From: Greg Burri Date: Tue, 17 Dec 2024 20:28:47 +0000 (+0100) Subject: User profile edit page X-Git-Url: https://git.euphorik.ch/?a=commitdiff_plain;h=4248d11aa90f4c3118505a0d4ed6a6efa966b8a5;p=recipes.git User profile edit page --- diff --git a/Cargo.lock b/Cargo.lock index 60bf62f..5ab7bfd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -229,7 +229,7 @@ dependencies = [ "serde_json", "serde_path_to_error", "serde_urlencoded", - "sync_wrapper 1.0.2", + "sync_wrapper", "tokio", "tower", "tower-layer", @@ -252,7 +252,7 @@ dependencies = [ "mime", "pin-project-lite", "rustversion", - "sync_wrapper 1.0.2", + "sync_wrapper", "tower-layer", "tower-service", "tracing", @@ -391,9 +391,9 @@ checksum = "325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b" [[package]] name = "cc" -version = "1.2.2" +version = "1.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f34d93e62b03caf570cccc334cbc6c2fceca82f39211051345108adcba3eebdc" +checksum = "9157bbaa6b165880c27a4293a474c91cdcf265cc68cc829bf10be0964a391caf" dependencies = [ "shlex", ] @@ -406,9 +406,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "chrono" -version = "0.4.38" +version = "0.4.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" +checksum = "7e36cc9d416881d2e24f9a963be5fb1cd90966419ac844274161d10488b3e825" dependencies = [ "android-tzdata", "iana-time-zone", @@ -430,9 +430,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.22" +version = "4.5.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69371e34337c4c984bbe322360c2547210bf632eb2814bbe78a6e87a2935bd2b" +checksum = "3135e7ec2ef7b10c6ed8950f0f792ed96ee093fa088608f1c76e569722700c84" dependencies = [ "clap_builder", "clap_derive", @@ -440,9 +440,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.22" +version = "4.5.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e24c1b4099818523236a8ca881d2b45db98dadfb4625cf6608c12069fcbbde1" +checksum = "30582fc632330df2bd26877bde0c1f4470d57c582bbc070376afcd04d8cb4838" dependencies = [ "anstream", "anstyle", @@ -464,9 +464,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.7.3" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "afb84c814227b90d6895e01398aee0d8033c00e7466aca416fb6a8e0eb19d8a7" +checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" [[package]] name = "colorchoice" @@ -576,18 +576,18 @@ checksum = "19d374276b40fb8bbdee95aef7c7fa6b5316ec764510eb64b8dd0e2ed0d7e7f5" [[package]] name = "crossbeam-queue" -version = "0.3.11" +version = "0.3.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df0346b5d5e76ac2fe4e327c5fd1118d6be7c51dfb18f9b7922923f287471e35" +checksum = "0f58bbc28f91df819d0aa2a2c00cd19754769c2fad90579b3592b1c9ba7a3115" dependencies = [ "crossbeam-utils", ] [[package]] name = "crossbeam-utils" -version = "0.8.20" +version = "0.8.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" +checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28" [[package]] name = "crypto-common" @@ -756,9 +756,9 @@ dependencies = [ [[package]] name = "fastrand" -version = "2.2.0" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "486f806e73c5707928240ddc295403b1b93c96a02038563881c4a2fd84b81ac4" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" [[package]] name = "flume" @@ -1164,11 +1164,11 @@ dependencies = [ [[package]] name = "home" -version = "0.5.9" +version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" +checksum = "589533453244b0995c858700322199b2becb13b627df2851f64a2775d024abcf" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -1256,9 +1256,9 @@ dependencies = [ [[package]] name = "hyper" -version = "1.5.1" +version = "1.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97818827ef4f364230e16705d4706e2897df2bb60617d6ca15d598025a3c481f" +checksum = "256fb8d4bd6413123cc9d91832d78325c48ff41677595be797d90f42969beae0" dependencies = [ "bytes", "futures-channel", @@ -1484,9 +1484,9 @@ checksum = "d75a2a4b1b190afb6f5425f10f6a8f959d2ea0b9c2b1d79553551850539e4674" [[package]] name = "js-sys" -version = "0.3.74" +version = "0.3.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a865e038f7f6ed956f788f0d7d60c541fff74c7bd74272c5d4cf15c63743e705" +checksum = "6717b6b5b077764fb5966237269cb3c64edddde4b14ce42647430a78ced9e7b7" dependencies = [ "once_cell", "wasm-bindgen", @@ -1503,9 +1503,9 @@ dependencies = [ [[package]] name = "lettre" -version = "0.11.10" +version = "0.11.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0161e452348e399deb685ba05e55ee116cae9410f4f51fe42d597361444521d9" +checksum = "ab4c9a167ff73df98a5ecc07e8bf5ce90b583665da3d1762eb1f775ad4d0d6f5" dependencies = [ "async-trait", "base64 0.22.1", @@ -1534,9 +1534,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.167" +version = "0.2.168" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09d6582e104315a817dff97f75133544b2e094ee22447d2acf4a74e189ba06fc" +checksum = "5aaeb2981e0606ca11d79718f8bb01164f1d6ed75080182d3abf017e6d244b6d" [[package]] name = "libm" @@ -1638,9 +1638,9 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" [[package]] name = "miniz_oxide" -version = "0.8.0" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2d80299ef12ff69b16a84bb182e3b9df68b5a91574d3d4fa6e41b65deec4df1" +checksum = "4ffbe83022cedc1d264172192511ae958937694cd57ce297164951b8b3568394" dependencies = [ "adler2", ] @@ -2006,7 +2006,7 @@ dependencies = [ "ron", "serde", "sqlx", - "thiserror 2.0.4", + "thiserror 2.0.7", "tokio", "tower", "tower-http", @@ -2016,9 +2016,9 @@ dependencies = [ [[package]] name = "redox_syscall" -version = "0.5.7" +version = "0.