Compare commits

..

4 Commits

Author SHA1 Message Date
absc 96781451b0 Improve the registration bit.
Now, we return a proper answer when creating a user through a
POST request.

Maybe in the future we will convert the APIs to use JSON, like
all cool kids do. However, it doesn't look like it makes much
sense in this case.
2024-08-03 01:13:47 +02:00
absc fa66ec399d We only allow POST for the registration form. 2024-08-02 23:46:24 +02:00
absc 2470af1296 Give a better name to the registration handler. 2024-08-02 23:43:03 +02:00
absc 631f729ed9 No, JSON is not needed here.
For this simple blogging platform, let's start simple, basic
HTML forms are enough.
2024-08-02 23:40:55 +02:00
3 changed files with 20 additions and 8 deletions

View File

@ -5,7 +5,7 @@ ERLC?= erlc -server
OBJS= dudeswave.beam dudeswave_app.beam OBJS= dudeswave.beam dudeswave_app.beam
OBJS+= dudeswave_supervisor.beam dudeswave_handler.beam OBJS+= dudeswave_supervisor.beam dudeswave_handler.beam
OBJS+= dudeswave_user_handler.beam OBJS+= dudeswave_newuser_handler.beam
all: ${OBJS} all: ${OBJS}

View File

@ -37,7 +37,7 @@ start(_Type, StartArgs) ->
Dispatch = cowboy_router:compile([ Dispatch = cowboy_router:compile([
{'_', [ {'_', [
{"/user", dudeswave_user_handler, #{bucket => ?USERSBUCKET}}, {"/user/new", dudeswave_newuser_handler, #{bucket => ?USERSBUCKET}},
{"/", dudeswave_handler, #{bucket => ?APPBUCKET}} {"/", dudeswave_handler, #{bucket => ?APPBUCKET}}
]} ]}
]), ]),

View File

@ -13,7 +13,7 @@
% ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF % ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
% OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. % OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
% %
-module(dudeswave_user_handler). -module(dudeswave_newuser_handler).
-moduledoc """ -moduledoc """
Register a new user. Register a new user.
""". """.
@ -27,7 +27,7 @@ Register a new user.
% %
-export([allowed_methods/2, content_types_accepted/2, -export([allowed_methods/2, content_types_accepted/2,
known_methods/2, resource_exists/2, is_conflict/2, known_methods/2, resource_exists/2, is_conflict/2,
create_user/2]). previously_existed/2, allow_missing_post/2, create_user/2]).
-include_lib("storage/include/storage.hrl"). -include_lib("storage/include/storage.hrl").
@ -42,13 +42,13 @@ init(Req, State) ->
{cowboy_rest, Req, State}. {cowboy_rest, Req, State}.
allowed_methods(Req, State) -> allowed_methods(Req, State) ->
{[<<"PUT">>], Req, State}. {[<<"POST">>], Req, State}.
content_types_accepted(Req, State) -> content_types_accepted(Req, State) ->
{[{{ <<"application">>, <<"json">>, '*'}, create_user}], Req, State}. {[{<<"application/x-www-form-urlencoded">>, create_user}], Req, State}.
known_methods(Req, State) -> known_methods(Req, State) ->
{[<<"PUT">>], Req, State}. {[<<"POST">>], Req, State}.
resource_exists(Req, State) -> resource_exists(Req, State) ->
{ok, Bucket} = maps:find(bucket, State), {ok, Bucket} = maps:find(bucket, State),
@ -68,14 +68,26 @@ is_conflict(Req, user_exists) -> {true, Req, []};
is_conflict(Req, State) -> {false, Req, State}. is_conflict(Req, State) -> {false, Req, State}.
previously_existed(Req, State) ->
{false, Req, State}.
allow_missing_post(Req, State) ->
{true, Req, State}.
create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) -> create_user(Req, {Bucket, [{name, Name}, {username, User}, {password, Pass}]}) ->
crypto:rand_seed(), crypto:rand_seed(),
Salt = rand:bytes(32), Salt = rand:bytes(32),
Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>), Hash = crypto:hash(sha256, <<Pass/binary, Salt/binary>>),
URI = uri_string:recompose(#{
scheme => cowboy_req:scheme(Req),
host => cowboy_req:host(Req),
path => lists:flatten(["/user/", User])
}),
case storage:write(Bucket, User, Hash, [{salt, Salt}, {name, Name}]) of case storage:write(Bucket, User, Hash, [{salt, Salt}, {name, Name}]) of
ok -> ok ->
{true, Req, []}; {{true, list_to_binary(URI)}, Req, []};
{error, Reason} -> {error, Reason} ->
{false, Req, Reason} {false, Req, Reason}
end. end.