Began implementing extremely basic user self-management interface.

src/server.rs

@@ -2,6 +2,7 @@ use crate::{config, UIDCError};
 
 mod oidc;
 mod session;
+mod um;
 
 pub struct ServerState {
     config: config::Config,
@@ -70,6 +71,7 @@ pub async fn run_server(
 
     session::session_v1_server(app.at("/:realm/v1/session/"));
     oidc::oidc_server(app.at("/:realm/"));
+    um::um_server(app.at("/:realm/um/"));
 
     app.listen(("127.0.0.1", port))
         .await

src/server/um.rs

@@ -0,0 +1,78 @@
+use tide::http::mime;
+use microrm::prelude::*;
+
+use crate::{schema, UIDCError};
+
+type Request = tide::Request<super::ServerStateWrapper>;
+
+fn generate_template_data(qi: &microrm::QueryInterface, realm: schema::RealmID, user: schema::UserID) -> Result<serde_json::Value, UIDCError> {
+    let user = qi.get().by_id(&user).one()?.ok_or(UIDCError::Abort("couldn't find user"))?;
+
+    let has_totp = qi.get().by(schema::AuthChallenge::User, &user.id()).by(schema::AuthChallenge::ChallengeType, &schema::AuthChallengeType::TOTP).one()?.is_some();
+
+    let template_data = serde_json::json!({
+        "username": user.username,
+        "totp_control": if has_totp {
+            serde_json::json!([{ "value": "keep", "text": "Keep as-is"}, { "value": "remove", "text": "Remove" }, { "value": "reset", "text": "Reset" }])
+        } else {
+            serde_json::json!([{ "value": "keep", "text": "Leave disabled" }, { "value": "reset", "text": "Start setup" }])
+        },
+    });
+
+    Ok(template_data)
+}
+
+async fn um_index(mut req: Request) -> tide::Result<tide::Response> {
+    let shelper = super::session::SessionHelper::new(&req);
+
+    let (realm, user) = match shelper.verify_session(&req) {
+        Some(v) => v,
+        None => {
+            return Ok(tide::Redirect::temporary(format!("../v1/session/login?redirect={}", req.url())).into())
+        },
+    };
+    let qi = req.state().core.pool.query_interface();
+
+    // template_data.as_object_mut().and_then(|o| o.append
+    let template_data = generate_template_data(qi, realm, user)?;
+
+    Ok(tide::Response::builder(200)
+            .content_type(mime::HTML)
+            .body(req.state().core.templates.render("um_index", &template_data).map_err(|_| tide::Error::from_str(500, "error rendering template"))?)
+            .build())
+}
+
+async fn um_update(mut req: Request) -> tide::Result<tide::Response> {
+    let shelper = super::session::SessionHelper::new(&req);
+
+    let (realm, user) = match shelper.verify_session(&req) {
+        Some(v) => v,
+        None => {
+            return Ok(tide::Redirect::temporary("../v1/session/login?redirect=../../um/").into())
+        },
+    };
+    let qi = req.state().core.pool.query_interface();
+
+    let progress : Result<Vec<String>, UIDCError> = {
+        let mut info_msgs = vec![];
+
+        let password_challenge = qi.get().by(schema::AuthChallenge::User, &user).by(schema::AuthChallenge::ChallengeType, &schema::AuthChallengeType::Password).one()?;
+
+        Ok(info_msgs)
+    };
+
+    let mut template_data = generate_template_data(qi, realm, user)?;
+
+    template_data.as_object_mut().and_then(|o| o.insert("info_msg".into(), serde_json::json!(["Update request received"])));
+
+    Ok(tide::Response::builder(200)
+            .content_type(mime::HTML)
+            .body(req.state().core.templates.render("um_index", &template_data).map_err(|_| tide::Error::from_str(500, "error rendering template"))?)
+            .build())
+}
+
+pub(super) fn um_server(mut route: tide::Route<super::ServerStateWrapper>) {
+    route.at("/").get(um_index);
+    route.at("update").post(um_update);
+    // route.at("/change_password").get(um_change_password).post(um_change_password_post);
+}