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b6dfecf2c74bce2466cabf93f6664d6998a69eb21e39f4207930065b27b771f" +checksum = "03a862b389f93e68874fbf580b9de08dd02facb9a788ebadaf4a3fd33cf58834" dependencies = [ "bitflags", ] @@ -2122,22 +2122,22 @@ checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" [[package]] name = "rustix" -version = "0.38.41" +version = "0.38.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7f649912bc1495e167a6edee79151c84b1bad49748cb4f1f1167f459f6224f6" +checksum = "f93dc38ecbab2eb790ff964bb77fa94faf256fd3e73285fd7ba0903b76bedb85" dependencies = [ "bitflags", "errno", "libc", "linux-raw-sys", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "rustls" -version = "0.23.19" +version = "0.23.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "934b404430bb06b3fae2cba809eb45a1ab1aecd64491213d7c3301b88393f8d1" +checksum = "5065c3f250cbd332cd894be57c40fa52387247659b14a2d6041d121547903b1b" dependencies = [ "log", "once_cell", @@ -2159,9 +2159,9 @@ dependencies = [ [[package]] name = "rustls-pki-types" -version = "1.10.0" +version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b" +checksum = "d2bf47e6ff922db3825eb750c4e2ff784c6ff8fb9e13046ef6a1d1c5401b0b37" [[package]] name = "rustls-webpki" @@ -2194,9 +2194,9 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "serde" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" +checksum = "0b9781016e935a97e8beecf0c933758c97a5520d32930e460142b4cd80c6338e" dependencies = [ "serde_derive", ] @@ -2214,9 +2214,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" +checksum = "46f859dbbf73865c6627ed570e78961cd3ac92407a2d117204c49232485da55e" dependencies = [ "proc-macro2", "quote", @@ -2631,12 +2631,6 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "sync_wrapper" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" - [[package]] name = "sync_wrapper" version = "1.0.2" @@ -2678,11 +2672,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.4" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f49a1853cf82743e3b7950f77e0f4d622ca36cf4317cba00c767838bac8d490" +checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" dependencies = [ - "thiserror-impl 2.0.4", + "thiserror-impl 2.0.7", ] [[package]] @@ -2698,9 +2692,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.4" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8381894bb3efe0c4acac3ded651301ceee58a15d47c2e34885ed1908ad667061" +checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" dependencies = [ "proc-macro2", "quote", @@ -2804,20 +2798,19 @@ dependencies = [ [[package]] name = "tokio-rustls" -version = "0.26.0" +version = "0.26.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" +checksum = "5f6d0975eaace0cf0fcadee4e4aaa5da15b5c079146f2cffb67c113be122bf37" dependencies = [ "rustls", - "rustls-pki-types", "tokio", ] [[package]] name = "tokio-stream" -version = "0.1.16" +version = "0.1.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f4e6ce100d0eb49a2734f8c0812bcd324cf357d21810932c5df6b96ef2b86f1" +checksum = "eca58d7bba4a75707817a2c44174253f9236b2d5fbd055602e9d5c07c139a047" dependencies = [ "futures-core", "pin-project-lite", @@ -2856,14 +2849,14 @@ dependencies = [ [[package]] name = "tower" -version = "0.5.1" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2873938d487c3cfb9aed7546dc9f2711d867c9f90c46b889989a2cb84eba6b4f" +checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9" dependencies = [ "futures-core", "futures-util", "pin-project-lite", - "sync_wrapper 0.1.2", + "sync_wrapper", "tokio", "tower-layer", "tower-service", @@ -2989,9 +2982,9 @@ checksum = "7e51b68083f157f853b6379db119d1c1be0e6e4dec98101079dec41f6f5cf6df" [[package]] name = "unicode-bidi" -version = "0.3.17" +version = "0.3.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ab17db44d7388991a428b2ee655ce0c212e862eff1768a455c58f9aad6e7893" +checksum = "5c1cb5db39152898a79168971543b1cb5020dff7fe43c8dc468b0885f5e29df5" [[package]] name = "unicode-ident" @@ -3099,9 +3092,9 @@ checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b" [[package]] name = "wasm-bindgen" -version = "0.2.97" +version = "0.2.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d15e63b4482863c109d70a7b8706c1e364eb6ea449b201a76c5b89cedcec2d5c" +checksum = "a474f6281d1d70c17ae7aa6a613c87fce69a127e2624002df63dcb39d6cf6396" dependencies = [ "cfg-if", "once_cell", @@ -3110,13 +3103,12 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.97" +version = "0.2.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d36ef12e3aaca16ddd3f67922bc63e48e953f126de60bd33ccc0101ef9998cd" +checksum = "5f89bb38646b4f81674e8f5c3fb81b562be1fd936d84320f3264486418519c79" dependencies = [ "bumpalo", "log", - "once_cell", "proc-macro2", "quote", "syn", @@ -3125,9 +3117,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.47" +version = "0.4.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9dfaf8f50e5f293737ee323940c7d8b08a66a95a419223d9f41610ca08b0833d" +checksum = "38176d9b44ea84e9184eff0bc34cc167ed044f816accfe5922e54d84cf48eca2" dependencies = [ "cfg-if", "js-sys", @@ -3138,9 +3130,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.97" +version = "0.2.