// SPDX-FileCopyrightText: 2024 Simon Bruder // // SPDX-License-Identifier: AGPL-3.0-or-later use actix_identity::Identity; use actix_web::{error, get, post, web, HttpMessage, HttpRequest, HttpResponse, Responder}; use maud::html; use serde::Deserialize; use super::templates; pub fn config(cfg: &mut web::ServiceConfig) { cfg.service(login_form).service(login).service(logout); } #[get("/login")] async fn login_form(req: HttpRequest, user: Option) -> HttpResponse { if user.is_some() { return web::Redirect::to("/") .see_other() .respond_to(&req) .map_into_boxed_body(); } templates::base( templates::TemplateConfig { path: "/login", title: Some("Login"), page_title: Some(Box::new("Login")), user, ..Default::default() }, html! { form .w-25.mb-4 method="POST" { div .mb-3 { label .form-label for="password" { "Password" }; input .form-control type="password" id="password" name="password"; } button .btn.btn-primary type="submit" { "Login" } } }, ) .respond_to(&req) .map_into_boxed_body() } #[derive(Deserialize)] struct LoginForm { password: String, } #[post("/login")] async fn login( req: HttpRequest, form: web::Form, ) -> Result { // Very basic authentication for now (only password, hardcoded in environment variable) if form.password == std::env::var("SUPERUSER_PASSWORD") .map_err(|_| error::ErrorInternalServerError("login disabled (no password set)"))? { Identity::login(&req.extensions(), "superuser".into()) .map_err(error::ErrorInternalServerError)?; Ok(web::Redirect::to("/".to_owned()).see_other()) } else { Ok(web::Redirect::to("/login".to_owned()).see_other()) } } #[post("/logout")] async fn logout(user: Identity) -> impl Responder { user.logout(); web::Redirect::to("/login".to_owned()).see_other() }