BasicOIDC/src/controllers/login_controller.rs

use actix::Addr;
use actix_identity::Identity;
use actix_web::{HttpResponse, Responder, web};
use askama::Template;

use crate::actors::users_actor::{LoginResult, UsersActor};
use crate::actors::users_actor;
use crate::constants::APP_NAME;
use crate::controllers::base_controller::redirect_user;
use crate::data::session_identity::SessionIdentity;

#[derive(Template)]
#[template(path = "base_login_page.html")]
struct BaseLoginPage {
    danger: String,
    success: String,
    page_title: &'static str,
    app_name: &'static str,
}

#[derive(Template)]
#[template(path = "login.html")]
struct LoginTemplate {
    _parent: BaseLoginPage,
    login: String,
}

#[derive(serde::Deserialize)]
pub struct LoginRequestBody {
    login: String,
    password: String,
}

#[derive(serde::Deserialize)]
pub struct LoginRequestQuery {
    logout: Option<bool>,
}

/// Authenticate user
pub async fn login_route(users: web::Data<Addr<UsersActor>>,
                         query: web::Query<LoginRequestQuery>,
                         req: Option<web::Form<LoginRequestBody>>,
                         id: Identity) -> impl Responder {
    let mut danger = String::new();
    let mut success = String::new();
    let mut login = String::new();

    // Check if user session must be closed
    if let Some(true) = query.logout {
        id.forget();
        success = "Goodbye!".to_string();
    }

    // Check if user is already authenticated
    if SessionIdentity::is_authenticated(&id) {
        return redirect_user("/");
    }

    // Try to authenticate user
    if let Some(req) = &req {
        // TODO : check request origin

        login = req.login.clone();
        let response: LoginResult = users.send(users_actor::LoginRequest {
            login: login.clone(),
            password: req.password.clone(),
        }).await.unwrap();

        match response {
            LoginResult::Success(user) => {
                id.remember(SessionIdentity::from_user(&user).serialize());

                return redirect_user("/");
            }

            c => {
                // TODO : add bruteforce detection
                log::warn!("Failed login for username {} : {:?}", login, c);
                danger = "Login failed.".to_string();
            }
        }
    }


    HttpResponse::Ok()
        .content_type("text/html")
        .body(LoginTemplate {
            _parent: BaseLoginPage {
                page_title: "Login",
                danger,
                success,
                app_name: APP_NAME,
            },
            login,
        }.render().unwrap())
}

/// Sign out user
pub async fn logout_route() -> impl Responder {
    redirect_user("/login?logout=true")
}
Add communication with user actor 2022-03-30 10:41:22 +00:00			`use actix::Addr;`
Add actix-identity crate 2022-03-30 14:58:00 +00:00			`use actix_identity::Identity;`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`use actix_web::{HttpResponse, Responder, web};`
Ready to implement login page 2022-03-30 08:29:10 +00:00			`use askama::Template;`

Add communication with user actor 2022-03-30 10:41:22 +00:00			`use crate::actors::users_actor::{LoginResult, UsersActor};`
			`use crate::actors::users_actor;`
Ready to implement login page 2022-03-30 08:29:10 +00:00			`use crate::constants::APP_NAME;`
Redirect user after successful login 2022-04-01 16:59:17 +00:00			`use crate::controllers::base_controller::redirect_user;`
			`use crate::data::session_identity::SessionIdentity;`
Ready to implement login page 2022-03-30 08:29:10 +00:00
Display login page 2022-03-30 09:00:20 +00:00			`#[derive(Template)]`
			`#[template(path = "base_login_page.html")]`
			`struct BaseLoginPage {`
			`danger: String,`
			`success: String,`
			`page_title: &'static str,`
			`app_name: &'static str,`
			`}`

Ready to implement login page 2022-03-30 08:29:10 +00:00			`#[derive(Template)]`
			`#[template(path = "login.html")]`
Display login page 2022-03-30 09:00:20 +00:00			`struct LoginTemplate {`
			`_parent: BaseLoginPage,`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`login: String,`
Ready to implement login page 2022-03-30 08:29:10 +00:00			`}`

Add communication with user actor 2022-03-30 10:41:22 +00:00			`#[derive(serde::Deserialize)]`
User can sign out 2022-04-01 17:05:40 +00:00			`pub struct LoginRequestBody {`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`login: String,`
			`password: String,`
			`}`

User can sign out 2022-04-01 17:05:40 +00:00			`#[derive(serde::Deserialize)]`
			`pub struct LoginRequestQuery {`
			`logout: Option<bool>,`
			`}`

Add communication with user actor 2022-03-30 10:41:22 +00:00			`/// Authenticate user`
			`pub async fn login_route(users: web::Data<Addr<UsersActor>>,`
User can sign out 2022-04-01 17:05:40 +00:00			`query: web::Query<LoginRequestQuery>,`
			`req: Option<web::Form<LoginRequestBody>>,`
Add actix-identity crate 2022-03-30 14:58:00 +00:00			`id: Identity) -> impl Responder {`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`let mut danger = String::new();`
User can sign out 2022-04-01 17:05:40 +00:00			`let mut success = String::new();`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`let mut login = String::new();`

User can sign out 2022-04-01 17:05:40 +00:00			`// Check if user session must be closed`
			`if let Some(true) = query.logout {`
			`id.forget();`
			`success = "Goodbye!".to_string();`
			`}`

Redirect user after successful login 2022-04-01 16:59:17 +00:00			`// Check if user is already authenticated`
			`if SessionIdentity::is_authenticated(&id) {`
			`return redirect_user("/");`
			`}`

Add communication with user actor 2022-03-30 10:41:22 +00:00			`// Try to authenticate user`
			`if let Some(req) = &req {`
Redirect user after successful login 2022-04-01 16:59:17 +00:00			`// TODO : check request origin`

Add communication with user actor 2022-03-30 10:41:22 +00:00			`login = req.login.clone();`
			`let response: LoginResult = users.send(users_actor::LoginRequest {`
			`login: login.clone(),`
			`password: req.password.clone(),`
			`}).await.unwrap();`

Redirect user after successful login 2022-04-01 16:59:17 +00:00			`match response {`
			`LoginResult::Success(user) => {`
			`id.remember(SessionIdentity::from_user(&user).serialize());`

			`return redirect_user("/");`
			`}`

			`c => {`
			`// TODO : add bruteforce detection`
			`log::warn!("Failed login for username {} : {:?}", login, c);`
			`danger = "Login failed.".to_string();`
			`}`
			`}`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`}`

Ready to implement login page 2022-03-30 08:29:10 +00:00
Display login page 2022-03-30 09:00:20 +00:00			`HttpResponse::Ok()`
			`.content_type("text/html")`
			`.body(LoginTemplate {`
			`_parent: BaseLoginPage {`
			`page_title: "Login",`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`danger,`
User can sign out 2022-04-01 17:05:40 +00:00			`success,`
Display login page 2022-03-30 09:00:20 +00:00			`app_name: APP_NAME,`
			`},`
Add communication with user actor 2022-03-30 10:41:22 +00:00			`login,`
Display login page 2022-03-30 09:00:20 +00:00			`}.render().unwrap())`
User can sign out 2022-04-01 17:05:40 +00:00			`}`

			`/// Sign out user`
			`pub async fn logout_route() -> impl Responder {`
			`redirect_user("/login?logout=true")`
Ready to implement login page 2022-03-30 08:29:10 +00:00			`}`