From 63636d00ca56ee37f9cb9db3fece81d615e21a1a Mon Sep 17 00:00:00 2001
From: Yves Fischer <yvesf-git@xapek.org>
Date: Mon, 26 Nov 2018 12:33:37 +0100
Subject: Refactor html views

---
 src/request_handler/handler_login.rs | 71 ++++++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 src/request_handler/handler_login.rs

(limited to 'src/request_handler/handler_login.rs')

diff --git a/src/request_handler/handler_login.rs b/src/request_handler/handler_login.rs
new file mode 100644
index 0000000..bfa7016
--- /dev/null
+++ b/src/request_handler/handler_login.rs
@@ -0,0 +1,71 @@
+use std::io;
+use std::borrow::Cow;
+
+use tokio::prelude::*;
+
+use http::{Request, Response, StatusCode, Method};
+use http::header::{SET_COOKIE, COOKIE};
+use url::form_urlencoded;
+
+use ::ApplicationState;
+use ::totp;
+use super::*;
+
+pub(in super) fn GET<'a>(header_infos: &HeaderExtract, state: &ApplicationState, path_rest: &'a str)
+                         -> Response<String> {
+    if is_logged_in(&header_infos.cookies, &state.cookie_store) {
+        make_response(StatusCode::OK, views::login_is_logged_in())
+    } else {
+        make_response(StatusCode::OK, views::login_login_form(path_rest))
+    }
+}
+
+fn test_secrets(secrets: &Vec<&str>, token: &String) -> bool {
+    secrets.iter()
+        .any(|secret| {
+            match totp::verify(secret, token) {
+                Ok(true) => true,
+                Ok(false) => false,
+                Err(e) => {
+                    error!("Error from totp::verify: {}", e);
+                    false
+                }
+            }
+        })
+}
+
+pub(in super) fn POST<'a>(header_infos: &HeaderExtract, state: &ApplicationState, req: &Request<Bytes>)
+                          -> Response<String> {
+    let mut token = None;
+    let mut redirect = None;
+    for (key, val) in form_urlencoded::parse(req.body()) {
+        if key == "token" {
+            token = Some(val.into_owned())
+        } else if key == "redirect" {
+            redirect = Some(val.into_owned())
+        }
+    }
+    if token.is_none() {
+        return error_handler_internal("missing argument 'token'".to_string());
+    }
+    let redirect = redirect.unwrap_or(Default::default());
+
+    if header_infos.totp_secrets.is_empty() {
+        return error_handler_internal("no secrets configured".to_string())
+    }
+
+    let mut ret = Response::builder();
+    if test_secrets(&header_infos.totp_secrets, &token.unwrap()) {
+        let cookie_value = state.cookie_store.create_authenticated_cookie();
+        let cookie = CookieBuilder::new(COOKIE_NAME, cookie_value.to_string())
+            .http_only(true)
+            .path("/")
+            .max_age(state.cookie_max_age)
+            .finish();
+        ret.header(SET_COOKIE, cookie.to_string());
+        warn!("Authenticated user with cookie {}", cookie);
+        ret.body(views::login_auth_success(&redirect)).unwrap()
+    } else {
+        ret.body(views::login_auth_fail()).unwrap()
+    }
+}
\ No newline at end of file
-- 
cgit v1.2.1