Add a message for login failure.

2017-09-25 19:12:54 +02:00 · 2017-09-25 19:12:54 +02:00 · cde078317a
commit cde078317a
parent 3a6a9cb21d
2 changed files with 12 additions and 8 deletions
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@ -117,7 +117,7 @@ fn login<'mw>(req: &mut Request,
              -> MiddlewareResult<'mw> {
    res.clear_jwt();
    let next = sanitize_next(req.query().get("next")).map(String::from);
-    res.ok(|o| templates::login(o, req, next))
+    res.ok(|o| templates::login(o, req, next, None))
 }

 fn do_login<'mw>(req: &mut Request,
@ -128,25 +128,28 @@ fn do_login<'mw>(req: &mut Request,
    let form_data = try_with!(res, req.form_body());
    let next = sanitize_next(form_data.get("next")).map(String::from);
    if let (Some(user), Some(pw)) = (form_data.get("user"),
-                                     form_data.get("password")) {
+                                     form_data.get("password"))
+    {
        use schema::users::dsl::*;
        if let Ok(hash) = users.filter(username.eq(user))
-                               .select(password)
-                               .first::<String>(c) {
+            .select(password)
+            .first::<String>(c)
+        {
            debug!("Hash for {} is {}", user, hash);
            if djangohashers::check_password_tolerant(pw, &hash) {
                info!("User {} logged in", user);
                res.set_jwt_user(user);
                return res.redirect(next.unwrap_or("/".to_string()));
            }
-            debug!("Password verification failed");
+            info!("Login failed: Password verification failed for {:?}", user);
        } else {
-            debug!("No hash found for {}", user);
+            info!("Login failed: No hash found for {:?}", user);
        }
    }
        next
    };
-    res.ok(|o| templates::login(o, req, next))
+    let message = Some("Login failed, please try again");
+    res.ok(|o| templates::login(o, req, next, message))
 }

 fn sanitize_next(next: Option<&str>) -> Option<&str> {
--- a/templates/login.rs.html
+++ b/templates/login.rs.html
@ -1,10 +1,11 @@
@use nickel::Request;
@use templates::page_base;

-@(req: &Request, next: Option<String>)
+@(req: &Request, next: Option<String>, message: Option<&str>)

@:page_base(req, "login", &[], {
    <form action="/login" method="post">
+      @if let Some(message) = message {<p>@message</p>}
      <p><label for="user">User:</label>
 	<input id="user" name="user"></p>
      <p><label for="password">Password:</label>