From 8cc31463894b1cced32e31211a41b24b489ecc21 Mon Sep 17 00:00:00 2001
From: realaravinth <realaravinth@batsense.net>
Date: Tue, 30 Mar 2021 15:32:32 +0530
Subject: [PATCH] uname & email check

---
 src/api/v1/auth.rs       | 56 +++++++++++++++++++++++++++++++++
 src/api/v1/mod.rs        |  2 ++
 src/api/v1/tests/auth.rs | 68 ++++++++++++++++++++++++++++++++++++++++
 static/login/index.html  | 45 ++++++++++++++++++++++++--
 4 files changed, 169 insertions(+), 2 deletions(-)

diff --git a/src/api/v1/auth.rs b/src/api/v1/auth.rs
index e2986d26..25bc382f 100644
--- a/src/api/v1/auth.rs
+++ b/src/api/v1/auth.rs
@@ -150,3 +150,59 @@ pub async fn delete_account(
         Err(_) => return Err(ServiceError::InternalServerError)?,
     }
 }
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct AccountCheckPayload {
+    pub field: String,
+}
+
+#[derive(Clone, Debug, Deserialize, Serialize)]
+pub struct AccountCheckResp {
+    pub exists: bool,
+}
+
+#[post("/api/v1/account/username/exists")]
+pub async fn username_exists(
+    payload: web::Json<AccountCheckPayload>,
+    data: web::Data<Data>,
+) -> ServiceResult<impl Responder> {
+    let res = sqlx::query!(
+        "SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE name = $1)",
+        &payload.field,
+    )
+    .fetch_one(&data.db)
+    .await?;
+
+    let mut resp = AccountCheckResp { exists: false };
+
+    if let Some(x) = res.exists {
+        if x {
+            resp.exists = true;
+        }
+    }
+
+    Ok(HttpResponse::Ok().json(resp))
+}
+
+#[post("/api/v1/account/email/exists")]
+pub async fn email_exists(
+    payload: web::Json<AccountCheckPayload>,
+    data: web::Data<Data>,
+) -> ServiceResult<impl Responder> {
+    let res = sqlx::query!(
+        "SELECT EXISTS (SELECT 1 from mcaptcha_users WHERE email = $1)",
+        &payload.field,
+    )
+    .fetch_one(&data.db)
+    .await?;
+
+    let mut resp = AccountCheckResp { exists: false };
+
+    if let Some(x) = res.exists {
+        if x {
+            resp.exists = true;
+        }
+    }
+
+    Ok(HttpResponse::Ok().json(resp))
+}
diff --git a/src/api/v1/mod.rs b/src/api/v1/mod.rs
index 16fead90..86a07b6b 100644
--- a/src/api/v1/mod.rs
+++ b/src/api/v1/mod.rs
@@ -31,6 +31,8 @@ pub fn services(cfg: &mut ServiceConfig) {
     cfg.service(auth::signin);
     cfg.service(auth::signup);
     cfg.service(auth::delete_account);
+    cfg.service(auth::username_exists);
+    cfg.service(auth::email_exists);
 
     // mcaptcha
     // domain
diff --git a/src/api/v1/tests/auth.rs b/src/api/v1/tests/auth.rs
index 3774776b..4197c19b 100644
--- a/src/api/v1/tests/auth.rs
+++ b/src/api/v1/tests/auth.rs
@@ -125,3 +125,71 @@ async fn del_userworks() {
 
