feat: set cookies on ok login request

2026-05-23 06:18:31 +00:00 · 2022-11-07 13:45:47 +01:00 · 2022-11-07 13:45:47 +01:00 · 6f608fc8df
commit 6f608fc8df
parent d65b92e3be
3 changed files with 29 additions and 6 deletions
--- a/api/Cargo.toml
+++ b/api/Cargo.toml
@ -7,6 +7,7 @@ publish = false
 [dependencies]
 rocket = { version = "^0.5.0-rc.2", features = [
  "json",
+  "secrets",
 ] }

 async-stream = { version = "^0.3" }
--- a/api/src/routes/admin.rs
+++ b/api/src/routes/admin.rs
@ -5,7 +5,7 @@ use portfolio_core::{
    services::{admin_service::AdminService, candidate_service::CandidateService},
 };
 use requests::{AdminLoginRequest, RegisterRequest};
-use rocket::http::Status;
+use rocket::http::{Cookie, Status, CookieJar};
 use rocket::response::status::Custom;
 use rocket::serde::json::Json;

@ -18,6 +18,7 @@ pub async fn login(
    conn: Connection<'_, Db>,
    login_form: Json<AdminLoginRequest>,
    ip_addr: SocketAddr,
+    cookies: &CookieJar<'_>,
 ) -> Result<String, Custom<String>> {
    let db = conn.into_inner();
    println!("{} {}", login_form.admin_id, login_form.password);
@ -30,7 +31,18 @@ pub async fn login(
    )
    .await;

-    session_token.map_err(|e| Custom(Status::from_code(e.code()).unwrap_or_default(), e.message()))
+    if let Err(e) = session_token {
+        return Err(Custom(
+            Status::from_code(e.code()).unwrap_or(Status::InternalServerError),
+            e.to_string(),
+        ));
+    } else {
+        let session_token = session_token.unwrap();
+        // Todo: Add private?
+        cookies.add(Cookie::new("id", session_token.clone()));
+
+        return Ok(session_token);
+    }
 }

 #[get("/whoami")]
--- a/api/src/routes/candidate.rs
+++ b/api/src/routes/candidate.rs
@ -2,7 +2,7 @@ use std::net::SocketAddr;

 use portfolio_core::services::candidate_service::{CandidateService, UserDetails};
 use requests::LoginRequest;
-use rocket::http::Status;
+use rocket::http::{Cookie, CookieJar, Status};
 use rocket::response::status::Custom;
 use rocket::serde::json::Json;

@ -15,6 +15,7 @@ pub async fn login(
    conn: Connection<'_, Db>,
    login_form: Json<LoginRequest>,
    ip_addr: SocketAddr,
+    cookies: &CookieJar<'_>,
 ) -> Result<String, Custom<String>> {
    let db = conn.into_inner();
    println!("{} {}", login_form.application_id, login_form.password);
@ -27,9 +28,19 @@ pub async fn login(
    )
    .await;

-    session_token.map_err(|e| Custom(Status::from_code(e.code()).unwrap_or_default(), e.message()))
-}
+    if let Err(e) = session_token {
+        return Err(Custom(
+            Status::from_code(e.code()).unwrap_or(Status::InternalServerError),
+            e.to_string(),
+        ));
+    } else {
+        let session_token = session_token.unwrap();
+        // Todo: Add private?
+        cookies.add(Cookie::new("id", session_token.clone()));

+        return Ok(session_token);
+    }
+}

 #[get("/whoami")]
 pub async fn whoami(session: CandidateAuth) -> Result<String, Custom<String>> {
@ -60,4 +71,3 @@ pub async fn fill_details(

    Ok("Details added".to_string())
 }
-