From 66d3fcf2e22f057bacce8d97d43a13c1c5a9ad09 Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Tue, 29 Oct 2024 23:29:22 -0400
Subject: Add `change password` UI + API.

The protocol here re-checks the caller's password, as a "I left myself logged in" anti-pranking check.
---
 src/ui/routes/me.rs  | 32 ++++++++++++++++++++++++++++++++
 src/ui/routes/mod.rs |  2 ++
 2 files changed, 34 insertions(+)
 create mode 100644 src/ui/routes/me.rs

(limited to 'src/ui')

diff --git a/src/ui/routes/me.rs b/src/ui/routes/me.rs
new file mode 100644
index 0000000..f1f118f
--- /dev/null
+++ b/src/ui/routes/me.rs
@@ -0,0 +1,32 @@
+pub mod get {
+    use axum::response::{self, IntoResponse, Redirect};
+
+    use crate::{
+        error::Internal,
+        token::extract::Identity,
+        ui::assets::{Asset, Assets},
+    };
+
+    pub async fn handler(identity: Option<Identity>) -> Result<Asset, Error> {
+        let _ = identity.ok_or(Error::NotLoggedIn)?;
+
+        Assets::index().map_err(Error::Internal)
+    }
+
+    #[derive(Debug, thiserror::Error)]
+    pub enum Error {
+        #[error("not logged in")]
+        NotLoggedIn,
+        #[error("{0}")]
+        Internal(Internal),
+    }
+
+    impl IntoResponse for Error {
+        fn into_response(self) -> response::Response {
+            match self {
+                Self::NotLoggedIn => Redirect::temporary("/login").into_response(),
+                Self::Internal(error) => error.into_response(),
+            }
+        }
+    }
+}
diff --git a/src/ui/routes/mod.rs b/src/ui/routes/mod.rs
index 72d9a4a..48b3f90 100644
--- a/src/ui/routes/mod.rs
+++ b/src/ui/routes/mod.rs
@@ -6,6 +6,7 @@ mod ch;
 mod get;
 mod invite;
 mod login;
+mod me;
 mod path;
 mod setup;
 
@@ -16,6 +17,7 @@ pub fn router(app: &App) -> Router<App> {
             .route("/setup", get(setup::get::handler)),
         Router::new()
             .route("/", get(get::handler))
+            .route("/me", get(me::get::handler))
             .route("/login", get(login::get::handler))
             .route("/ch/:channel", get(ch::channel::get::handler))
             .route("/invite/:invite", get(invite::invite::get::handler))
-- 
cgit v1.2.3