Admin dashboard and sessions

2025-09-01 03:08:43 +02:00
parent de1fc4a825
commit 6f6e6ab017
23 changed files with 809 additions and 56 deletions
--- a/src/routes/login.rs
+++ b/src/routes/login.rs
@@ -1,6 +1,7 @@
 use crate::{
    authentication::{AuthError, Credentials, validate_credentials},
    routes::error_chain_fmt,
+    session_state::TypedSession,
    startup::AppState,
 };
 use axum::{
@@ -63,11 +64,8 @@ pub async fn get_login(messages: Messages) -> impl IntoResponse {
    Html(format!(include_str!("login/login.html"), error_html))
 }

-#[tracing::instrument(
-    skip(connection_pool, form),
-    fields(username=tracing::field::Empty, user_id=tracing::field::Empty)
-)]
 pub async fn post_login(
+    session: TypedSession,
    messages: Messages,
    State(AppState {
        connection_pool, ..
@@ -75,20 +73,37 @@ pub async fn post_login(
    Form(form): Form<LoginFormData>,
 ) -> Result<Redirect, LoginError> {
    let credentials = Credentials {
-        username: form.username,
+        username: form.username.clone(),
        password: form.password,
    };
    tracing::Span::current().record("username", tracing::field::display(&credentials.username));
-    let user_id = validate_credentials(credentials, &connection_pool)
-        .await
-        .map_err(|e| match e {
-            AuthError::UnexpectedError(_) => LoginError::UnexpectedError(e.into()),
-            AuthError::InvalidCredentials(_) => {
-                let e = LoginError::AuthError(e.into());
-                messages.error(e.to_string());
-                e
-            }
-        })?;
-    tracing::Span::current().record("user_id", tracing::field::display(&user_id));
-    Ok(Redirect::to("/"))
+    match validate_credentials(credentials, &connection_pool).await {
+        Err(e) => {
+            let e = match e {
+                AuthError::UnexpectedError(_) => LoginError::UnexpectedError(e.into()),
+                AuthError::InvalidCredentials(_) => {
+                    let e = LoginError::AuthError(e.into());
+                    messages.error(e.to_string());
+                    e
+                }
+            };
+            Err(e)
+        }
+        Ok(user_id) => {
+            tracing::Span::current().record("user_id", tracing::field::display(&user_id));
+            session
+                .renew()
+                .await
+                .map_err(|e| LoginError::UnexpectedError(e.into()))?;
+            session
+                .insert_user_id(user_id)
+                .await
+                .map_err(|e| LoginError::UnexpectedError(e.into()))?;
+            session
+                .insert_username(form.username)
+                .await
+                .map_err(|e| LoginError::UnexpectedError(e.into()))?;
+            Ok(Redirect::to("/admin/dashboard"))
+        }
+    }
 }