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "705440e08b42d3e4b36de7d66c944be628d579796b8090bfa3471478a2260051" +checksum = "2cc6181fd9a7492eef6fef1f33961e3695e4579b9872a6f7c83aee556666d4fe" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -3148,9 +3140,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.97" +version = "0.2.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98c9ae5a76e46f4deecd0f0255cc223cfa18dc9b261213b8aa0c7b36f61b3f1d" +checksum = "30d7a95b763d3c45903ed6c81f156801839e5ee968bb07e534c44df0fcd330c2" dependencies = [ "proc-macro2", "quote", @@ -3161,15 +3153,15 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.97" +version = "0.2.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ee99da9c5ba11bd675621338ef6fa52296b76b83305e9b6e5c77d4c286d6d49" +checksum = "943aab3fdaaa029a6e0271b35ea10b72b943135afe9bffca82384098ad0e06a6" [[package]] name = "web-sys" -version = "0.3.74" +version = "0.3.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a98bc3c33f0fe7e59ad7cd041b89034fa82a7c2d4365ca538dda6cdaf513863c" +checksum = "04dd7223427d52553d3702c004d3b2fe07c148165faa56313cb00211e31c12bc" dependencies = [ "js-sys", "wasm-bindgen", diff --git a/README.md b/README.md index d76bbee..63d7f80 100644 --- a/README.md +++ b/README.md @@ -53,4 +53,7 @@ To launch node run 'npm run start' in 'frontend/www' directory * Node install: https://nodejs.org/en/download/ +# Tools +Benchmarking: https://crates.io/crates/oha +HTTP API tool: https://www.usebruno.com/ \ No newline at end of file diff --git a/TODO.md b/TODO.md index a176eb8..972051a 100644 --- a/TODO.md +++ b/TODO.md @@ -1,3 +1,7 @@ +* Finish updating profile + * check password and message error + * user can change email: add a field + revalidation of new email +* Check position of message error in profile/sign in/sign up with flex grid layout * Review the recipe model (SQL) * Describe the use cases in details. * Define the UI (mockups). @@ -10,6 +14,7 @@ .service(services::webapi::set_recipe_title) .service(services::webapi::set_recipe_description) * Add support to translations into db model. +* Make a Text database (a bit like d-lan.net) and think about translation. [ok] Try using WASM for all the client logic (test on editing/creating a recipe) [ok] How to log error to journalctl or elsewhere + debug log? diff --git a/backend/sql/version_1.sql b/backend/sql/version_1.sql index c7fdf19..915e321 100644 --- a/backend/sql/version_1.sql +++ b/backend/sql/version_1.sql @@ -13,7 +13,7 @@ CREATE TABLE [User] ( [password] TEXT NOT NULL, -- argon2(password_plain, salt). - [creation_datetime] TEXT NOT NULL, -- Updated when the validation email is sent. + [validation_token_datetime] TEXT NOT NULL, -- Updated when the validation email is sent. [validation_token] TEXT, -- If not null then the user has not validated his account yet. [password_reset_token] TEXT, -- If not null then the user can reset its password. diff --git a/backend/src/data/db.rs b/backend/src/data/db.rs index 5182fd3..b1b7829 100644 --- a/backend/src/data/db.rs +++ b/backend/src/data/db.rs @@ -52,6 +52,13 @@ pub enum SignUpResult { UserCreatedWaitingForValidation(String), // Validation token. } +#[derive(Debug)] +pub enum UpdateUserResult { + EmailAlreadyTaken, + UserUpdatedWaitingForRevalidation(String), // Validation token. + Ok, +} + #[derive(Debug)] pub enum ValidationResult { UnknownUser, @@ -97,8 +104,7 @@ impl Connection { Self::new_from_file(path).await } - // For tests. - #[warn(dead_code)] + #[cfg(test)] pub async fn new_in_memory() -> Result { Self::create_connection(SqlitePoolOptions::new().connect("sqlite::memory:").await?).await } @@ -234,8 +240,7 @@ FROM [Recipe] WHERE [id] = $1 .map_err(DBError::from) } - // For tests. - #[warn(dead_code)] + #[cfg(test)] pub async fn get_user_login_info(&self, token: &str) -> Result { sqlx::query_as( r#" @@ -257,23 +262,62 @@ FROM [UserLoginToken] WHERE [token] = $1 .map_err(DBError::from) } + /// If a new email is given and it doesn't match the current one then it has to be + /// Revalidated. pub async fn update_user( &self, user_id: i64, new_email: Option<&str>, new_name: Option<&str>, new_password: Option<&str>, - ) -> Result<()> { + ) -> Result { let mut tx = self.tx().await?; let hashed_new_password = new_password.map(|p| hash(p).unwrap()); - let (email, name, password) = sqlx::query_as::<_, (String, String, String)>( + let (email, name, hashed_password) = sqlx::query_as::<_, (String, String, String)>( "SELECT [email], [name], [password] FROM [User] WHERE [id] = $1", ) .bind(user_id) .fetch_one(&mut *tx) .await?; + let email_changed = new_email.is_some_and(|new_email| new_email != email); + + // Check if email not already taken. + let validation_token = if email_changed { + if sqlx::query_scalar::<_, i64>( + r#" +SELECT COUNT(*) +FROM [User] +WHERE [email] = $1 + "#, + ) + .bind(new_email.unwrap()) + .fetch_one(&mut *tx) + .await? + > 0 + { + return Ok(UpdateUserResult::EmailAlreadyTaken); + } + + let token = Some(generate_token()); + sqlx::query( + r#" +UPDATE [User] +SET [validation_token] = $2, [validation_token_datetime] = $3 +WHERE [id] = $1 + "#, + ) + .bind(user_id) + .bind(&token) + .bind(Utc::now()) + .execute(&mut *tx) + .await?; + token + } else { + None + }; + sqlx::query( r#" UPDATE [User] @@ -284,13 +328,17 @@ WHERE [id] = $1 .bind(user_id) .bind(new_email.unwrap_or(&email)) .bind(new_name.unwrap_or(&name)) - .bind(hashed_new_password.unwrap_or(password)) + .bind(hashed_new_password.unwrap_or(hashed_password)) .execute(&mut *tx) .await?; tx.commit().await?; - Ok(()) + Ok(if let Some(validation_token) = validation_token { + UpdateUserResult::UserUpdatedWaitingForRevalidation(validation_token) + } else { + UpdateUserResult::Ok + }) } pub async fn sign_up(&self, email: &str, password: &str) -> Result { @@ -325,7 +373,7 @@ FROM [User] WHERE [email] = $1 sqlx::query( r#" UPDATE [User] -SET [validation_token] = $2, [creation_datetime] = $3, [password] = $4 +SET [validation_token] = $2, [validation_token_datetime] = $3, [password] = $4 WHERE [id] = $1 "#, ) @@ -343,7 +391,7 @@ WHERE [id] = $1 sqlx::query( r#" INSERT INTO [User] -([email], [validation_token], [creation_datetime], [password]) +([email], [validation_token], [validation_token_datetime], [password]) VALUES ($1, $2, $3, $4) "#, ) @@ -373,14 +421,14 @@ VALUES ($1, $2, $3, $4) // There is no index on [validation_token]. Is it useful? let user_id = match sqlx::query_as::<_, (i64, DateTime)>( - "SELECT [id], [creation_datetime] FROM [User] WHERE [validation_token] = $1", + "SELECT [id], [validation_token_datetime] FROM [User] WHERE [validation_token] = $1", ) .bind(token) .fetch_optional(&mut *tx) .await? { - Some((id, creation_datetime)) => { - if Utc::now() - creation_datetime > validation_time { + Some((id, validation_token_datetime)) => { + if Utc::now() - validation_token_datetime > validation_time { return Ok(ValidationResult::ValidationExpired); } sqlx::query("UPDATE [User] SET [validation_token] = NULL WHERE [id] = $1") @@ -496,7 +544,7 @@ WHERE [id] = $1 SELECT [password_reset_datetime] FROM [User] WHERE [email] = $1 - "#, + "#, ) .bind(email) .fetch_optional(&mut *tx) @@ -544,7 +592,7 @@ WHERE [email] = $1 SELECT [id], [password_reset_datetime] FROM [User] WHERE [password_reset_token] = $1 - "#, + "#, ) .bind(token) .fetch_one(&mut *tx) @@ -567,7 +615,7 @@ WHERE [password_reset_token] = $1 UPDATE [User] SET [password] = $2, [password_reset_token] = NULL, [password_reset_datetime] = NULL WHERE [id] = $1 - "#, + "#, ) .bind(user_id) .bind(hashed_new_password) @@ -729,7 +777,7 @@ mod tests { sqlx::query( r#" INSERT INTO - [User] ([id], [email], [name], [password], [creation_datetime], [validation_token]) + [User] ([id], [email], [name], [password], [validation_token_datetime], [validation_token]) VALUES ( 1, 'paul@atreides.com', @@ -777,7 +825,7 @@ INSERT INTO sqlx::query( r#" INSERT INTO [User] - ([id], [email], [name], [password], [creation_datetime], [validation_token]) + ([id], [email], [name], [password], [validation_token_datetime], [validation_token]) VALUES ( 1, 'paul@atreides.com', @@ -918,7 +966,7 @@ VALUES ( }; // Validation. - let (authentication_token, user_id) = match connection + let (authentication_token, _user_id) = match connection .validation( &validation_token, Duration::hours(1), @@ -1116,7 +1164,7 @@ VALUES ( sqlx::query( r#" INSERT INTO [User] - ([id], [email], [name], [password], [creation_datetime], [validation_token]) + ([id], [email], [name], [password], [validation_token_datetime], [validation_token]) VALUES ($1, $2, $3, $4, $5, $6) "# @@ -1134,21 +1182,33 @@ VALUES assert_eq!(user.name, "paul"); assert_eq!(user.email, "paul@atreides.com"); - connection + if let UpdateUserResult::UserUpdatedWaitingForRevalidation(token) = connection .update_user( 1, Some("muaddib@fremen.com"), Some("muaddib"), Some("Chani"), ) - .await?; + .await? + { + let (_authentication_token_1, user_id_1) = match connection + .validation(&token, Duration::hours(1), "127.0.0.1", "Mozilla/5.0") + .await? + { + ValidationResult::Ok(token, user_id) => (token, user_id), + other => panic!("{:?}", other), + }; + assert_eq!(user_id_1, 1); + } else { + panic!("A revalidation token must be created when changin e-mail"); + } let user = connection.load_user(1).await?.unwrap(); assert_eq!(user.name, "muaddib"); assert_eq!(user.email, "muaddib@fremen.com"); - // Tets if password has been updated correctly. + // Tests if password has been updated correctly. if let SignInResult::Ok(_token, id) = connection .sign_in("muaddib@fremen.com", "Chani", "127.0.0.1", "Mozilla/5.0") .await? @@ -1169,7 +1229,7 @@ VALUES sqlx::query( r#" INSERT INTO [User] - ([id], [email], [name], [password], [creation_datetime], [validation_token]) + ([id], [email], [name], [password], [validation_token_datetime], [validation_token]) VALUES ($1, $2, $3, $4, $5, $6) "# diff --git a/backend/src/html_templates.rs b/backend/src/html_templates.rs index bb9aa7f..416f8c7 100644 --- a/backend/src/html_templates.rs +++ b/backend/src/html_templates.rs @@ -21,12 +21,30 @@ pub struct ViewRecipeTemplate { #[derive(Template)] #[template(path = "message.html")] -pub struct MessageTemplate<'a> { +pub struct MessageTemplate { pub user: Option, - pub message: &'a str, + pub message: String, pub as_code: bool, // Display the message in 
 markup.
 }
 