     assert_eq!(delete_user_resp.status(), StatusCode::OK);
 }
+
+#[actix_rt::test]
+async fn uname_email_exists_works() {
+    const NAME: &str = "testuserexists";
+    const PASSWORD: &str = "longpassword2";
+    const EMAIL: &str = "testuserexists@a.com2";
+    const UNAME_CHECK: &str = "/api/v1/account/username/exists";
+    const EMAIL_CHECK: &str = "/api/v1/account/email/exists";
+
+    {
+        let data = Data::new().await;
+        delete_user(NAME, &data).await;
+    }
+
+    let (data, _, signin_resp) = register_and_signin(NAME, EMAIL, PASSWORD).await;
+    let cookies = get_cookie!(signin_resp);
+    let mut app = get_app!(data).await;
+
+    let mut payload = AccountCheckPayload { field: NAME.into() };
+
+    let user_exists_resp = test::call_service(
+        &mut app,
+        post_request!(&payload, UNAME_CHECK)
+            .cookie(cookies.clone())
+            .to_request(),
+    )
+    .await;
+    assert_eq!(user_exists_resp.status(), StatusCode::OK);
+    let mut resp: AccountCheckResp = test::read_body_json(user_exists_resp).await;
+    assert!(resp.exists);
+
+    payload.field = PASSWORD.into();
+
+    let user_doesnt_exist = test::call_service(
+        &mut app,
+        post_request!(&payload, UNAME_CHECK)
+            .cookie(cookies.clone())
+            .to_request(),
+    )
+    .await;
+    assert_eq!(user_doesnt_exist.status(), StatusCode::OK);
+    resp = test::read_body_json(user_doesnt_exist).await;
+    assert!(!resp.exists);
+
+    let email_doesnt_exist = test::call_service(
+        &mut app,
+        post_request!(&payload, EMAIL_CHECK)
+            .cookie(cookies.clone())
+            .to_request(),
+    )
+    .await;
+    assert_eq!(email_doesnt_exist.status(), StatusCode::OK);
+    resp = test::read_body_json(email_doesnt_exist).await;
+    assert!(!resp.exists);
+
+    payload.field = EMAIL.into();
+
+    let email_exist = test::call_service(
+        &mut app,
+        post_request!(&payload, EMAIL_CHECK)
+            .cookie(cookies.clone())
+            .to_request(),
+    )
+    .await;
+    assert_eq!(email_exist.status(), StatusCode::OK);
+    resp = test::read_body_json(email_exist).await;
+    assert!(resp.exists);
+}
diff --git a/static/login/index.html b/static/login/index.html
index e3ff0f76..bfc20b5d 100644
--- a/static/login/index.html
+++ b/static/login/index.html
@@ -6,7 +6,7 @@
     <title>Login | mCaptcha</title>
   </head>
   <body>
-    <img src="./img/icon-trans.png" class="form__logo" alt="" />
+    <img src="/img/icon-trans.png" class="form__logo" alt="" />
     <h2 class="form__brand">Sign in to mCaptcha</h2>
 
     <div class="form-container">
@@ -31,9 +31,11 @@
             id="password"
             required
           />
-          <a class="form__pw-recovery" -href="/forgot/password"
+          <!--
+          <a class="form__pw-recovery" -href="/recovert/password"
             >Forgot password?</a
           >
+          -->
         </label>
         <button class="form__submit-button" type="submit">
           Submit
@@ -139,4 +141,43 @@
     }
 
   </style>
+  <script>
+    export const SUBMIT = '/';
+
+export const isBlankString = (event, value, field) => {
+  if (!value.replace(/\s/g, '').length) {
+    event.preventDefautl()
+    alert(`${field} can't be empty`);
+  }
+};
+
+export const genJsonPayload = payload => {
+  let value = {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify(payload),
+  };
+  return value;
+};
+
+const submit = async e => {
+  let name = document.getElementById('name').value;
+  isBlankString(e, name, 'Name');
+
+  let registration_number = document.getElementById('email').value;
+  isBlankString(e, registration_number, 'Registration number');
+
+  let email = document.getElementById('email').value;
+  isBlankString(e, email, 'email');
+
+  console.log(`from signup: PoW: ${pow}`);
+
+};
+
+let form = document.getElementById('form');
+
+form.addEventListener('submit', submit, true);
+  </script>
 </html>