diff --git a/.DS_Store b/.DS_Store
index d5ff4347031636a08a5ed987e6f02852fcb7c427..2914ecce4bd8e8af33e2fa9741bc2e8b49933c6b 100644
Binary files a/.DS_Store and b/.DS_Store differ
diff --git a/django_project/myapp/templates/myapp/login.html b/django_project/myapp/templates/myapp/login.html
index 1b2e6f28846bd7ac7a28d04cb8786fa30dae4449..235de7bce809ce9ad95a4c1a2f9d13746c295ca4 100644
--- a/django_project/myapp/templates/myapp/login.html
+++ b/django_project/myapp/templates/myapp/login.html
@@ -15,14 +15,17 @@
{% endif %}
<form method="post">
{% csrf_token %}
- <label for="email">Email:</label>
- <input type="email" name="email" id="email" required>
- <br><br>
+ <label for="id_email">Email:</label>
+ <input type="email" name="email" id="id_email" required><br><br>
+
+ <label for="id_password">Password:</label>
+ <input type="password" name="password" id="id_password" required><br><br>
+
<button type="submit">Login</button>
</form>
<p>
Don't have an account?
- <a href="{% url 'register' %}">Register here</a>
+ <a href="{% url 'register' %}">Register here</a>.
</p>
</body>
</html>
diff --git a/django_project/myapp/templates/myapp/register.html b/django_project/myapp/templates/myapp/register.html
index 97e890fc33cfbbfac02527651d93a81872073e54..11169e8491878c01c7e7af63143b9aff42bafc99 100644
--- a/django_project/myapp/templates/myapp/register.html
+++ b/django_project/myapp/templates/myapp/register.html
@@ -10,11 +10,9 @@
</head>
<body>
<h1>Register</h1>
-
{% if error %}
<p class="error">{{ error }}</p>
{% endif %}
-
<form method="post">
{% csrf_token %}
<label for="id_name">Name:</label>
@@ -23,9 +21,11 @@
<label for="id_email">Email:</label>
<input type="email" name="email" id="id_email" required><br><br>
+ <label for="id_password">Password:</label>
+ <input type="password" name="password" id="id_password" required><br><br>
+
<button type="submit">Register</button>
</form>
-
<p>
Already have an account?
<a href="{% url 'login' %}">Login here</a>.
diff --git a/django_project/myapp/views.py b/django_project/myapp/views.py
index 9c2717fa14c305fe857f05bbf787cbf4f2060124..24e97ca27558b9293de34be037ced58ec9236088 100644
--- a/django_project/myapp/views.py
+++ b/django_project/myapp/views.py
@@ -17,86 +17,76 @@ def init_db_view(request):
def register_view(request):
"""
- Handle user registration:
- - Display the registration form on GET.
- - On POST, create a new user via the Rust extension.
- - If successful, simulate login by storing the user in the session,
- then redirect to an account page.
+ Handles user registration. Expects POST with 'name', 'email', and 'password'.
+ Calls the Rust extension to create the user and then redirects to the login page.
"""
- db_url = settings.DATABASE_URL # Make sure this is defined in settings.py
+ db_url = settings.DATABASE_URL # Defined in settings.py
context = {}
if request.method == 'POST':
- name = request.POST.get('name')
- email = request.POST.get('email')
+ name = request.POST.get('name', '').strip()
+ email = request.POST.get('email', '').strip()
+ password = request.POST.get('password', '').strip()
- if not name or not email:
- context['error'] = "Both name and email are required."
+ if not name or not email or not password:
+ context['error'] = "Name, email, and password are required."
return render(request, 'myapp/register.html', context)
try:
- # Create the user via the Rust extension.
- rust_crud_api.create_user(db_url, name, email)
-
- # Optionally, simulate login by retrieving all users and finding the new one.
- # (In a production system, you'd have proper password handling.)
