Mercurial Hosting > freedit
changeset 3:fc3ee39d7764
login
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Sun, 19 Jun 2022 20:47:31 -0600 |
parents | fc2383eb48a9 |
children | a17e400ddaa1 |
files | src/account.html.luan src/index.html.luan src/lib/Db.luan src/lib/Shared.luan src/lib/User.luan src/login.html.luan src/logout.html.luan |
diffstat | 7 files changed, 343 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
diff -r fc2383eb48a9 -r fc3ee39d7764 src/account.html.luan --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/account.html.luan Sun Jun 19 20:47:31 2022 -0600 @@ -0,0 +1,33 @@ +local Luan = require "luan:Luan.luan" +local error = Luan.error +local Io = require "luan:Io.luan" +local Http = require "luan:http/Http.luan" +local Shared = require "site:/lib/Shared.luan" +local head = Shared.head or error() +local header = Shared.header or error() +local footer = Shared.footer or error() +local Forum = require "site:/lib/Forum.luan" +local forum_title = Forum.title or error() + + +return function() + Io.stdout = Http.response.text_writer() +%> +<!doctype html> +<html> + <head> +<% head() %> + <title><%=forum_title%> - Your Account</title> + </head> + <body> +<% header() %> + <div content> + <h1>Your Account</h1> + + <p><a href="/logout.html">logout</a></p> + </div> +<% footer() %> + </body> +</html> +<% +end
diff -r fc2383eb48a9 -r fc3ee39d7764 src/index.html.luan --- a/src/index.html.luan Thu Jun 16 20:52:24 2022 -0600 +++ b/src/index.html.luan Sun Jun 19 20:47:31 2022 -0600 @@ -7,6 +7,7 @@ local header = Shared.header or error() local footer = Shared.footer or error() local Forum = require "site:/lib/Forum.luan" +local forum_title = Forum.title or error() return function() @@ -16,7 +17,7 @@ <html> <head> <% head() %> - <title><%=Forum.title%></title> + <title><%=forum_title%></title> </head> <body> <% header() %>
diff -r fc2383eb48a9 -r fc3ee39d7764 src/lib/Db.luan --- a/src/lib/Db.luan Thu Jun 16 20:52:24 2022 -0600 +++ b/src/lib/Db.luan Sun Jun 19 20:47:31 2022 -0600 @@ -9,4 +9,7 @@ local Db = Lucene.index( dir, {} ) +Db.indexed_fields.user_email = Lucene.type.lowercase +Db.indexed_fields.user_name = Lucene.type.lowercase + return Db
diff -r fc2383eb48a9 -r fc3ee39d7764 src/lib/Shared.luan --- a/src/lib/Shared.luan Thu Jun 16 20:52:24 2022 -0600 +++ b/src/lib/Shared.luan Sun Jun 19 20:47:31 2022 -0600 @@ -1,6 +1,10 @@ local Luan = require "luan:Luan.luan" local error = Luan.error +local Http = require "luan:http/Http.luan" local Forum = require "site:/lib/Forum.luan" +local User = require "site:/lib/User.luan" +local Logging = require "luan:logging/Logging.luan" +local logger = Logging.logger "Shared" local Shared = {} @@ -15,9 +19,16 @@ end function Shared.header() + local user = User.current() %> <div header> <a href="/"><%=Forum.title%></a> + - +<% if user == nil then %> + <a href="/login.html">login</a> +<% else %> + <a href="/account.html"><%=user.name_html%></a> +<% end %> </div> <% end @@ -30,4 +41,8 @@ <% end +function Shared.base_url() + return Http.request.scheme.."://"..Http.request.headers["host"] +end + return Shared
diff -r fc2383eb48a9 -r fc3ee39d7764 src/lib/User.luan --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/lib/User.luan Sun Jun 19 20:47:31 2022 -0600 @@ -0,0 +1,118 @@ +local Luan = require "luan:Luan.luan" +local error = Luan.error +local set_metatable = Luan.set_metatable or error() +local range = Luan.range or error() +local String = require "luan:String.luan" +local sub_string = String.sub or error() +local Table = require "luan:Table.luan" +local concat = Table.concat or error() +local Math = require "luan:Math.luan" +local random = Math.random or error() +local Time = require "luan:Time.luan" +local time_now = Time.now or error() +local Html = require "luan:Html.luan" +local html_encode = Html.encode or error() +local Lucene = require "luan:lucene/Lucene.luan" +local lucene_quote = Lucene.quote or error() +local Http = require "luan:http/Http.luan" +local Db = require "site:/lib/Db.luan" + + +local User = {} + +local function from_doc(doc) + doc.type == "user" or error "wrong type" + return User.new { + id = doc.id + email = doc.user_email + password = doc.password + name = doc.user_name + created = doc.created + } +end + +local function to_doc(user) + local email = user.email + return { + type = "user" + id = user.id + user_email = email + password = user.password + user_name = user.name + created = user.created or time_now() + } +end + +local metatable = {} +function metatable.__index(user,key) + if key == "name_html" then + user.name_html = html_encode(user.name) + return user.name_html + end + return nil +end + +function User.new(user) + + function user.save() + local doc = to_doc(user) + Db.save(doc) + user.id = doc.id + end + + set_metatable(user,metatable) + return user +end + +function User.get_by_email(email) + local doc = Db.get_document("user_email:"..lucene_quote(email)) + return doc and from_doc(doc) +end + +local function get_by_name(name) + local doc = Db.get_document("user_name:"..lucene_quote(name)) + return doc and from_doc(doc) +end +User.get_by_name = get_by_name + +function User.current() + local name = Http.request.cookies.user + local password = Http.request.cookies.password + if name == nil or password == nil then + return nil + end + local user = get_by_name(name) + if user == nil or user.password ~= password then + return nil + end + return user +end + +local password_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" +do + local t = {} + for i in range(1,#password_chars) do + t[#t+1] = sub_string(password_chars,i,i) + end + password_chars = t +end + +local function new_password() + local n = #password_chars + local t = {} + for _ in range(1,10) do + t[#t+1] = password_chars[random(n)] + end + return concat(t) +end + +function User.get_or_create_by_email(email) + local user = User.get_by_email(email) + if user == nil then + user = User.new{ email=email, password=new_password() } + user.save() + end + return user +end + +return User
