidationResult::Ok(token, user_id) => {
let cookie = Cookie::new(consts::COOKIE_AUTH_TOKEN_NAME, token);
let user =
match connection.load_user(user_id) {
Ok(user) =>
Some(user),
Err(error) => {
error!("Error retrieving user by id: {}", error);
None
}
};
let mut response =
MessageTemplate {
user,
message: "Email validation successful, your account has been created",
}.to_response();
if let Err(error) = response.add_cookie(&cookie) {
error!("Unable to set cookie after validation: {}", error);
};
Ok(response)
},
db::ValidationResult::ValidationExpired =>
Ok(MessageTemplate {
user,
message: "The validation has expired. Try to sign up again.",
}.to_response()),
db::ValidationResult::UnknownUser =>
Ok(MessageTemplate {
user,
message: "Validation error.",
}.to_response()),
}
},
None => {
Ok(MessageTemplate {
user,
message: &format!("No token provided"),
}.to_response())
},
}
}
///// SIGN IN /////
#[derive(Template)]
#[template(path = "sign_in_form.html")]
struct SignInFormTemplate {
user: Option<User>,
email: String,
message: String,
}
#[get("/signin")]
pub async fn sign_in_get(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let user = get_current_user(&req, connection.clone()).await;
SignInFormTemplate {
user,
email: String::new(),
message: String::new(),
}
}
#[derive(Deserialize)]
pub struct SignInFormData {
email: String,
password: String,
}
enum SignInError {
AccountNotValidated,
AuthenticationFailed,
}
#[post("/signin")]
pub async fn sign_in_post(req: HttpRequest, form: web::Form<SignInFormData>, connection: web::Data<db::Connection>) -> Result<HttpResponse> {
fn error_response(error: SignInError, form: &web::Form<SignInFormData>, user: Option<User>) -> Result<HttpResponse> {
Ok(SignInFormTemplate {
user,
email: form.email.clone(),
message:
match error {
SignInError::AccountNotValidated => "This account must be validated first",
SignInError::AuthenticationFailed => "Wrong email or password",
}.to_string(),
}.to_response())
}
let user = get_current_user(&req, connection.clone()).await;
let (client_ip, client_user_agent) = get_ip_and_user_agent(&req);
match connection.sign_in_async(&form.email, &form.password, &client_ip, &client_user_agent).await {
Ok(db::SignInResult::AccountNotValidated) =>
error_response(SignInError::AccountNotValidated, &form, user),
Ok(db::SignInResult::UserNotFound) | Ok(db::SignInResult::WrongPassword) => {
error_response(SignInError::AuthenticationFailed, &form, user)
},
Ok(db::SignInResult::Ok(token, user_id)) => {
let cookie = Cookie::new(consts::COOKIE_AUTH_TOKEN_NAME, token);
let mut response =
HttpResponse::Found()
.insert_header((header::LOCATION, "/"))
.finish();
if let Err(error) = response.add_cookie(&cookie) {
error!("Unable to set cookie after sign in: {}", error);
};
Ok(response)
},
Err(error) => {
error!("Signin error: {}", error);
error_response(SignInError::AuthenticationFailed, &form, user)
},
}
}
///// SIGN OUT /////
#[get("/signout")]
pub async fn sign_out(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let mut response =
HttpResponse::Found()
.insert_header((header::LOCATION, "/"))
.finish();
if let Some(token_cookie) = req.cookie(consts::COOKIE_AUTH_TOKEN_NAME) {
if let Err(error) = connection.sign_out_async(token_cookie.value()).await {
error!("Unable to sign out: {}", error);
};
if let Err(error) = response.add_removal_cookie(&Cookie::new(consts::COOKIE_AUTH_TOKEN_NAME, "")) {
error!("Unable to set a removal cookie after sign out: {}", error);
};
};
response
}
pub async fn not_found(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
let user = get_current_user(&req, connection.clone()).await;
MessageTemplate {
user,
message: "404: Not found",
}
}

11
backend/src/utils.rs Normal file
View file

@ -0,0 +1,11 @@
use log::error;
pub fn unwrap_print_err<T, E>(r: Result<T, E>) -> T
where
E: std::fmt::Debug
{
if let Err(ref error) = r {
error!("{:?}", error);
}
r.unwrap()
}

13
backend/templates/base.html
View file

@ -8,18 +8,7 @@
</head>
<body>
<div class="header-container">
<h1><a href="/">~~ Recettes de cuisine ~~</a></h1>
{% match user %}
{% when Some with (user) %}
<div>{{ user.email }} / <a href="/signout" />Sign out</a></div>
{% when None %}
<div><a href="/signin" >Sign in</a> / <a href="/signup">Sign up</a></div>
{% endmatch %}
</div>
<div class="main-container">
{% block main_container %}{% endblock %}
</div>
{% block body_container %}{% endblock %}
<div class="footer-container">gburri - 2022</div>
</body>
</html>

16
backend/templates/base_with_header.html Normal file
View file

@ -0,0 +1,16 @@
{% extends "base.html" %}
{% block body_container %}
<div class="header-container">
<h1><a href="/">~~ Recettes de cuisine ~~</a></h1>
{% match user %}
{% when Some with (user) %}
<div>{{ user.email }} / <a href="/signout" />Sign out</a></div>
{% when None %}
<div><a href="/signin" >Sign in</a> / <a href="/signup">Sign up</a></div>
{% endmatch %}
</div>
<div class="main-container">
{% block main_container %}{% endblock %}
</div>
{% endblock %}

18
backend/templates/base_with_list.html
View file

@ -1,10 +1,24 @@
{% extends "base.html" %}
{% extends "base_with_header.html" %}
{% block main_container %}
<div class="list">
<ul>
{% for (id, title) in recipes %}
<li><a href="/recipe/view/{{ id }}">{{ title }}</a></li>
<li>
{% let item_html = "<a href=\"/recipe/view/{}\">{}</a>"|format(id, title) %}
{% match current_recipe_id %}
{# Don't know how to avoid repetition: comparing (using '==' or .eq()) current_recipe_id.unwrap() and id doesn't work. Guards for match don't exist.
See: https://github.com/djc/askama/issues/752 #}
{% when Some (current_id) %}
{% if current_id == id %}
[{{ item_html|escape("none") }}]
{% else %}
{{ item_html|escape("none") }}
{% endif %}
{% when None %}
{{ item_html|escape("none") }}
{% endmatch %}
</li>
{% endfor %}
</ul>
</div>

6
backend/templates/message.html
View file

@ -1,7 +1,7 @@
{% extends "base_with_list.html" %}
{% extends "base_with_header.html" %}
{% block content %}
{% block main_container %}
{{ message }}
{{ message|markdown }}
{% endblock %}

6
backend/templates/message_base.html Normal file
View file

@ -0,0 +1,6 @@
{% extends "base.html" %}
{% block body_container %}
{% include "title.html" %}
{{ message|markdown }}
{% endblock %}

2
backend/templates/sign_in_form.html
View file

@ -1,4 +1,4 @@
{% extends "base.html" %}
{% extends "base_with_header.html" %}
{% block main_container %}
<div class="content">

2
backend/templates/sign_up_form.html
View file

@ -1,4 +1,4 @@
{% extends "base.html" %}
{% extends "base_with_header.html" %}
{% block main_container %}
<div class="content">

1
backend/templates/title.html Normal file
View file

@ -0,0 +1 @@
<h1><a href="/">~~ Recettes de cuisine ~~</a></h1>