From 87dc291c86948d2a9f8925a193ee1a70fca046d5 Mon Sep 17 00:00:00 2001 From: swag Date: Mon, 21 Nov 2022 21:59:43 -0500 Subject: [PATCH] Add link to mod login; change the way session is stored; add route to logout; some clean-up --- lib/PostText.pm | 30 +++++++++++++++++----------- lib/PostText/Controller/Moderator.pm | 21 +++++++++++++++++-- lib/PostText/Model/Moderator.pm | 18 ++++++++++++++++- templates/layouts/main.html.ep | 5 +++-- templates/moderator/list.html.ep | 1 + 5 files changed, 58 insertions(+), 17 deletions(-) diff --git a/lib/PostText.pm b/lib/PostText.pm index 42fb24d..38379b7 100644 --- a/lib/PostText.pm +++ b/lib/PostText.pm @@ -83,7 +83,7 @@ sub startup($self) { my $thread = $r->under('/thread'); $thread->under('/list') - ->get('/:list_page', [list_page => qr/[0-9]+/], {list_page => 1}) + ->get('/:list_page', [list_page => qr/\d+/], {list_page => 1}) ->to('thread#by_page') ->name('threads_list'); @@ -91,18 +91,18 @@ sub startup($self) { ->to('thread#create') ->name('post_thread'); - $thread->under('/single/:thread_id', [thread_id => qr/[0-9]+/]) - ->get('/:thread_page', [thread_page => qr/[0-9]+/], {thread_page => 1}) + $thread->under('/single/:thread_id', [thread_id => qr/\d+/]) + ->get('/:thread_page', [thread_page => qr/\d+/], {thread_page => 1}) ->to('thread#by_id') ->name('single_thread'); $thread->under('/bump') - ->get('/:thread_id', [thread_id => qr/[0-9]+/]) + ->get('/:thread_id', [thread_id => qr/\d+/]) ->to('thread#bump') ->name('bump_thread'); $thread->under('/flag') - ->get('/:thread_id', [thread_id => qr/[0-9]+/]) + ->get('/:thread_id', [thread_id => qr/\d+/]) ->to('thread#flag') ->name('flag_thread'); @@ -110,35 +110,41 @@ sub startup($self) { my $remark = $r->under('/remark'); $remark->under('/post') - ->any([qw{GET POST}], '/:thread_id', [thread_id => qr/[0-9]+/]) + ->any([qw{GET POST}], '/:thread_id', [thread_id => qr/\d+/]) ->to('remark#create') ->name('post_remark'); $remark->under('/single') - ->get('/:remark_id', [remark_id => qr/[0-9]+/]) + ->get('/:remark_id', [remark_id => qr/\d+/]) ->to('remark#by_id') ->name('single_remark'); $remark->under('/flag') - ->get('/:remark_id', [remark_id => qr/[0-9]+/]) + ->get('/:remark_id', [remark_id => qr/\d+/]) ->to('remark#flag') ->name('flag_remark'); - # Login + # Login/out $r->any([qw{GET POST}], '/login') ->to('moderator#login') ->name('mod_login'); + $r->get('/logout') + ->to('moderator#logout') + ->name('mod_logout'); + # Moderator my $moderator = $r->under('/moderator', sub ($c) { - return 1 if $c->session('moderator'); + return 1 if $c->session('mod_id') =~ /^\d+$/; $c->redirect_to('mod_login'); - + # Return false otherwise a body is rendered with the redirect... return undef; }); - $moderator->get('/list')->to('moderator#list')->name('mod_list'); + $moderator->get('/list') + ->to('moderator#list') + ->name('mod_list'); } 1; diff --git a/lib/PostText/Controller/Moderator.pm b/lib/PostText/Controller/Moderator.pm index 25d799d..be2f65a 100644 --- a/lib/PostText/Controller/Moderator.pm +++ b/lib/PostText/Controller/Moderator.pm @@ -7,10 +7,14 @@ sub list($self) { $self->render } sub login($self) { my $v; + #Already logged in? + return $self->redirect_to('mod_list') + if $self->session('mod_id') =~ /^\d$/; + $v = $self->validation if $self->req->method eq 'POST'; if ($v && $v->has_data) { - my ($email, $password); + my ($email, $password, $mod_id, $mod_name); $v->required('email' ); $v->required('password'); @@ -22,12 +26,17 @@ sub login($self) { $email = $self->param('email' ); $password = $self->param('password'); + $mod_id = $self->moderator->get_id($email); + $mod_name = $self->moderator->get_name($mod_id); + if ($self->moderator->check($email, $password)) { - $self->session(moderator => 1); + $self->session(mod_id => $mod_id); + $self->flash(info => "Hello, $mod_name 😎"); return $self->redirect_to('mod_list'); } else { + $self->stash(status => 403); $self->flash(error => 'Invalid login! 🧐') } } @@ -36,4 +45,12 @@ sub login($self) { $self->render; } +sub logout($self) { + delete $self->session->{'mod_id'}; + + $self->flash(info => 'Logged out successfully 👋'); + + $self->redirect_to('threads_list'); +} + 1; diff --git a/lib/PostText/Model/Moderator.pm b/lib/PostText/Model/Moderator.pm index 7783c8e..63c7cb4 100644 --- a/lib/PostText/Model/Moderator.pm +++ b/lib/PostText/Model/Moderator.pm @@ -7,7 +7,7 @@ has [qw{pg authenticator}]; sub check($self, $email, $password) { my $moderator = $self->pg->db->query(<<~'END_SQL', $email)->hash; - SELECT moderator_id AS id, + SELECT moderator_id AS id, password_hash FROM moderators WHERE email_addr = ?; @@ -19,4 +19,20 @@ sub check($self, $email, $password) { ->verify_password($password, $moderator->{'password_hash'}); } +sub get_id($self, $email) { + $self->pg->db->query(<<~'END_SQL', $email)->hash->{'moderator_id'} + SELECT moderator_id + FROM moderators + WHERE email_addr = ?; + END_SQL +} + +sub get_name($self, $mod_id) { + $self->pg->db->query(<<~'END_SQL', $mod_id)->hash->{'moderator_name'} + SELECT moderator_name + FROM moderators + WHERE moderator_id = ?; + END_SQL +} + 1; diff --git a/templates/layouts/main.html.ep b/templates/layouts/main.html.ep index 88b69cd..0ba3ea7 100644 --- a/templates/layouts/main.html.ep +++ b/templates/layouts/main.html.ep @@ -7,8 +7,9 @@

Post::Text

<% if (flash 'error') { =%> diff --git a/templates/moderator/list.html.ep b/templates/moderator/list.html.ep index c7c03f6..e715fdf 100644 --- a/templates/moderator/list.html.ep +++ b/templates/moderator/list.html.ep @@ -2,3 +2,4 @@ % title 'Top Secret';

<%= title %>

For mods only!!

+<%= link_to Logout => 'mod_logout' %>