Edit posts

Use fix routes for user profile edit handles to make it easier when user decides to change his username

src/routes/users.rs

@@ -19,21 +19,12 @@ use secrecy::{ExposeSecret, SecretString};
 use sqlx::PgPool;
 use uuid::Uuid;
 
-pub async fn get_user_edit(
-    Path(username): Path<String>,
-    Extension(AuthenticatedUser {
-        user_id,
-        username: session_username,
-        ..
-    }): Extension<AuthenticatedUser>,
+pub async fn user_edit_form(
+    Extension(AuthenticatedUser { user_id, .. }): Extension<AuthenticatedUser>,
     State(AppState {
         connection_pool, ..
     }): State<AppState>,
 ) -> Result<Response, AppError> {
-    if username != session_username {
-        let template = HtmlTemplate(ErrorTemplate::Forbidden);
-        return Ok(template.into_response());
-    }
     let user = sqlx::query_as!(
         UserEntry,
         r#"
@@ -52,25 +43,26 @@ pub async fn get_user_edit(
 
 #[derive(serde::Deserialize)]
 pub struct EditProfileForm {
+    user_id: Uuid,
     username: String,
     full_name: String,
     bio: String,
 }
 
-pub async fn put_user_edit(
+#[tracing::instrument(name = "Updating user profile", skip_all, fields(user_id = %form.user_id))]
+pub async fn update_user(
     State(AppState {
         connection_pool, ..
     }): State<AppState>,
     session: TypedSession,
     Extension(AuthenticatedUser {
-        user_id,
+        user_id: session_user_id,
         username: session_username,
         ..
     }): Extension<AuthenticatedUser>,
-    Path(username): Path<String>,
     Form(form): Form<EditProfileForm>,
 ) -> Result<Response, AppError> {
-    if username != session_username {
+    if form.user_id != session_user_id {
         let template = HtmlTemplate(ErrorTemplate::Forbidden);
         return Ok(template.into_response());
     }
@@ -101,7 +93,7 @@ pub async fn put_user_edit(
         updated_username,
         updated_full_name,
         bio,
-        user_id
+        form.user_id
     )
     .execute(&connection_pool)
     .await