Compare commits
2 Commits
41bbfa14f3
...
6010b0b07f
Author | SHA1 | Date |
---|---|---|
Savanni D'Gerinel | 6010b0b07f | |
Savanni D'Gerinel | 9c75c84720 |
|
@ -88,21 +88,24 @@ pub async fn handle_auth(
|
||||||
form: HashMap<String, String>,
|
form: HashMap<String, String>,
|
||||||
) -> Result<http::Response<String>, Error> {
|
) -> Result<http::Response<String>, Error> {
|
||||||
match form.get("token") {
|
match form.get("token") {
|
||||||
Some(token) => match app.authenticate(AuthToken::from(token.clone())).await {
|
Some(token) => {
|
||||||
Ok(Some(session_token)) => Response::builder()
|
println!("token: {:?}", token);
|
||||||
.header("location", "/")
|
match app.authenticate(AuthToken::from(token.clone())).await {
|
||||||
.header(
|
Ok(Some(session_token)) => Response::builder()
|
||||||
"set-cookie",
|
.header("location", "/")
|
||||||
format!(
|
.header(
|
||||||
"session={}; Secure; HttpOnly; SameSite=Strict",
|
"set-cookie",
|
||||||
*session_token
|
format!(
|
||||||
),
|
"session={}; Secure; HttpOnly; SameSite=Strict",
|
||||||
)
|
*session_token
|
||||||
.status(StatusCode::SEE_OTHER)
|
),
|
||||||
.body("".to_owned()),
|
)
|
||||||
Ok(None) => render_auth_page(Some("no user found".to_owned())),
|
.status(StatusCode::SEE_OTHER)
|
||||||
Err(_) => render_auth_page(Some("invalid auth token".to_owned())),
|
.body("".to_owned()),
|
||||||
},
|
Ok(None) => render_auth_page(Some("no user found".to_owned())),
|
||||||
|
Err(_) => render_auth_page(Some("invalid auth token".to_owned())),
|
||||||
|
}
|
||||||
|
}
|
||||||
None => render_auth_page(Some("no token available".to_owned())),
|
None => render_auth_page(Some("no token available".to_owned())),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -134,6 +137,25 @@ pub async fn handle_upload(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn handle_delete(
|
||||||
|
app: App,
|
||||||
|
token: SessionToken,
|
||||||
|
id: FileId,
|
||||||
|
) -> Result<http::Response<String>, Error> {
|
||||||
|
match app.validate_session(token).await {
|
||||||
|
Ok(Some(_)) => match app.delete_file(id).await {
|
||||||
|
Ok(_) => Response::builder()
|
||||||
|
.header("location", "/")
|
||||||
|
.status(StatusCode::SEE_OTHER)
|
||||||
|
.body("".to_owned()),
|
||||||
|
Err(_) => unimplemented!(),
|
||||||
|
},
|
||||||
|
_ => Response::builder()
|
||||||
|
.status(StatusCode::UNAUTHORIZED)
|
||||||
|
.body("".to_owned()),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fn serve_file<F>(
|
fn serve_file<F>(
|
||||||
info: FileInfo,
|
info: FileInfo,
|
||||||
file: F,
|
file: F,
|
||||||
|
|
|
@ -74,7 +74,7 @@ impl Html for Form {
|
||||||
None => "".to_owned(),
|
None => "".to_owned(),
|
||||||
};
|
};
|
||||||
format!(
|
format!(
|
||||||
"<form action=\"{path}\" method=\"{method}\" {encoding}\n{elements}\n</form>\n",
|
"<form action=\"{path}\" method=\"{method}\" {encoding}>\n{elements}\n</form>\n",
|
||||||
path = self.path,
|
path = self.path,
|
||||||
method = self.method,
|
method = self.method,
|
||||||
encoding = encoding,
|
encoding = encoding,
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
mod store;
|
mod store;
|
||||||
|
|
||||||
pub use store::{
|
pub use store::{
|
||||||
AuthDB, AuthError, AuthToken, FileHandle, FileId, FileInfo, ReadFileError, SessionToken, Store,
|
AuthDB, AuthError, AuthToken, DeleteFileError, FileHandle, FileId, FileInfo, ReadFileError,
|
||||||
Username, WriteFileError,
|
SessionToken, Store, Username, WriteFileError,
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
extern crate log;
|
extern crate log;
|
||||||
|
|
||||||
use cookie::Cookie;
|
use cookie::Cookie;
|
||||||
use handlers::{file, handle_auth, handle_css, handle_upload, thumbnail};
|
use handlers::{file, handle_auth, handle_css, handle_delete, handle_upload, thumbnail};
|
||||||
use std::{
|
use std::{
|
||||||
collections::{HashMap, HashSet},
|
collections::{HashMap, HashSet},
|
||||||
convert::Infallible,
|
convert::Infallible,
|
||||||
|
@ -19,8 +19,8 @@ mod pages;
|
||||||
const MAX_UPLOAD: u64 = 15 * 1024 * 1024;
|
const MAX_UPLOAD: u64 = 15 * 1024 * 1024;
|
||||||
|
|
||||||
pub use file_service::{
|
pub use file_service::{
|
||||||
AuthDB, AuthError, AuthToken, FileHandle, FileId, FileInfo, ReadFileError, SessionToken, Store,
|
AuthDB, AuthError, AuthToken, DeleteFileError, FileHandle, FileId, FileInfo, ReadFileError,
|
||||||
Username, WriteFileError,
|
SessionToken, Store, Username, WriteFileError,
|
||||||
};
|
};
|
||||||
pub use handlers::handle_index;
|
pub use handlers::handle_index;
|
||||||
|
|
||||||
|
@ -64,6 +64,11 @@ impl App {
|
||||||
) -> Result<FileHandle, WriteFileError> {