+impl MessageTemplate {
+    pub fn new(message: &str) -> MessageTemplate {
+        MessageTemplate {
+            user: None,
+            message: message.to_string(),
+            as_code: false,
+        }
+    }
+
+    pub fn new_with_user(message: &str, user: Option) -> MessageTemplate {
+        MessageTemplate {
+            user,
+            message: message.to_string(),
+            as_code: false,
+        }
+    }
+}
+
 #[derive(Template)]
 #[template(path = "sign_up_form.html")]
 pub struct SignUpFormTemplate {
@@ -67,4 +85,9 @@ pub struct ResetPasswordTemplate {
 #[template(path = "profile.html")]
 pub struct ProfileTemplate {
     pub user: Option,
+    pub username: String,
+    pub email: String,
+    pub message: String,
+    pub message_email: String,
+    pub message_password: String,
 }
diff --git a/backend/src/main.rs b/backend/src/main.rs
index 9d4f02d..594d8d2 100644
--- a/backend/src/main.rs
+++ b/backend/src/main.rs
@@ -5,7 +5,7 @@ use axum::{
     http::StatusCode,
     middleware::{self, Next},
     response::{Response, Result},
-    routing::{get, put},
+    routing::get,
     Router,
 };
 use axum_extra::extract::cookie::CookieJar;
@@ -84,9 +84,9 @@ async fn main() {
         db_connection,
     };
 
