Add auth info to password reset

O01eg

May 3, 2023, 8:35 PM

HBDTKI2BJX5JI3ALM5KQTDXFTI6HY2JZHEP4D6Y23WHY4ZUCX6LQC

Dependencies

• [2] LTQCLSBU Split database usage in pages
• [3] 4TRDTVC4 Fix login page
• [4] HZDCKIXQ Use constants for templates
• [5] GZNMGW5M Move footer to separate file
• [6] 6CFNBL5L Add headers for better security
• [7] WLWTNO4Y Create form to request game password change link
• [8] TRBYOQBI Check CSRF and user existence
• [*] FUCFD4UV Add log in and log out support

Change contents

• replacement in src/templates/query-reset-game-pwd.html at line 9
  [4.220]→[4.220:246](∅→∅)
  − <div class="navi">

  − </div>
  [4.220]

  [4.246]
  + {{> header}}
• edit in src/templates/login.html at line 28
  [10.1232]

  [3.50]
  + <form id="login-mastodon" action="login-mastodon.do" method="post">

  + <fieldset>

  + <legend>Social Auth with Mastodon (not yet supported)</legend>

  + <div>

  + <label for="login">Username:</label>

  + <input name="login" id="login" type="text" placeholder="Username" required autofocus />

  + </div>

  + <input name="csrf" type="hidden" value="{{ csrf }}">

  + <input name="submit" type="submit" value="Log In">

  + </fieldset>

  + </form>
• replacement in src/pages/query_reset_game_pwd.rs at line 2
  [4.1090]→[4.558:594](∅→∅),[4.557]→[4.558:594](∅→∅)
  − use actix_web::{web, HttpResponse};
  [4.1090]

  [4.594]
  + use actix_web::{web, HttpRequest, HttpResponse};
• edit in src/pages/query_reset_game_pwd.rs at line 4
  [4.595]→[4.104:147](∅→∅)
  − use crate::pages::insert_security_headers;
• edit in src/pages/query_reset_game_pwd.rs at line 5
  [4.646]

  [2.650]
  + use crate::pages::{insert_security_headers, request_to_jar, CommonAuthInfo};
• edit in src/pages/query_reset_game_pwd.rs at line 12
  [4.1162]

  [4.1162]
  + common_auth_info: CommonAuthInfo,
• replacement in src/pages/query_reset_game_pwd.rs at line 25
  [4.667]→[4.667:749](∅→∅)
  − pub async fn query_reset_game_pwd(data: web::Data<WebData<'_>>) -> HttpResponse {
  [4.667]

  [4.0]
  + pub async fn query_reset_game_pwd(

  + request: HttpRequest,

  + data: web::Data<WebData<'_>>,

  + ) -> HttpResponse {

  + let jar = request_to_jar(request);

  +

  + let user = jar

  + .private(&data.cookies_key)

  + .get("auth")

  + .map(|x| x.value().to_string());

  +
• replacement in src/pages/query_reset_game_pwd.rs at line 47
  [4.251]→[4.251:361](∅→∅)
  − let body = match data

  − .handlebars

  − .render(QUERY_RESET_GAME_PWD, &PageData { csrf })

  − {
  [4.251]

  [4.822]
  + let body = match data.handlebars.render(

  + QUERY_RESET_GAME_PWD,

  + &PageData {

  + common_auth_info: CommonAuthInfo { user },

  + csrf,

  + },

  + ) {