Admin dashboard and sessions

2025-09-01 03:08:43 +02:00
parent 3dce578ba0
commit d96a401d99
24 changed files with 810 additions and 56 deletions
--- a/src/startup.rs
+++ b/src/startup.rs
@@ -3,15 +3,20 @@ use axum::{
    Router,
    extract::MatchedPath,
    http::Request,
+    middleware,
    routing::{get, post},
 };
 use axum_messages::MessagesManagerLayer;
-use secrecy::SecretString;
+use secrecy::{ExposeSecret, SecretString};
 use sqlx::{PgPool, postgres::PgPoolOptions};
 use std::sync::Arc;
 use tokio::net::TcpListener;
 use tower_http::trace::TraceLayer;
-use tower_sessions::{MemoryStore, SessionManagerLayer};
+use tower_sessions::SessionManagerLayer;
+use tower_sessions_redis_store::{
+    RedisStore,
+    fred::prelude::{ClientLike, Config, Pool},
+};
 use uuid::Uuid;

 pub struct Application {
@@ -37,11 +42,24 @@ impl Application {
        let connection_pool =
            PgPoolOptions::new().connect_lazy_with(configuration.database.with_db());
        let email_client = EmailClient::new(configuration.email_client);
+        let pool = Pool::new(
+            Config::from_url(configuration.redis_uri.expose_secret())
+                .expect("Failed to parse Redis URL string"),
+            None,
+            None,
+            None,
+            6,
+        )
+        .unwrap();
+        pool.connect();
+        pool.wait_for_connect().await.unwrap();
+        let redis_store = RedisStore::new(pool);
        let router = app(
            connection_pool,
            email_client,
            configuration.application.base_url,
            configuration.application.hmac_secret,
+            redis_store,
        );
        Ok(Self { listener, router })
    }
@@ -61,6 +79,7 @@ pub fn app(
    email_client: EmailClient,
    base_url: String,
    hmac_secret: SecretString,
+    redis_store: RedisStore<Pool>,
 ) -> Router {
    let app_state = AppState {
        connection_pool,
@@ -68,6 +87,11 @@ pub fn app(
        base_url,
        hmac_secret,
    };
+    let admin_routes = Router::new()
+        .route("/dashboard", get(admin_dashboard))
+        .route("/password", get(change_password_form).post(change_password))
+        .route("/logout", post(logout))
+        .layer(middleware::from_fn(require_auth));
    Router::new()
        .route("/", get(home))
        .route("/login", get(get_login).post(post_login))
@@ -75,6 +99,7 @@ pub fn app(
        .route("/subscriptions", post(subscribe))
        .route("/subscriptions/confirm", get(confirm))
        .route("/newsletters", post(publish_newsletter))
+        .nest("/admin", admin_routes)
        .layer(
            TraceLayer::new_for_http().make_span_with(|request: &Request<_>| {
                let matched_path = request
@@ -93,6 +118,6 @@ pub fn app(
            }),
        )
        .layer(MessagesManagerLayer)
-        .layer(SessionManagerLayer::new(MemoryStore::default()))
+        .layer(SessionManagerLayer::new(redis_store).with_secure(false))
        .with_state(app_state)
 }