-    // TODO: Add fallback fo ron_api_routes.
     let ron_api_routes = Router::new()
-        .route("/user/update", put(services::ron::update_user))
+        // Disabled: update user profile is now made with a post data ('edit_user_post').
+        // .route("/user/update", put(services::ron::update_user))
         .fallback(services::ron::not_found);
 
     let html_routes = Router::new()
@@ -96,6 +96,7 @@ async fn main() {
             get(services::sign_up_get).post(services::sign_up_post),
         )
         .route("/validation", get(services::sign_up_validation))
+        .route("/revalidation", get(services::email_revalidation))
         .route(
             "/signin",
             get(services::sign_in_get).post(services::sign_in_post),
@@ -112,7 +113,10 @@ async fn main() {
         // Recipes.
         .route("/recipe/view/:id", get(services::view_recipe))
         // User.
-        .route("/user/edit", get(services::edit_user))
+        .route(
+            "/user/edit",
+            get(services::edit_user_get).post(services::edit_user_post),
+        )
         .route_layer(middleware::from_fn(services::ron_error_to_html));
 
     let app = Router::new()
@@ -179,6 +183,11 @@ async fn get_current_user(
 }
 
 #[derive(Parser, Debug)]
+#[command(
+    author = "Greg Burri",
+    version = "1.0",
+    about = "A little cooking recipes website"
+)]
 struct Args {
     /// Will clear the database and insert some test data. (A backup is made first).
     #[arg(long)]
diff --git a/backend/src/ron_utils.rs b/backend/src/ron_utils.rs
index 36789ed..8616c70 100644
--- a/backend/src/ron_utils.rs
+++ b/backend/src/ron_utils.rs
@@ -1,7 +1,5 @@
 use axum::{
-    async_trait,
     body::Bytes,
-    extract::{FromRequest, Request},
     http::{header, HeaderValue, StatusCode},
     response::{IntoResponse, Response},
 };
diff --git a/backend/src/services.rs b/backend/src/services.rs
index c8bcb4a..2991d86 100644
--- a/backend/src/services.rs
+++ b/backend/src/services.rs
@@ -32,7 +32,7 @@ pub async fn ron_error_to_html(req: Request, next: Next) -> Result {
             };
             return Ok(MessageTemplate {
                 user: None,
-                message: &message,
+                message,
                 as_code: true,
             }
             .into_response());
@@ -83,26 +83,6 @@ pub async fn view_recipe(
     }
 }
 
-///// MESSAGE /////
-
-impl<'a> MessageTemplate<'a> {
-    pub fn new(message: &'a str) -> MessageTemplate<'a> {
-        MessageTemplate {
-            user: None,
-            message,
-            as_code: false,
-        }
-    }
-
-    pub fn new_with_user(message: &'a str, user: Option) -> MessageTemplate<'a> {
-        MessageTemplate {
-            user,
-            message,
-            as_code: false,
-        }
-    }
-}
-
 //// SIGN UP /////
 
 #[debug_handler]
@@ -198,7 +178,6 @@ pub async fn sign_up_post(
         }
         Ok(db::SignUpResult::UserCreatedWaitingForValidation(token)) => {
             let url = utils::get_url_from_host(&host);
-
             let email = form_data.email.clone();
             match email::send_email(
                 &email,
@@ -214,7 +193,7 @@ pub async fn sign_up_post(
             {
                 Ok(()) => Ok(
                     MessageTemplate::new_with_user(
-                        "An email has been sent, follow the link to validate your account.",
+                        "An email has been sent, follow the link to validate your account",
                     user).into_response()),
                 Err(_) => {
                     // error!("Email validation error: {}", error); // TODO: log
@@ -223,7 +202,7 @@ pub async fn sign_up_post(
             }
         }
         Err(_) => {
-            // error!("Signup database error: {}", error);
+            // error!("Signup database error: {}", error); // TODO: log
             error_response(SignUpError::DatabaseError, &form_data, user)
         }
     }
@@ -595,14 +574,221 @@ pub async fn reset_password_post(
 ///// EDIT PROFILE /////
 
