+use rand::prelude::*;
+use std::io::prelude::*;
use std::path::{Path, PathBuf};
const DATA_PATH: &str = "/var/lib/voter";
+const COOKIE_NAME: &[u8] = b"__Secure-id";
+const COOKIE_LENGTH: usize = 12;
fn validate_path(path: &str) -> Result<PathBuf, cgi::Response> {
let invalid_path = || cgi::text_response(404, "Invalid path");
Ok(dir)
}
+fn get_voter(request: &cgi::Request) -> Result<&[u8], cgi::Response> {
+ // Expect exactly one cookie, exactly as we generate it.
+ let cookie = request
+ .headers()
+ .get(cgi::http::header::COOKIE)
+ .map(|c| c.as_bytes())
+ .and_then(|c| c.strip_prefix(COOKIE_NAME))
+ .and_then(|c| c.strip_prefix(b"="))
+ .ok_or_else(|| cgi::text_response(400, "Invalid cookie"))?;
+ if cookie.len() != COOKIE_LENGTH || cookie.contains(&b' ') || cookie.contains(&b';') {
+ Err(cgi::text_response(400, "Invalid cookie"))
+ } else {
+ Ok(cookie)
+ }
+}
+
+fn make_random_id() -> [u8; COOKIE_LENGTH] {
+ std::iter::from_fn(random)
+ .filter(|c| {
+ (b'A'..=b'Z').contains(c) || (b'a'..=b'z').contains(c) || (b'0'..=b'9').contains(c)
+ })
+ .take(COOKIE_LENGTH)
+ .collect::<Vec<_>>()
+ .try_into()
+ .unwrap()
+}
+
+fn set_cookie(mut response: cgi::Response, path: &str) -> Result<cgi::Response, cgi::Response> {
+ response.headers_mut().append(
+ cgi::http::header::SET_COOKIE,
+ cgi::http::header::HeaderValue::from_bytes(
+ &[
+ COOKIE_NAME,
+ b"=",
+ &make_random_id(),
+ b"; Secure HttpOnly SameSite=Strict Max-Age=30000000 Path=",
+ path.as_bytes(),
+ ]
+ .concat(),
+ )
+ .map_err(|_| cgi::text_response(503, "Couldn't make cookie"))?,
+ );
+ Ok(response)
+}
+
fn prompt_for_vote(dir: PathBuf, request: cgi::Request) -> Result<cgi::Response, cgi::Response> {
- Err(cgi::text_response(503, "Not Implemented"))
+ let voter = get_voter(&request);
+ let mut response = cgi::html_response(200, "<html><body>You should vote</body></html>");
+ if voter.is_err() {
+ response = set_cookie(response, request.uri().path())?
+ }
+ Ok(response)
+}
+
+fn write_vote(dir: PathBuf, voter: &[u8], vote: &[u8]) -> std::io::Result<()> {
+ let datum = [voter, b" ", vote, b"\n"].concat();
+ let vpath = dir.join("votes");
+ let vfile = std::fs::File::options()
+ .append(true)
+ .create(true)
+ .open(vpath)?;
+ let mut vlock = fd_lock::RwLock::new(vfile);
+ vlock.write()?.write(&datum)?;
+ Ok(())
}
fn record_vote(dir: PathBuf, request: cgi::Request) -> Result<cgi::Response, cgi::Response> {
- Err(cgi::text_response(503, "Not Implemented"))
+ let body = request.body();
+ // Valid votes look like "0 foo" or "1 bar"
+ if body.len() < 3
+ || (body[0] != b'0' && body[0] != b'1')
+ || body[1] != b' '
+ || body.contains(&b'\n')
+ {
+ return Err(cgi::text_response(415, "Invalid vote"));
+ }
+ write_vote(dir, &get_voter(&request)?, body)
+ .map_err(|_| cgi::text_response(503, "Couldn't record vote"))?;
+ Ok(cgi::text_response(200, "Vote recorded"))
+}
+
+fn strip_body(mut response: cgi::Response) -> cgi::Response {
+ response.body_mut().clear();
+ response
}
fn respond(request: cgi::Request) -> Result<cgi::Response, cgi::Response> {
let dir = validate_path(request.uri().path())?;
match request.method() {
+ &cgi::http::Method::HEAD => prompt_for_vote(dir, request).map(strip_body),
&cgi::http::Method::GET => prompt_for_vote(dir, request),
- &cgi::http::Method::POST => record_vote(dir, request),
+ &cgi::http::Method::PUT => record_vote(dir, request),
_ => Err(cgi::text_response(405, "Huh?")),
}
}