From 27e1ef1ad8d7d834054b750708343378ce9e9ec5 Mon Sep 17 00:00:00 2001 From: Jomar Milan Date: Mon, 8 Jun 2026 15:24:03 -0700 Subject: Remove passcodes and session listing Instead, the session ID is treated as a secret --- src/main.rs | 50 +++++++++++++++++++++----------------------------- src/session.rs | 4 +--- src/template.rs | 5 +---- 3 files changed, 23 insertions(+), 36 deletions(-) (limited to 'src') diff --git a/src/main.rs b/src/main.rs index 1006b35..d9852e3 100644 --- a/src/main.rs +++ b/src/main.rs @@ -8,14 +8,13 @@ use crate::template::{IndexTemplate, SessionTemplate}; use askama::Template; use axum::extract::{Path, Query, State, WebSocketUpgrade}; use axum::http::{StatusCode, header}; -use axum::response::{Html, IntoResponse, Response}; +use axum::response::{Html, IntoResponse, Redirect, Response}; use axum::routing::{any, get, put}; use axum::{Json, Router}; use rust_embed::Embed; use std::collections::HashMap; use std::net::SocketAddr; use std::sync::{Arc, RwLock}; -use std::time::{SystemTime, UNIX_EPOCH}; #[derive(Embed)] #[folder = "assets/"] @@ -38,6 +37,7 @@ async fn main() { let app = Router::new() .route("/", get(serve_index)) .route("/dist/{*path}", get(serve_static)) + .route("/find-session", get(find_session)) .route("/session/{id}", get(visit_session).put(create_session)) .route("/session/{id}/hands", put(update_hands)) .route("/session/{id}/play", any(upgrade_play)) @@ -49,17 +49,14 @@ async fn main() { } fn serve_template(template: impl Template) -> Result, &'static str> { - template.render() - .map(|html| Html(html)) - .map_err(|err| { - eprintln!("Template render error: {}", err); - "Template render error" - }) + template.render().map(Html).map_err(|err| { + eprintln!("Template render error: {}", err); + "Template render error" + }) } -async fn serve_index(State(state): State>) -> axum::response::Result> { - let sessions = state.sessions.read().unwrap(); - let template = IndexTemplate { sessions: &sessions }; +async fn serve_index() -> axum::response::Result> { + let template = IndexTemplate; Ok(serve_template(template)?) } @@ -76,42 +73,37 @@ async fn serve_static(Path(path): Path) -> Response { } } +async fn find_session(Query(query): Query>) -> axum::response::Result { + let id = query.get("id").ok_or(StatusCode::NOT_FOUND)?; + Ok(Redirect::to(format!("/session/{}", id).as_str())) +} + async fn visit_session( Path(id): Path, - Query(query): Query>, State(state): State>, ) -> axum::response::Result> { - let passcode = query.get("passcode"); - let sessions = state.sessions.read().unwrap(); - let session = sessions.get(&id).ok_or((StatusCode::NOT_FOUND, "Session does not exist"))?; + let session = sessions + .get(&id) + .ok_or((StatusCode::NOT_FOUND, "Session does not exist"))?; - if let Some(passcode) = passcode && passcode.as_str() == session.passcode { - let template = SessionTemplate { id: &id, session }; - Ok(serve_template(template)?) - } else { - Err((StatusCode::FORBIDDEN, "Incorrect session passcode"))? - } + let template = SessionTemplate { id: &id, session }; + Ok(serve_template(template)?) } async fn create_session( Path(id): Path, Query(query): Query>, State(state): State>, -) -> Response { +) -> StatusCode { let name = query.get("name").cloned().unwrap_or("Unknown".to_string()); - let passcode = SystemTime::now() - .duration_since(UNIX_EPOCH) - .map(|duration| duration.subsec_nanos()) - .unwrap_or(675603000) - .to_string(); let mut sessions = state.sessions.write().unwrap(); - let session = Session::new(name, passcode.clone()); + let session = Session::new(name); sessions.insert(id, session); - (StatusCode::CREATED, passcode).into_response() + StatusCode::CREATED } async fn update_hands( diff --git a/src/session.rs b/src/session.rs index 06ec483..6aeee9f 100644 --- a/src/session.rs +++ b/src/session.rs @@ -3,7 +3,6 @@ use std::collections::HashMap; pub struct Session { pub steam_name: String, - pub passcode: String, pub hands: HashMap>, } @@ -40,10 +39,9 @@ pub struct CustomDeck { } impl Session { - pub fn new(steam_name: String, passcode: String) -> Self { + pub fn new(steam_name: String) -> Self { Session { steam_name, - passcode, hands: HashMap::new(), } } diff --git a/src/template.rs b/src/template.rs index 8a36a09..34fe69a 100644 --- a/src/template.rs +++ b/src/template.rs @@ -1,12 +1,9 @@ use crate::session::Session; use askama::Template; -use std::collections::HashMap; #[derive(Template)] #[template(path = "index.html")] -pub struct IndexTemplate<'a> { - pub sessions: &'a HashMap, -} +pub struct IndexTemplate; #[derive(Template)] #[template(path = "session.html")] -- cgit v1.2.3