 #[debug_handler]
-pub async fn edit_user(
+pub async fn edit_user_get(Extension(user): Extension>) -> Response {
+    if let Some(user) = user {
+        ProfileTemplate {
+            username: user.name.clone(),
+            email: user.email.clone(),
+            user: Some(user),
+            message: String::new(),
+            message_email: String::new(),
+            message_password: String::new(),
+        }
+        .into_response()
+    } else {
+        MessageTemplate::new("Not logged in").into_response()
+    }
+}
+
+#[derive(Deserialize, Debug)]
+pub struct EditUserForm {
+    name: String,
+    email: String,
+    password_1: String,
+    password_2: String,
+}
+enum ProfileUpdateError {
+    InvalidEmail,
+    EmailAlreadyTaken,
+    PasswordsNotEqual,
+    InvalidPassword,
+    DatabaseError,
+    UnableSendEmail,
+}
+
+// TODO: A lot of code are similar to 'sign_up_post', maybe find a way to factorize some.
+#[debug_handler(state = AppState)]
+pub async fn edit_user_post(
+    Host(host): Host,
     State(connection): State,
+    State(config): State,
     Extension(user): Extension>,
-) -> Response {
-    if user.is_some() {
-        ProfileTemplate { user }.into_response()
+    Form(form_data): Form,
+) -> Result {
+    if let Some(user) = user {
+        fn error_response(
+            error: ProfileUpdateError,
+            form_data: &EditUserForm,
+            user: model::User,
+        ) -> Result {
+            Ok(ProfileTemplate {
+                user: Some(user),
+                username: form_data.name.clone(),
+                email: form_data.email.clone(),
+                message_email: match error {
+                    ProfileUpdateError::InvalidEmail => "Invalid email",
+                    ProfileUpdateError::EmailAlreadyTaken => "Email already taken",
+                    _ => "",
+                }
+                .to_string(),
+                message_password: match error {
+                    ProfileUpdateError::PasswordsNotEqual => "Passwords don't match",
+                    ProfileUpdateError::InvalidPassword => {
+                        "Password must have at least eight characters"
+                    }
+                    _ => "",
+                }
+                .to_string(),
+                message: match error {
+                    ProfileUpdateError::DatabaseError => "Database error",
+                    ProfileUpdateError::UnableSendEmail => "Unable to send the validation email",
+                    _ => "",
+                }
+                .to_string(),
+            }
+            .into_response())
+        }
+
+        if let common::utils::EmailValidation::NotValid =
+            common::utils::validate_email(&form_data.email)
+        {
+            return error_response(ProfileUpdateError::InvalidEmail, &form_data, user);
+        }
+
+        let new_password = if !form_data.password_1.is_empty() || !form_data.password_2.is_empty() {
+            if form_data.password_1 != form_data.password_2 {
+                return error_response(ProfileUpdateError::PasswordsNotEqual, &form_data, user);
+            }
+            if let common::utils::PasswordValidation::TooShort =
+                common::utils::validate_password(&form_data.password_1)
+            {
+                return error_response(ProfileUpdateError::InvalidPassword, &form_data, user);
+            }
+            Some(form_data.password_1.as_ref())
+        } else {
+            None
+        };
+
+        let email_trimmed = form_data.email.trim();
+        let message: &str;
+
+        match connection
+            .update_user(
+                user.id,
+                Some(&email_trimmed),
+                Some(&form_data.name),
+                new_password,
+            )
+            .await
+        {
+            Ok(db::UpdateUserResult::EmailAlreadyTaken) => {
+                return error_response(ProfileUpdateError::EmailAlreadyTaken, &form_data, user);
+            }
+            Ok(db::UpdateUserResult::UserUpdatedWaitingForRevalidation(token)) => {
+                let url = utils::get_url_from_host(&host);
+                let email = form_data.email.clone();
+                match email::send_email(
+                    &email,
+                    &format!(
+                        "Follow this link to validate this email address: {}/revalidation?validation_token={}",
+                        url, token
+                    ),
+                    &config.smtp_relay_address,
+                    &config.smtp_login,
+                    &config.smtp_password,
+                )
+                .await
+                {
+                    Ok(()) => {
+                        message =
+                            "An email has been sent, follow the link to validate your new email";
+                    }
+                    Err(_) => {
+                        // error!("Email validation error: {}", error); // TODO: log
+                        return error_response(ProfileUpdateError::UnableSendEmail, &form_data, user);
+                    }
+                }
+            }
+            Ok(db::UpdateUserResult::Ok) => {
+                message = "Profile saved";
+            }
+            Err(_) => return error_response(ProfileUpdateError::DatabaseError, &form_data, user),
+        }
+
+        // Reload after update.
+        let user = connection.load_user(user.id).await?;
+
+        Ok(ProfileTemplate {
+            user,
+            username: form_data.name,
+            email: form_data.email,
+            message: message.to_string(),
+            message_email: String::new(),
+            message_password: String::new(),
+        }
+        .into_response())
     } else {
-        MessageTemplate::new("Not logged in").into_response()
+        Ok(MessageTemplate::new("Not logged in").into_response())
+    }
+}
+
+#[debug_handler]
+pub async fn email_revalidation(
+    State(connection): State,
+    Extension(user): Extension>,
+    ConnectInfo(addr): ConnectInfo,
+    Query(query): Query>,
+    headers: HeaderMap,
+) -> Result<(CookieJar, impl IntoResponse)> {
+    let mut jar = CookieJar::from_headers(&headers);
+    if user.is_some() {
+        return Ok((
+            jar,
+            MessageTemplate::new_with_user("User already exists", user),
+        ));
+    }
+    let (client_ip, client_user_agent) = utils::get_ip_and_user_agent(&headers, addr);
+    match query.get("validation_token") {
+        // 'validation_token' exists only when a user must validate a new email.
+        Some(token) => {
+            match connection
+                .validation(
+                    token,
+                    Duration::seconds(consts::VALIDATION_TOKEN_DURATION),
+                    &client_ip,
+                    &client_user_agent,
+                )
+                .await?
+            {
+                db::ValidationResult::Ok(token, user_id) => {
+                    let cookie = Cookie::new(consts::COOKIE_AUTH_TOKEN_NAME, token);
+                    jar = jar.add(cookie);
+                    let user = connection.load_user(user_id).await?;
+                    Ok((
+                        jar,
+                        MessageTemplate::new_with_user("Email validation successful", user),
+                    ))
+                }
+                db::ValidationResult::ValidationExpired => Ok((
+                    jar,
+                    MessageTemplate::new_with_user(
+                        "The validation has expired. Try to sign up again with the same email",
+                        user,
+                    ),
+                )),
+                db::ValidationResult::UnknownUser => Ok((
+                    jar,
+                    MessageTemplate::new_with_user(
+                        "Validation error. Try to sign up again with the same email",
+                        user,
+                    ),
+                )),
+            }
+        }
+        None => Ok((
+            jar,
+            MessageTemplate::new_with_user("Validation error", user),
+        )),
     }
 }
 
diff --git a/backend/src/services/ron.rs b/backend/src/services/ron.rs
index 4b3e749..d9578b7 100644
--- a/backend/src/services/ron.rs
+++ b/backend/src/services/ron.rs
@@ -52,10 +52,11 @@ use axum::{
     http::StatusCode,
     response::{ErrorResponse, IntoResponse, Result},
 };
-use tracing::{event, Level};
+// use tracing::{event, Level};
 
 use crate::{data::db, model, ron_extractor::ExtractRon, ron_utils::ron_error};
 
