jmarya/based
jmarya/based
1
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: jmarya:901af1c43c4e85ff9e3e053fda72b8f1f40a7620
Branches Tags
jmarya:main
jmarya:owl
jmarya:sqlite
..
compare: jmarya:86dbdcf75df7fb6ce1d9c312ca640b1a4541763c
Branches Tags
jmarya:owl
jmarya:main
jmarya:sqlite

No commits in common. "901af1c43c4e85ff9e3e053fda72b8f1f40a7620" and "86dbdcf75df7fb6ce1d9c312ca640b1a4541763c" have entirely different histories.
901af1c43c ... 86dbdcf75d

3 changed files with 5 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/auth/csrf.rs
View file

@ -1,5 +1,3 @@
use maud::{PreEscaped, html};
use super::User; use super::User;
use crate::get_pg; use crate::get_pg;
use std::str::FromStr; use std::str::FromStr;
@ -7,17 +5,9 @@ use std::str::FromStr;
pub trait CSRF { pub trait CSRF {
fn get_csrf(&self) -> impl std::future::Future<Output = uuid::Uuid>; fn get_csrf(&self) -> impl std::future::Future<Output = uuid::Uuid>;
fn verify_csrf(&self, csrf: &str) -> impl std::future::Future<Output = bool>; fn verify_csrf(&self, csrf: &str) -> impl std::future::Future<Output = bool>;
fn update_csrf(&self) -> impl std::future::Future<Output = PreEscaped<String>>;
} }
impl CSRF for User { impl CSRF for User {
/// Javascript to update the `value` of an element with id `csrf`.
///
/// This is useful for htmx requests to update the CSRF token in place.
async fn update_csrf(&self) -> PreEscaped<String> {
html! { script { (format!("document.getElementById('csrf').value = '{}';", self.get_csrf().await)) }; }
}
/// Get CSRF Token for the current session /// Get CSRF Token for the current session
async fn get_csrf(&self) -> uuid::Uuid { async fn get_csrf(&self) -> uuid::Uuid {
let res: (uuid::Uuid,) = sqlx::query_as("SELECT csrf FROM user_session WHERE token = $1") let res: (uuid::Uuid,) = sqlx::query_as("SELECT csrf FROM user_session WHERE token = $1")
@ -31,7 +21,7 @@ impl CSRF for User {
/// Verify CSRF and generate a new one /// Verify CSRF and generate a new one
async fn verify_csrf(&self, csrf: &str) -> bool { async fn verify_csrf(&self, csrf: &str) -> bool {
if self.get_csrf().await == uuid::Uuid::from_str(csrf).unwrap_or_default() { if self.get_csrf().await == uuid::Uuid::from_str(csrf).unwrap() {
sqlx::query("UPDATE user_session SET csrf = gen_random_uuid() WHERE token = $1") sqlx::query("UPDATE user_session SET csrf = gen_random_uuid() WHERE token = $1")
.bind(&self.session) .bind(&self.session)
.execute(get_pg!()) .execute(get_pg!())

17
src/format.rs
View file

@ -36,23 +36,12 @@ pub fn format_date(date: &chrono::NaiveDate) -> String {
/// ///
/// let number = 12345; /// let number = 12345;
/// let formatted = format_number(number); /// let formatted = format_number(number);
/// assert_eq!(formatted, "12.345"); /// assert_eq!(formatted, "12345");
/// ``` /// ```
#[must_use] #[must_use]
pub fn format_number(num: i32) -> String { pub fn format_number(num: i32) -> String {
let mut str = num.to_string(); // TODO : Implement custom formatting
let mut result = String::new(); num.to_string()
str = str.chars().rev().collect();
for (i, c) in str.chars().enumerate() {
if i != 0 && i % 3 == 0 {
result.push('.');
}
result.push(c);
}
result.chars().rev().collect()
} }
/// Converts a number of seconds into a formatted string in `HH:MM:SS` or `MM:SS` format. /// Converts a number of seconds into a formatted string in `HH:MM:SS` or `MM:SS` format.

1
src/lib.rs
View file

@ -8,6 +8,7 @@ pub mod page;
pub mod request; pub mod request;
pub mod result; pub mod result;
// TODO : API Pagination?
// TODO : CORS? // TODO : CORS?
// Postgres // Postgres