|
) -> Result<FileHandle, WriteFileError> {
|
||||||
self.store.write().await.add_file(filename, content)
|
self.store.write().await.add_file(filename, content)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn delete_file(&self, id: FileId) -> Result<(), DeleteFileError> {
|
||||||
|
self.store.write().await.delete_file(&id)?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn with_app(app: App) -> impl Filter<Extract = (App,), Error = Infallible> + Clone {
|
fn with_app(app: App) -> impl Filter<Extract = (App,), Error = Infallible> + Clone {
|
||||||
|
@ -134,6 +139,12 @@ pub async fn main() {
|
||||||
.and(warp::multipart::form().max_length(MAX_UPLOAD))
|
.and(warp::multipart::form().max_length(MAX_UPLOAD))
|
||||||
.then(handle_upload);
|
.then(handle_upload);
|
||||||
|
|
||||||
|
let delete_via_form = warp::path!("delete" / String)
|
||||||
|
.and(warp::post())
|
||||||
|
.and(with_app(app.clone()))
|
||||||
|
.and(with_session())
|
||||||
|
.then(|id, app, token| handle_delete(app, token, FileId::from(id)));
|
||||||
|
|
||||||
let thumbnail = warp::path!(String / "tn")
|
let thumbnail = warp::path!(String / "tn")
|
||||||
.and(warp::get())
|
.and(warp::get())
|
||||||
.and(warp::header::optional::<String>("if-none-match"))
|
.and(warp::header::optional::<String>("if-none-match"))
|
||||||
|
@ -150,6 +161,7 @@ pub async fn main() {
|
||||||
root.or(styles)
|
root.or(styles)
|
||||||
.or(auth)
|
.or(auth)
|
||||||
.or(upload_via_form)
|
.or(upload_via_form)
|
||||||
|
.or(delete_via_form)
|
||||||
.or(thumbnail)
|
.or(thumbnail)
|
||||||
.or(file)
|
.or(file)
|
||||||
.with(log),
|
.with(log),
|
||||||
|
|
|
@ -102,9 +102,8 @@ pub fn thumbnail(info: &FileInfo) -> Container {
|
||||||
)
|
)
|
||||||
.with_html(
|
.with_html(
|
||||||
Form::new()
|
Form::new()
|
||||||
.with_path(&format!("/{}", *info.id))
|
.with_path(&format!("/delete/{}", *info.id))
|
||||||
.with_method("post")
|
.with_method("post")
|
||||||
.with_html(Input::new("hidden", "_method").with_value("delete"))
|
|
||||||
.with_html(Button::new("Delete")),
|
.with_html(Button::new("Delete")),
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
|
@ -53,9 +53,6 @@ pub enum ReadFileError {
|
||||||
#[error("permission denied")]
|
#[error("permission denied")]
|
||||||
PermissionDenied,
|
PermissionDenied,
|
||||||
|
|
||||||
#[error("invalid path")]
|
|
||||||
InvalidPath,
|
|
||||||
|
|
||||||
#[error("JSON error")]
|
#[error("JSON error")]
|
||||||
JSONError(#[from] serde_json::error::Error),
|
JSONError(#[from] serde_json::error::Error),
|
||||||
|
|
||||||
|
@ -63,6 +60,36 @@ pub enum ReadFileError {
|
||||||
IOError(#[from] std::io::Error),
|
IOError(#[from] std::io::Error),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Error)]
|
||||||
|
pub enum DeleteFileError {
|
||||||
|
#[error("file not found")]
|
||||||
|
FileNotFound(PathBuf),
|
||||||
|
|
||||||
|
#[error("metadata path is not a file")]
|
||||||
|
NotAFile,
|
||||||
|
|
||||||
|
#[error("cannot read metadata")]
|
||||||
|
PermissionDenied,
|
||||||
|
|
||||||
|
#[error("invalid metadata path")]
|
||||||
|
MetadataParseError(serde_json::error::Error),
|
||||||
|
|
||||||
|
#[error("IO error")]
|
||||||
|
IOError(#[from] std::io::Error),
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<ReadFileError> for DeleteFileError {
|
||||||
|
fn from(err: ReadFileError) -> Self {
|
||||||
|
match err {
|
||||||
|
ReadFileError::FileNotFound(path) => DeleteFileError::FileNotFound(path),
|
||||||
|
ReadFileError::NotAFile => DeleteFileError::NotAFile,
|
||||||
|
ReadFileError::PermissionDenied => DeleteFileError::PermissionDenied,
|
||||||
|
ReadFileError::JSONError(err) => DeleteFileError::MetadataParseError(err),
|
||||||
|
ReadFileError::IOError(err) => DeleteFileError::IOError(err),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Debug, Error)]
|
#[derive(Debug, Error)]
|
||||||
pub enum AuthError {
|
pub enum AuthError {
|
||||||
#[error("authentication token is duplicated")]
|
#[error("authentication token is duplicated")]
|
||||||
|
@ -369,7 +396,7 @@ impl Store {
|
||||||
FileHandle::load(id, &self.files_root)
|
FileHandle::load(id, &self.files_root)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn delete_file(&mut self, id: &FileId) -> Result<(), WriteFileError> {
|
pub fn delete_file(&mut self, id: &FileId) -> Result<(), DeleteFileError> {
|
||||||
let handle = FileHandle::load(id, &self.files_root)?;
|
let handle = FileHandle::load(id, &self.files_root)?;
|
||||||
handle.delete();
|
handle.delete();
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
Loading…
Reference in New Issue