From 6e672d3d0e57df27f3056df72027ec046203cda2 Mon Sep 17 00:00:00 2001
From: reidlab <reidlab325@gmail.com>
Date: Sat, 23 Sep 2023 19:11:07 -0700
Subject: [PATCH] better authentication (why was this a macro)

---
 readme.md                                    |  3 +-
 src/helpers/templates.rs                     | 31 +++++++-------
 src/template_endpoints/account_management.rs | 43 +++++++++++---------
 src/template_endpoints/login.rs              | 13 +++---
 4 files changed, 48 insertions(+), 42 deletions(-)

diff --git a/readme.md b/readme.md
index 5858791..d7e5db5 100644
--- a/readme.md
+++ b/readme.md
@@ -41,4 +41,5 @@ i've run out of ideas.
 - use log instead of println
 - make a proper rank system (reuploading, uploading music, rating, etc.)
 - user icons in the account management + settings (gdicon.oat.zone? selfhost?)
-- account settings page
\ No newline at end of file
+- account settings page
+- better web design
\ No newline at end of file
diff --git a/src/helpers/templates.rs b/src/helpers/templates.rs
index 20eac2e..1c8b0f1 100644
--- a/src/helpers/templates.rs
+++ b/src/helpers/templates.rs
@@ -1,19 +1,18 @@
-macro_rules! auth {
-    ($cookies: expr) => {
-        match $cookies.get_private("blackmail_data") {
-            Some(cookie_val) => {
-                let parts = cookie_val.value().split(":").collect::<Vec<&str>>();
+use rocket::http::CookieJar;
 
-                let username = parts[0].to_string();
-                let account_id = parts[1].parse::<i32>().expect("account id is not an integer! this should NOT happen!");
-                let user_id = parts[2].parse::<i32>().expect("user id is not an integer! this should NOT happen!");
-            
-                (true, Some(username), Some(account_id), Some(user_id))
-            }
-            None => {
-                (false, None, None, None)
-            }
+pub fn authenticate(cookies: &CookieJar<'_>) -> Result<(String, i32, i32), &'static str> {
+    match cookies.get_private("blackmail_data") {
+        Some(cookie) => {
+            let parts = cookie.value().split(":").collect::<Vec<&str>>();
+
+            let username = parts[0].to_string();
+            let account_id = parts[1].parse::<i32>().expect("account id is not an integer! this should NOT happen!");
+            let user_id = parts[2].parse::<i32>().expect("user id is not an integer! this should NOT happen!");
+
+            return Ok((username, account_id, user_id))
+        }
+        None => {
+            return Err("authentication failed")
         }
     }
-}
-pub(crate) use auth;
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/src/template_endpoints/account_management.rs b/src/template_endpoints/account_management.rs
index 01d2fc4..31a1ffe 100644
--- a/src/template_endpoints/account_management.rs
+++ b/src/template_endpoints/account_management.rs
@@ -12,26 +12,29 @@ use crate::db;
 pub fn account_management(cookies: &CookieJar<'_>) -> Result<Template, Redirect> {
     let connection = &mut db::establish_connection_pg();
 
-    let (logged_in, username_val, _account_id_val, user_id_val) = crate::helpers::templates::auth!(cookies);
+    let logged_in = crate::helpers::templates::authenticate(cookies);
 
-    if logged_in {
-        use crate::schema::users::dsl::*;
-        use crate::models::User;
-
-        let result = users
-            .filter(id.eq(user_id_val.expect("user_id not found")))
-            .get_result::<User, >(connection)
-            .expect("couldnt find user with user id from account");
-
-        return Ok(Template::render("account_management", context! {
-            username: username_val.expect("username not found"),
-            stars: result.stars,
-            diamonds: result.diamonds,
-            coins: result.coins,
-            user_coins: result.user_coins,
-            demons: result.demons
-        }));
-    } else {
-        return Err(Redirect::to("/login"));
+    match logged_in {
+        Ok((username_val, account_id_val, user_id_val)) => {
+            use crate::schema::users::dsl::*;
+            use crate::models::User;
+    
+            let result = users
+                .filter(id.eq(user_id_val))
+                .get_result::<User, >(connection)
+                .expect("couldnt find user with user id from account");
+    
+            return Ok(Template::render("account_management", context! {
+                username: username_val,
+                stars: result.stars,
+                diamonds: result.diamonds,
+                coins: result.coins,
+                user_coins: result.user_coins,
+                demons: result.demons
+            }));
+        },
+        Err(_) => {
+            return Err(Redirect::to("/login"));
+        }
     }
 }
\ No newline at end of file
diff --git a/src/template_endpoints/login.rs b/src/template_endpoints/login.rs
index 8163bc1..227319c 100644
--- a/src/template_endpoints/login.rs
+++ b/src/template_endpoints/login.rs
@@ -65,11 +65,14 @@ pub fn post_login(cookies: &CookieJar<'_>, input: Form<FormLogin>) -> Template {
 
 #[get("/login")]
 pub fn get_login(cookies: &CookieJar<'_>) -> Result<Redirect, Template> {
-    let (logged_in, _username, _account_id, _user_id) = crate::helpers::templates::auth!(cookies);
+    let logged_in = crate::helpers::templates::authenticate(cookies);
 
-    if logged_in {
-        Ok(Redirect::to("/"))
-    } else {
-        Err(Template::render("login", context! { }))
+    match logged_in {
+        Ok(_) => {
+            return Ok(Redirect::to("/"))
+        },
+        Err(_) => {
+            Err(Template::render("login", context! { }))
+        }
     }
 }
\ No newline at end of file