gourami

[UNMAINTAINED] Activitypub server in Rust
Log | Files | Refs | README | LICENSE

commit 827614e9b9f185425dd8030f3e3cee6f153c0777
parent 0a428eacef6d0dde8bdf95b67d4c3d2b7ae7bc9c
Author: alex wennerberg <alex@alexwennerberg.com>
Date:   Sat, 18 Apr 2020 19:56:34 -0500

Some UI changes

Diffstat:
Mmigrations/2020-04-13-014917_initialize/up.sql | 8+++++---
Msrc/db/schema.rs | 4+++-
Msrc/db/status.rs | 3+--
Msrc/db/user.rs | 4++--
Msrc/lib.rs | 29+++++++++++++++++------------
Msrc/session.rs | 12++++--------
Mtemplates/base.html | 2+-
Mtemplates/timeline.html | 2+-
8 files changed, 34 insertions(+), 30 deletions(-)

diff --git a/migrations/2020-04-13-014917_initialize/up.sql b/migrations/2020-04-13-014917_initialize/up.sql @@ -4,7 +4,8 @@ CREATE TABLE users ( id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, username VARCHAR(255), password VARCHAR(255), - email VARCHAR(255) + email VARCHAR(255), + created_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); CREATE UNIQUE INDEX users_username_idx ON users (username); @@ -17,7 +18,8 @@ CREATE TABLE activities ( CREATE TABLE sessions ( id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, cookie VARCHAR NOT NULL, - user_id INTEGER NOT NULL REFERENCES users (id) + user_id INTEGER NOT NULL REFERENCES users (id), + created_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); -- media_attachments @@ -27,6 +29,6 @@ CREATE TABLE notes ( creator_id INTEGER, parent_id INTEGER, content TEXT, - published TEXT + created_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP ); diff --git a/src/db/schema.rs b/src/db/schema.rs @@ -4,7 +4,7 @@ table! { creator_id -> Integer, parent_id -> Nullable<Integer>, content -> Text, - published -> Timestamp, + created_time -> Timestamp, } } @@ -14,6 +14,7 @@ table! { username -> Text, password -> Text, email -> Text, + created_time -> Timestamp, } } @@ -22,6 +23,7 @@ table! { id -> Integer, cookie -> Text, user_id -> Integer, + created_time -> Timestamp, } } diff --git a/src/db/status.rs b/src/db/status.rs @@ -14,7 +14,7 @@ pub struct Note { pub creator_id: i32, pub parent_id: Option<i32>, pub content: String, - pub published: String, + pub created_time: String, } #[derive(Insertable, Clone)] @@ -24,6 +24,5 @@ pub struct NoteInput { pub creator_id: i32, pub parent_id: Option<i32>, pub content: String, // can we make this a slice? - pub published: String, // pub published: chrono::NaiveDateTime, } diff --git a/src/db/user.rs b/src/db/user.rs @@ -11,7 +11,7 @@ pub struct User { pub id: i32, pub username: String, pub email: String, - // created at, updated at + pub created_time: String, } @@ -24,7 +24,7 @@ impl User { use crate::db::schema::users::dsl::*; let (user, hash) = match users .filter(username.eq(user)) - .select(((id, username, email), password)) + .select(((id, username, email, created_time), password)) .first::<(User, String)>(conn) { Ok((user, hash)) => (user, hash), diff --git a/src/lib.rs b/src/lib.rs @@ -91,23 +91,27 @@ struct NewNoteRequest { note_input: String, // has to be String } -fn new_note(req: &NewNoteRequest) -> impl Reply { +fn new_note(auth_cookie: Option<String>, req: &NewNoteRequest) -> impl Reply { use db::schema::notes::dsl::*; // create activitypub activity object // TODO -- micropub? - let conn = establish_connection(); - let new_note = NoteInput{ - creator_id: 1, - parent_id: None, - published: String::from("now"), - content: req.note_input.clone(), // how to avoid clone here? - }; - insert_into(notes).values(new_note).execute(&conn).unwrap(); + if let Some(k) = auth_cookie { + let conn = establish_connection(); + let user = Session::from_key(&conn, &k).user.unwrap(); + let new_note = NoteInput{ + creator_id: user.id, + parent_id: None, + content: req.note_input.clone(), // how to avoid clone here? + }; + insert_into(notes).values(new_note).execute(&conn).unwrap(); + return warp::redirect::redirect(warp::http::Uri::from_static("/")) + } else { + return warp::redirect::redirect(warp::http::Uri::from_static("/")) + } // generate activitypub object from post request // send to outbox // if request made from web form - warp::redirect::redirect(warp::http::Uri::from_static("/")) } // ActivityPub outbox @@ -208,7 +212,7 @@ fn do_login(form: LoginForm) -> impl Reply { fn timeline(auth_cookie: Option<String>) -> impl Reply { // no session -- anonymous let conn = establish_connection(); - let session = Session::from_key(&conn, auth_cookie); + let session = Session::from_key(&conn, &auth_cookie.unwrap()); let global = Global::from_user(session.user); //ownership? use db::schema::notes::dsl::*; @@ -276,8 +280,9 @@ pub async fn run_server() { // TODO redirect via redirect in request // TODO secure against xss let create_note = warp::path("create_note") + .and(warp::filters::cookie::optional("EXAUTH")) .and(warp::body::form()) - .map(|note_req: NewNoteRequest| new_note(&note_req)); + .map(|auth_cookie, note_req: NewNoteRequest| new_note(auth_cookie, &note_req)); let delete_note = warp::path::param::<i32>() .and(warp::path("delete")) diff --git a/src/session.rs b/src/session.rs @@ -45,19 +45,15 @@ impl Session { } None } - pub fn from_key(conn: &SqliteConnection, sessionkey: Option<String>) -> Self { - debug!("{:?}", sessionkey); + pub fn from_key(conn: &SqliteConnection, sessionkey: &str) -> Self { use db::schema::sessions::dsl as s; use db::schema::users::dsl as u; - let (id, user) = sessionkey - .and_then(|sessionkey| { - u::users + let (id, user) = u::users .inner_join(s::sessions) - .select((s::id, (u::id, u::username, u::email))) - .filter(s::cookie.eq(&sessionkey)) + .select((s::id, (u::id, u::username, u::email, u::created_time))) + .filter(s::cookie.eq(sessionkey)) .first::<(i32, User)>(conn) .ok() - }) .map(|(i, u)| (Some(i), Some(u))) .unwrap_or((None, None)); diff --git a/templates/base.html b/templates/base.html @@ -18,7 +18,7 @@ </div> <div class="col-sm text-right"> {% if global.logged_in %} - <a href="/user/{{global.username}}">{{global.username}}</a> + <a href="/user/{{global.username}}">@{{global.username}}</a> {% else %} <a href="/register">register</a> | <a href="login">login</a> {% endif %} diff --git a/templates/timeline.html b/templates/timeline.html @@ -12,7 +12,7 @@ {% for note in notes %} <div class="row"> <div class="note"> - <a href="/note/{{note.id}}">#{{note.id}}</a> {{note.published}} | {{note.content}} + <a href="/note/{{note.id}}">>{{note.id}}</a> {{note.created_time}} <a href="user/{{note.creator_id}}">@{{note.creator_id}}</a> | {{note.content}} <form method="post" action="/{{note.id}}/delete" class="inline"> <input type="hidden" name="extra_submit_param" value="extra_submit_value"> <button type="submit" name="submit_param" value="submit_value" class="link-button">