diff -r fc2383eb48a9 -r fc3ee39d7764 src/login.html.luan --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/login.html.luan Sun Jun 19 20:47:31 2022 -0600 @@ -0,0 +1,135 @@ +local Luan = require "luan:Luan.luan" +local error = Luan.error +local String = require "luan:String.luan" +local trim = String.trim or error() +local Html = require "luan:Html.luan" +local url_encode = Html.url_encode or error() +local Io = require "luan:Io.luan" +local Http = require "luan:http/Http.luan" +local Shared = require "site:/lib/Shared.luan" +local head = Shared.head or error() +local header = Shared.header or error() +local footer = Shared.footer or error() +local base_url = Shared.base_url or error() +local Forum = require "site:/lib/Forum.luan" +local forum_title = Forum.title or error() +local User = require "site:/lib/User.luan" +local Db = require "site:/lib/Db.luan" +local run_in_transaction = Db.run_in_transaction or error() + + +local function get_user(email,password) + local user = User.get_by_email(email) + user or error "email not found" + user.password == password or error "wrong password" + return user +end + +local function login(user) + Http.response.set_persistent_cookie("user",user.name) + Http.response.set_persistent_cookie("password",user.password) + Http.request.cookies.user = user.name + Http.request.cookies.password = user.password +end + +local function register_form(user,name,error_message) + if error_message ~= nil then %> + <p error>Error: <%= error_message %></p> +<% end %> + <form> + <input type="hidden" name="email" value="<%= user.email %>" > + <input type="hidden" name="password" value="<%= user.password %>" > + <label>User name for <%= user.email %></label> + <input type="text" name="name" value="<%= name or "" %>" autofocus required> + <input type="submit" value="Register"> + </form> +<% +end + +local function page(contents) + Io.stdout = Http.response.text_writer() +%> +<!doctype html> +<html> + <head> +<% head() %> + <title><%=forum_title%> - Login or Register</title> + </head> + <body> +<% header() %> + <div content> + <h1>Login or Register</h1> +<% + contents() +%> + </div> +<% footer() %> + </body> +</html> +<% +end + +return function() + local email = Http.request.parameters.email + local password = Http.request.parameters.password + local name = Http.request.parameters.name + if email == nil then + page(function() +%> + <form> + <label>Email address</label> + <input type="email" name="email" autofocus required> + <input type="submit" value="Login or Register"> + </form> +<% + end) + elseif password == nil then + local user = User.get_or_create_by_email(email) + page(function() +%> + <p>We have sent you an email. Please check your email to login or register.</p> + <p>hack - <a href="<%=base_url()%>/login.html?email=<%=url_encode(email)%>&password=<%=user.password%>">link</a></p> +<% + end) + elseif name == nil then + local user = get_user(email,password) + if user.name == nil then + page(function() + register_form(user) + end) + else + login(user) + page(function() +%> + <p>You are now logged in.</p> +<% + end) + end + else + name = trim(name) + #name > 0 or error "empty name" + local error_message = nil + local user + run_in_transaction( function() + user = get_user(email,password) + if user.name ~= name and User.get_by_name(name) ~= nil then + error_message = "Name already in use" + else + user.name = name + user.save() + end + end ) + if error_message ~= nil then + page(function() + register_form(user,name,error_message) + end) + else + login(user) + page(function() +%> + <p>You are now registered.</p> +<% + end) + end + end +end
diff -r fc2383eb48a9 -r fc3ee39d7764 src/logout.html.luan --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/logout.html.luan Sun Jun 19 20:47:31 2022 -0600 @@ -0,0 +1,37 @@ +local Luan = require "luan:Luan.luan" +local error = Luan.error +local Io = require "luan:Io.luan" +local Http = require "luan:http/Http.luan" +local Shared = require "site:/lib/Shared.luan" +local head = Shared.head or error() +local header = Shared.header or error() +local footer = Shared.footer or error() +local Forum = require "site:/lib/Forum.luan" +local forum_title = Forum.title or error() + + +return function() + Http.response.remove_cookie("user") + Http.response.remove_cookie("password") + Http.request.cookies.user = nil + Http.request.cookies.password = nil + Io.stdout = Http.response.text_writer() +%> +<!doctype html> +<html> + <head> +<% head() %> + <title><%=forum_title%> - Logout</title> + </head> + <body> +<% header() %> + <div content> + <h1>Logout</h1> + + <p>You have been logged out.</p> + </div> +<% footer() %> + </body> +</html> +<% +end