src/user.rs

@@ -42,6 +42,13 @@ impl User {
         }
     }
 
+    pub fn from_id(id: schema::UserID) -> Self {
+        Self {
+            id,
+            model: None
+        }
+    }
+
     pub fn id(&self) -> schema::UserID {
         self.id
     }

static/style.css

@@ -22,9 +22,9 @@ div.content-box h1 {
 }
 
 table.content-table {
-    height: 15em;
     width: 100%;
     text-align: left;
+    table-layout: fixed;
 }
 
 table.content-table td {
@@ -41,6 +41,14 @@ table.content-table td input[type=submit] {
     padding: .5em;
 }
 
+div.info-msg {
+    background: #ccf;
+    border: #888 1px solid;
+    border-radius: 5pt;
+    padding-left: 1em;
+    padding-right: 1em;
+}
+
 div.error-msg {
     background: #fcc;
     border: #888 1px solid;

tmpl/id_v1_login.tmpl

@@ -15,7 +15,14 @@
                         {{ #each error_msg }}
                             <tr>
                                 <td colspan="3">
-                                        <div class="error-msg">{{ this }}</div>
+                                    <div class="error-msg">{{ this }}</div>
+                                </td>
+                            </tr>
+                        {{ /each }}
+                        {{ #each info_msg }}
+                            <tr>
+                                <td colspan="3">
+                                    <div class="info-msg">{{ this }}</div>
                                 </td>
                             </tr>
                         {{ /each }}

tmpl/um_index.tmpl

@@ -0,0 +1,78 @@
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>User management</title>
+
+        <link rel="stylesheet" text="text/css" href="/static/style.css">
+    </head>
+    <body>
+        <div>
+            <div class="content-box">
+                <h1>User management</h1>
+
+                <div style="text-align: right">
+                    <a href="../v1/session/logout">Logout</a>
+                </div>
+
+                <form action="update" method="POST">
+                    <table class="content-table" style="table-layout: auto">
+                        {{ #each error_msg }}
+                            <tr>
+                                <td colspan="3">
+                                    <div class="error-msg">{{ this }}</div>
+                                </td>
+                            </tr>
+                        {{ /each }}
+                        {{ #each info_msg }}
+                            <tr>
+                                <td colspan="3">
+                                    <div class="info-msg">{{ this }}</div>
+                                </td>
+                            </tr>
+                        {{ /each }}
+                        <tr>
+                            <td>Logged in as:</td>
+                            <td>{{ username }}</td>
+                        </tr>
+                        <tr><td>&nbsp;</td></tr>
+                        <tr><td colspan="3"><small>In order to make changes, you must authenticate with your current password.</small></td></tr>
+                        <tr><td>&nbsp;</td></tr>
+                        <tr>
+                            <td>Current password:</td>
+                            <td><input type="password" name="current_password" /></td>
+                        </tr>
+                        <tr><td>&nbsp;</td></tr>
+                        <tr>
+                            <td>New password:</td>
+                            <td><input type="password" name="new_password" /><br /><input type="password" name="new_password_repeated" /></td>
+                        </tr>
+                        <tr>
+                            <td>New password (again):</td>
+                            <td><input type="password" name="new_password_repeated" /></td>
+                        </tr>
+                        <tr><td>&nbsp;</td></tr>
+                        <tr>
+                            <td>
+                                TOTP control:
+                            </td>
+                            <td>
+                                <select name="totp_control">
+                                    {{ #each totp_control }}
+                                        <option value="{{ value }}">{{ text }}</option>
+                                    {{ /each }}
+                                </input>
+                            </td>
+                        </tr>
+                        <tr><td>&nbsp;</td></tr>
+                        <tr>
+                            <td colspan="3" style="text-align: center"><input type="submit" value="Update" /></td>
+                        </tr>
+                    </table>
+                </form>
+            </div>
+            <div class="footer">
+                Copyright &copy; Kestrel 2023. Released under the terms of the 4-clause BSD license.
+            </div>
+        </div>
+    </body>
+</html>