+#[allow(dead_code)]
 #[debug_handler]
 pub async fn update_user(
     State(connection): State,
@@ -66,7 +67,7 @@ pub async fn update_user(
         connection
             .update_user(
                 user.id,
-                ron.email.as_deref(),
+                ron.email.as_deref().map(str::trim),
                 ron.name.as_deref(),
                 ron.password.as_deref(),
             )
@@ -82,6 +83,6 @@ pub async fn update_user(
 
 ///// 404 /////
 #[debug_handler]
-pub async fn not_found(Extension(user): Extension>) -> impl IntoResponse {
+pub async fn not_found(Extension(_user): Extension>) -> impl IntoResponse {
     ron_error(StatusCode::NOT_FOUND, "Not found")
 }
diff --git a/backend/templates/base_with_header.html b/backend/templates/base_with_header.html
index f758547..558220b 100644
--- a/backend/templates/base_with_header.html
+++ b/backend/templates/base_with_header.html
@@ -7,7 +7,13 @@
         {% match user %}
         {% when Some with (user) %}
             Create a new recipe
-            {{ user.email }} / Sign out
+            
+                {% if user.name == "" %}
+                    {{ user.email }}
+                {% else %}
+                    {{ user.name }}
+                {% endif %}
+             / Sign out
         {% when None %}
             
                 Sign in/Sign up/Lost password
diff --git a/backend/templates/profile.html b/backend/templates/profile.html
index bf4b388..49211b8 100644
--- a/backend/templates/profile.html
+++ b/backend/templates/profile.html
@@ -9,28 +9,34 @@
 
     
Profile

 
-    

+    
 
         
         
 
+        
+        
+
+        {{ message_email }}
 
         
-        
+        
 
         
-        
+        
 
-        
-    

+        {{ message_password }}
 
+        
+    
+    {{ message }}
 
 
 {% when None %}
diff --git a/backend/templates/sign_up_form.html b/backend/templates/sign_up_form.html
index 0475906..4500d79 100644
--- a/backend/templates/sign_up_form.html
+++ b/backend/templates/sign_up_form.html
@@ -8,6 +8,7 @@
     

         
         
+
         {{ message_email }}
 
         
diff --git a/common/src/ron_api.rs b/common/src/ron_api.rs
index 6e64a03..3ad1b0e 100644
--- a/common/src/ron_api.rs
+++ b/common/src/ron_api.rs
@@ -1,8 +1,5 @@
-use ron::{
-    de::from_bytes,
-    ser::{to_string_pretty, PrettyConfig},
-};
-use serde::{de::DeserializeOwned, Deserialize, Serialize};
+use ron::ser::{to_string_pretty, PrettyConfig};
+use serde::{Deserialize, Serialize};
 
 ///// RECIPE /////
 
diff --git a/frontend/src/lib.rs b/frontend/src/lib.rs
index d61d830..09e3c7e 100644
--- a/frontend/src/lib.rs
+++ b/frontend/src/lib.rs
@@ -23,18 +23,10 @@ pub fn main() -> Result<(), JsValue> {
 
     let window = web_sys::window().expect("no global `window` exists");
     let document = window.document().expect("should have a document on window");
-    // let body = document.body().expect("document should have a body");
 
     let location = window.location().pathname()?;
     let path: Vec<&str> = location.split('/').skip(1).collect();
 
-    /*
-     * TODO:
-     * [ok] get url (/recipe/edit/{id}) and extract the id
-     * - Add a handle (event?) to the title field (when edited/changed?):
-     *  - Call (as AJAR) /ron-api/set-title and set the body to a serialized RON of the type common::ron_api::SetTitle
-     *  - Display error message if needed
-     */
     match path[..] {
         ["recipe", "edit", id] => {
             let id = id.parse::().unwrap(); // TODO: remove unwrap.
@@ -43,16 +35,12 @@ pub fn main() -> Result<(), JsValue> {
             handles::recipe_edit(document)?;
         }
 
-        ["user", "edit"] => {
-            handles::user_edit(document)?;
-        }
+        // Disable: user editing data are now submitted as classic form data.
+        // ["user", "edit"] => {
+        //     handles::user_edit(document)?;
+        // }
         _ => (),
     }
 
-    // TEST
-    // let val = document.create_element("p")?;
-    // val.set_inner_html("Hello from Rust!");
-    // body.append_child(&val)?;
-
     Ok(())
 }