admin login handler logic reworked

2024-12-30 14:52:11 +01:00 · 2024-12-30 14:52:11 +01:00 · 2bf5ae58e5
commit 2bf5ae58e5
parent e2abd2ca83
1 changed files with 37 additions and 25 deletions
--- a/backend/src/handlers.rs
+++ b/backend/src/handlers.rs
@ -108,61 +108,73 @@ pub async fn admin_login(
    db: web::Data<Arc<Mutex<Connection>>>,
    credentials: web::Json<LoginCredentials>,
 ) -> impl Responder {
-    let conn = db.lock().unwrap();
+    let conn = match db.lock() {
+        Ok(conn) => conn,
+        Err(_) => return HttpResponse::InternalServerError().body("Database lock error"),
+    };

    let mut stmt =
        match conn.prepare("SELECT username, password_hash FROM admin_users WHERE username = ?1") {
            Ok(stmt) => stmt,
-            Err(e) => return HttpResponse::InternalServerError().body(format!("Error: {}", e)),
+            Err(e) => {
+                return HttpResponse::InternalServerError().body(format!("Database error: {}", e))
+            }
        };

-    let admin: Option<AdminUser> = stmt
-        .query_row([&credentials.username], |row| {
+    let admin: Option<AdminUser> = match stmt.query_row([&credentials.username], |row| {
        Ok(AdminUser {
            username: row.get(0)?,
            password_hash: row.get(1)?,
        })
-        })
-        .ok();
+    }) {
+        Ok(admin) => Some(admin),
+        Err(rusqlite::Error::QueryReturnedNoRows) => None, // No user found
+        Err(e) => return HttpResponse::InternalServerError().body(format!("Query error: {}", e)),
+    };

    match admin {
        Some(user) => {
-            let parsed_hash = PasswordHash::new(&user.password_hash).unwrap();
-            let argon2 = Argon2::default();
+            let parsed_hash = match PasswordHash::new(&user.password_hash) {
+                Ok(hash) => hash,
+                Err(_) => {
+                    return HttpResponse::InternalServerError()
+                        .body("Invalid password hash format in database")
+                }
+            };

+            let argon2 = Argon2::default();
            let is_valid = argon2
                .verify_password(credentials.password.as_bytes(), &parsed_hash)
                .is_ok();

            if is_valid {
-                let expiration = SystemTime::now()
-                    .duration_since(UNIX_EPOCH)
-                    .unwrap()
-                    .as_secs() as usize
-                    + 24 * 3600;
+                let expiration = match SystemTime::now().duration_since(UNIX_EPOCH) {
+                    Ok(duration) => duration.as_secs() as usize + 24 * 3600,
+                    Err(_) => return HttpResponse::InternalServerError().body("System time error"),
+                };

                let claims = Claims {
                    sub: user.username,
                    exp: expiration,
                };

-                let token = encode(
+                let token = match encode(
                    &Header::default(),
                    &claims,
                    &EncodingKey::from_secret("your-secret-key".as_ref()),
-                )
-                .unwrap();
+                ) {
+                    Ok(token) => token,
+                    Err(_) => {
+                        return HttpResponse::InternalServerError().body("Token generation error")
+                    }
+                };

                HttpResponse::Ok().json(json!({ "token": token }))
            } else {
-                HttpResponse::Unauthorized().json(json!({
-                    "error": "Invalid credentials"
-                }))
+                HttpResponse::Unauthorized().json(json!({ "error": "Invalid credentials" }))
            }
        }
-        None => HttpResponse::Unauthorized().json(json!({
-            "error": "Invalid credentials"
-        })),
+        None => HttpResponse::Unauthorized().json(json!({ "error": "Invalid credentials" })),
    }
 }