- basic admin panel and user management

2026-04-03 00:03:14 -04:00 · 2020-02-13 04:36:59 +00:00
parent f126dfb430
commit 83f6fc25f0
9 changed files with 307 additions and 17 deletions
--- a/src/mango.cr
+++ b/src/mango.cr
@@ -17,6 +17,17 @@ macro send_img(env, img)
 	send_file {{env}}, {{img}}.data, {{img}}.mime
 end

+macro get_username(env)
+	cookie = {{env}}.request.cookies.find { |c| c.name == "token" }
+	next if cookie.nil?
+	storage.verify_token cookie.value
+end
+
+def hash_to_query(hash)
+	hash.map { |k, v| "#{k}=#{v}" }
+		.join("&")
+end
+

 get "/" do |env|
 	titles = library.titles
@@ -32,6 +43,84 @@ get "/book/:title" do |env|
 	layout "title"
 end

+get "/admin" do |env|
+	layout "admin"
+end
+
+get "/admin/user" do |env|
+	users = storage.list_users
+	username = get_username env
+	layout "user"
+end
+
+get "/admin/user/edit" do |env|
+	username = env.params.query["username"]?
+	admin = env.params.query["admin"]?
+	if admin
+		admin = admin == "true"
+	end
+	error = env.params.query["error"]?
+	current_user = get_username env
+	new_user = username.nil? && admin.nil?
+	layout "user-edit"
+end
+
+post "/admin/user/edit" do |env|
+	# creating new user
+	begin
+		username = env.params.body["username"]
+		password = env.params.body["password"]
+		# if `admin` is unchecked, the body hash would not contain `admin`
+		admin = !env.params.body["admin"]?.nil?
+
+		if username.size < 3
+			raise "Username should contain at least 3 characters"
+		end
+		if password.size < 6
+			raise "Password should contain at least 6 characters"
+		end
+
+		storage.new_user username, password, admin
+
+		env.redirect "/admin/user"
+	rescue e
+		puts e.message
+		redirect_url = URI.new \
+			path: "/admin/user/edit",\
+			query: hash_to_query({"error" => e.message})
+		env.redirect redirect_url.to_s
+	end
+end
+
+post "/admin/user/edit/:original_username" do |env|
+	# editing existing user
+	begin
+		username = env.params.body["username"]
+		password = env.params.body["password"]
+		# if `admin` is unchecked, the body hash would not contain `admin`
+		admin = !env.params.body["admin"]?.nil?
+		original_username = env.params.url["original_username"]
+
+		if username.size < 3
+			raise "Username should contain at least 3 characters"
+		end
+		if password.size != 0 && password.size < 6
+			raise "Password should contain at least 6 characters"
+		end
+
+		storage.update_user original_username, username, password, admin
+
+		env.redirect "/admin/user"
+	rescue e
+		puts e.message
+		redirect_url = URI.new \
+			path: "/admin/user/edit",\
+			query: hash_to_query({"username" => original_username, \
+						 "admin" => admin, "error" => e.message})
+		env.redirect redirect_url.to_s
+	end
+end
+
 get "/reader/:title/:entry" do |env|
 	# We should save the reading progress, and ask the user if she wants to
 	# start over or resume. For now we just start from page 0
@@ -72,18 +161,30 @@ get "/login" do |env|
 	render "src/views/login.ecr"
 end

-post "/login" do |env|
-	username = env.params.body["username"]
-	password = env.params.body["password"]
-	token = storage.verify_user username, password
-	if token.nil?
+get "/logout" do |env|
+	begin
+		cookie = env.request.cookies.find { |c| c.name == "token" }
+		raise "" if cookie.nil?
+		storage.logout cookie.value
+	rescue
+	ensure
 		env.redirect "/login"
-		next
 	end
+end

-	cookie = HTTP::Cookie.new "token", token
-	env.response.cookies << cookie
-	env.redirect "/"
+post "/login" do |env|
+	begin
+		username = env.params.body["username"]
+		password = env.params.body["password"]
+		token = storage.verify_user username, password
+		raise "" if token.nil?
+
+		cookie = HTTP::Cookie.new "token", token
+		env.response.cookies << cookie
+		env.redirect "/"
+	rescue
+		env.redirect "/login"
+	end
 end

 get "/api/page/:title/:entry/:page" do |env|
@@ -128,7 +229,6 @@ get "/api/book" do |env|
 	library.to_json
 end

-
 add_handler AuthHandler.new storage

 Kemal.config.port = config.port