jmarya/based
jmarya/based
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: jmarya:86dbdcf75df7fb6ce1d9c312ca640b1a4541763c
Branches Tags
jmarya:main
jmarya:owl
jmarya:sqlite
..
compare: jmarya:901af1c43c4e85ff9e3e053fda72b8f1f40a7620
Branches Tags
jmarya:owl
jmarya:main
jmarya:sqlite

2 commits
86dbdcf75d ... 901af1c43c

Author SHA1 Message Date
JMARyA
901af1c43c
update csrf
All checks were successful
ci/woodpecker/push/test Pipeline was successful
Details
2025-01-08 20:46:01 +01:00
JMARyA
dde84caa53
update 2025-01-08 20:42:43 +01:00
3 changed files with 25 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/auth/csrf.rs
View file

@ -1,3 +1,5 @@
use maud::{PreEscaped, html};
use super::User;
use crate::get_pg;
use std::str::FromStr;
@ -5,9 +7,17 @@ use std::str::FromStr;
pub trait CSRF {
fn get_csrf(&self) -> impl std::future::Future<Output = uuid::Uuid>;
fn verify_csrf(&self, csrf: &str) -> impl std::future::Future<Output = bool>;
fn update_csrf(&self) -> impl std::future::Future<Output = PreEscaped<String>>;
}
impl CSRF for User {
/// Javascript to update the `value` of an element with id `csrf`.
///
/// This is useful for htmx requests to update the CSRF token in place.
async fn update_csrf(&self) -> PreEscaped<String> {
html! { script { (format!("document.getElementById('csrf').value = '{}';", self.get_csrf().await)) }; }
}
/// Get CSRF Token for the current session
async fn get_csrf(&self) -> uuid::Uuid {
let res: (uuid::Uuid,) = sqlx::query_as("SELECT csrf FROM user_session WHERE token = $1")
@ -21,7 +31,7 @@ impl CSRF for User {
/// Verify CSRF and generate a new one
async fn verify_csrf(&self, csrf: &str) -> bool {
if self.get_csrf().await == uuid::Uuid::from_str(csrf).unwrap() {
if self.get_csrf().await == uuid::Uuid::from_str(csrf).unwrap_or_default() {
sqlx::query("UPDATE user_session SET csrf = gen_random_uuid() WHERE token = $1")
.bind(&self.session)
.execute(get_pg!())

17
src/format.rs
View file

@ -36,12 +36,23 @@ pub fn format_date(date: &chrono::NaiveDate) -> String {
///
/// let number = 12345;
/// let formatted = format_number(number);
/// assert_eq!(formatted, "12345");
/// assert_eq!(formatted, "12.345");
/// ```
#[must_use]
pub fn format_number(num: i32) -> String {
// TODO : Implement custom formatting
num.to_string()
let mut str = num.to_string();
let mut result = String::new();
str = str.chars().rev().collect();
for (i, c) in str.chars().enumerate() {
if i != 0 && i % 3 == 0 {
result.push('.');
}
result.push(c);
}
result.chars().rev().collect()
}
/// Converts a number of seconds into a formatted string in `HH:MM:SS` or `MM:SS` format.

1
src/lib.rs
View file

@ -8,7 +8,6 @@ pub mod page;
pub mod request;
pub mod result;
// TODO : API Pagination?
// TODO : CORS?
// Postgres