calendar-webapp/source/calendarwebapp/calendarwebapp.d

134 lines
3.8 KiB
D
Raw Normal View History

2017-09-17 17:52:41 +02:00
module calendarwebapp.calendarwebapp;
import botan.rng.rng : RandomNumberGenerator;
import calendarwebapp.authenticator;
2017-09-17 17:52:41 +02:00
import calendarwebapp.event;
import core.time : days;
import poodinis;
import std.datetime : Date;
import std.exception : enforce;
import std.typecons : Nullable;
import vibe.data.bson : BsonObjectID;
import vibe.http.common : HTTPStatusException;
import vibe.http.server : HTTPServerRequest, HTTPServerResponse;
import vibe.http.status : HTTPStatus;
import vibe.web.auth;
import vibe.web.web : errorDisplay, noRoute, redirect, render, SessionVar,
terminateSession;
@requiresAuth class CalendarWebapp
{
@noRoute AuthInfo authenticate(scope HTTPServerRequest req, scope HTTPServerResponse) @safe
{
if (authInfo.value.isNone)
2017-09-17 17:52:41 +02:00
redirect("/login");
return authInfo.value;
2017-09-17 17:52:41 +02:00
}
public:
@auth(Role.user | Role.admin) void index()
2017-09-17 17:52:41 +02:00
{
auto events = eventStore.getAllEvents();
auto authInfo = this.authInfo.value;
render!("showevents.dt", events, authInfo);
2017-09-17 17:52:41 +02:00
}
@noAuth void getLogin(string _error = null)
{
auto authInfo = this.authInfo.value;
render!("login.dt", _error, authInfo);
2017-09-17 17:52:41 +02:00
}
@noAuth @errorDisplay!getLogin void postLogin(string username, string password) @safe
{
auto authInfo = authenticator.checkUser(username, password);
enforce(!authInfo.isNull, "Benutzername oder Passwort ungültig");
this.authInfo = authInfo.get;
2017-09-17 17:52:41 +02:00
redirect("/");
}
@auth(Role.user | Role.admin) void getLogout() @safe
2017-09-17 17:52:41 +02:00
{
terminateSession();
redirect("/");
}
@auth(Role.user | Role.admin) void getCreateevent(
ValidationErrorData _error = ValidationErrorData.init)
2017-09-17 17:52:41 +02:00
{
auto authInfo = this.authInfo.value;
render!("createevent.dt", _error, authInfo);
2017-09-17 17:52:41 +02:00
}
@auth(Role.user | Role.admin) @errorDisplay!getCreateevent void postCreateevent(Date begin,
2017-09-17 17:52:41 +02:00
Nullable!Date end, string description, string name, EventType type, bool shout) @safe
{
import std.array : replace, split;
if (!end.isNull)
enforce(end - begin >= 1.days,
"Mehrtägige Ereignisse müssen mindestens einen Tag dauern");
auto event = Event(BsonObjectID.generate, begin, end, name,
description.replace("\r", ""), type, shout);
eventStore.addEvent(event);
redirect("/");
}
@auth(Role.user | Role.admin) void postRemoveevent(BsonObjectID id) @safe
2017-09-17 17:52:41 +02:00
{
eventStore.removeEvent(id);
redirect("/");
}
@auth(Role.admin) void getUsers()
{
auto users = authenticator.getAllUsers;
auto authInfo = this.authInfo.value;
render!("showusers.dt", users, authInfo);
}
@auth(Role.admin) void postRemoveuser(BsonObjectID id) @safe
{
authenticator.removeUser(id);
redirect("/users");
}
@auth(Role.admin) void getCreateuser(ValidationErrorData _error = ValidationErrorData.init)
{
auto authInfo = this.authInfo.value;
render!("createuser.dt", _error, authInfo);
}
@auth(Role.admin) @errorDisplay!getCreateuser void postCreateuser(string username,
string password, Privilege role)
{
import botan.passhash.bcrypt;
authenticator.addUser(AuthInfo(BsonObjectID.generate, username,
generateBcrypt(password, rng, 10), role));
redirect("/users");
}
2017-09-17 17:52:41 +02:00
private:
struct ValidationErrorData
{
string msg;
string field;
}
SessionVar!(AuthInfo, "authInfo") authInfo = AuthInfo(BsonObjectID.init,
string.init, string.init, Privilege.None);
2017-09-17 17:52:41 +02:00
@Autowire EventStore eventStore;
@Autowire Authenticator authenticator;
@Autowire RandomNumberGenerator rng;
2017-09-17 17:52:41 +02:00
}