From 4902f4d1fe015125bd0cd11e9fe6bed73181e6b7 Mon Sep 17 00:00:00 2001 From: Jef Roosens Date: Thu, 28 Aug 2025 13:09:24 +0200 Subject: [PATCH] feat(server): implement signup POST request and automatic sign-in --- otter/src/server/web/auth.rs | 35 +++++++++++++++++++++++++++++++++-- 1 file changed, 33 insertions(+), 2 deletions(-) diff --git a/otter/src/server/web/auth.rs b/otter/src/server/web/auth.rs index 78bf57f..d9cd299 100644 --- a/otter/src/server/web/auth.rs +++ b/otter/src/server/web/auth.rs @@ -30,7 +30,7 @@ pub fn router(ctx: Context) -> Router { // loop .route("/login", get(get_login).post(post_login)) .route("/logout", post(post_logout)) - .route("/signup", get(get_signup)) + .route("/signup", get(get_signup).post(post_signup)) } /// Middleware that authenticates the current user via the session token. If the credentials are @@ -206,7 +206,38 @@ async fn get_signup(State(ctx): State, headers: HeaderMap, jar: CookieJ async fn post_signup( State(ctx): State, + jar: CookieJar, + user_agent: Option>, Form(signup): Form, ) -> AppResult { - todo!() + if signup.validate(&ctx)?.valid() { + // Create the user and log them in + match tokio::task::spawn_blocking(move || { + let user = ctx.store.create_user(&signup.username, &signup.password)?; + let user_agent = user_agent.map(|header| header.to_string()); + let session = ctx.store.user(&user).create_session(user_agent)?; + + Ok::<_, AuthErr>(session) + }) + .await + .unwrap() + { + Ok(session) => Ok(( + // Redirect forces htmx to reload the full page, refreshing the navbar + [("HX-Redirect", "/")], + (jar.add( + Cookie::build((super::SESSION_ID_COOKIE, session.id.to_string())) + .secure(true) + .same_site(cookie::SameSite::Lax) + .http_only(true) + .path("/") + .max_age(Duration::days(365)), + )), + ) + .into_response()), + Err(err) => Err(AppError::from(err)), + } + } else { + todo!("return form with error messages") + } }