nettika/projects
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Auth protect endpoints

Browse source
This commit is contained in:
Nettika 2026-01-25 16:03:43 -08:00
parent a00671115e
commit dc167fd8a0
No known key found for this signature in database
2 changed files with 22 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
TODO.md
View file

@ -14,7 +14,7 @@
[x] Create a `GET /login` endpoint that returns a simple HTML login form (username and password fields). [x] Create a `GET /login` endpoint that returns a simple HTML login form (username and password fields).
[x] Add a rouille::session manager to set a session cookie. [x] Add a rouille::session manager to set a session cookie.
[x] Create a `POST /login` endpoint that validates credentials against USERNAME and PASSWORD environment variables. [x] Create a `POST /login` endpoint that validates credentials against USERNAME and PASSWORD environment variables.
[ ] Protect write endpoints (POST /projects, and any future write operations) with authentication. Redirect to /login if not authenticated. [x] Protect write endpoints (POST /projects, and any future write operations) with authentication. Redirect to /login if not authenticated.
[ ] Add a login button to the front page (GET /projects) that links to /login. [ ] Add a login button to the front page (GET /projects) that links to /login.
[ ] When logged in, show a "Create Project" button on the front page that links to /new-project. [ ] When logged in, show a "Create Project" button on the front page that links to /new-project.
[ ] When logged in, add an edit icon to each project-card web component. Clicking the icon opens a dialog with a form to update the progress percentage and archive/unarchive the project. [ ] When logged in, add an edit icon to each project-card web component. Clicking the icon opens a dialog with a form to update the progress percentage and archive/unarchive the project.

23
src/main.rs
View file

@ -35,16 +35,35 @@ fn main() {
rouille::Response::from_data("application/javascript", js.as_ref()) rouille::Response::from_data("application/javascript", js.as_ref())
}, },
(GET) ["/projects"] => display_projects(), (GET) ["/projects"] => display_projects(),
(GET) ["/new-project"] => new_project_form(), (GET) ["/new-project"] => {
if is_authenticated(session, &authenticated_sessions) {
new_project_form()
} else {
rouille::Response::redirect_302("/login")
}
},
(GET) ["/login"] => login_form(), (GET) ["/login"] => login_form(),
(POST) ["/login"] => handle_login(request, session, &authenticated_sessions), (POST) ["/login"] => handle_login(request, session, &authenticated_sessions),
(POST) ["/projects"] => create_project(request), (POST) ["/projects"] => {
if is_authenticated(session, &authenticated_sessions) {
create_project(request)
} else {
rouille::Response::redirect_302("/login")
}
},
_ => rouille::Response::empty_404() _ => rouille::Response::empty_404()
) )
}) })
}); });
} }
fn is_authenticated(session: &session::Session, authenticated_sessions: &Mutex<HashSet<String>>) -> bool {
authenticated_sessions
.lock()
.map(|sessions| sessions.contains(session.id()))
.unwrap_or(false)
}
fn display_projects() -> rouille::Response { fn display_projects() -> rouille::Response {
let projects = db::list_all_projects().unwrap_or_default(); let projects = db::list_all_projects().unwrap_or_default();