- users = rust_crud_api.get_all_users(db_url)
- user = next((u for u in users if u.email.lower() == email.lower()), None)
-
- if user is None:
- context['error'] = "Registration failed. Please try again."
- return render(request, 'myapp/register.html', context)
-
- # Store user information in the session to simulate login.
- request.session['user_id'] = user.id
- request.session['user_name'] = user.name
- request.session['user_email'] = user.email
-
- return redirect('account')
+ # Create the user with the hashed password via the Rust extension.
+ rust_crud_api.create_user(db_url, name, email, password)
+ # Redirect to the login page after successful registration.
+ return redirect('login')
except Exception as e:
context['error'] = f"An error occurred: {str(e)}"
return render(request, 'myapp/register.html', context)
- # For GET requests, just display the registration form.
return render(request, 'myapp/register.html', context)
+
def login_view(request):
"""
- Handles user login by checking if a user with the provided email exists.
- If found, stores user details in the session and redirects to the account page.
+ Handles user login by verifying credentials using the Rust extension.
+ If valid, stores user details in the session and redirects to the account page.
"""
- db_url = settings.DATABASE_URL # Ensure this is defined in your settings.py
+ db_url = settings.DATABASE_URL
context = {}
-
+
if request.method == 'POST':
email = request.POST.get('email', '').strip()
- if not email:
- context['error'] = "Email is required."
+ password = request.POST.get('password', '').strip()
+
+ if not email or not password:
+ context['error'] = "Email and password are required."
return render(request, 'myapp/login.html', context)
-
+
try:
- # Retrieve all users from the database via the Rust extension.
+ # Verify the user's credentials using the Rust extension.
+ is_valid = rust_crud_api.verify_user(db_url, email, password)
+ if not is_valid:
+ context['error'] = "Invalid email or password."
+ return render(request, 'myapp/login.html', context)
+
+ # Retrieve the user record to store additional info in session.
+ # (For simplicity, we retrieve all users and select the matching one.)
users = rust_crud_api.get_all_users(db_url)
- # Find the user with a matching email (case-insensitive).
user = next((u for u in users if u.email.lower() == email.lower()), None)
-
if not user:
- context['error'] = "User not found. Please register first."
+ context['error'] = "User not found."
return render(request, 'myapp/login.html', context)
-
- # Simulate login by storing user information in the session.
+
+ # Store user information in the session.
request.session['user_id'] = user.id
- request.session['user_email'] = user.email
request.session['user_name'] = user.name
-
+ request.session['user_email'] = user.email
+
return redirect('account')
except Exception as e:
context['error'] = f"An error occurred: {str(e)}"
return render(request, 'myapp/login.html', context)
-
+
return render(request, 'myapp/login.html', context)
-
def account_view(request):
"""
Display the account page for the logged-in user.
diff --git a/rust_crud_api/src/lib.rs b/rust_crud_api/src/lib.rs
index fbe7ef2d856cfcc2e72a0dd7a4115066da1eecb1..bc4f7b4dae2b557b1e5154f14a302dd46554fdc0 100644
--- a/rust_crud_api/src/lib.rs
+++ b/rust_crud_api/src/lib.rs
@@ -112,7 +112,7 @@ fn init_db(db_url: &str) -> PyResult<()> {
CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
name VARCHAR NOT NULL,
- email VARCHAR NOT NULL,
+ email VARCHAR NOT NULL UNIQUE,
password_hash VARCHAR NOT NULL
);
CREATE TABLE IF NOT EXISTS groups (
@@ -323,6 +323,7 @@ fn rust_crud_api(_py: Python, m: &PyModule) -> PyResult<()> {
m.add_function(wrap_pyfunction!(verify_jwt, m)?)?;
m.add_function(wrap_pyfunction!(hash_password, m)?)?;
m.add_function(wrap_pyfunction!(verify_password, m)?)?;
+ m.add_function(wrap_pyfunction!(verify_user, m)?)?;
Ok(())
}