]> git.scottworley.com Git - voter/blobdiff - src/main.rs
Tell browsers not to auto-complete
[voter] / src / main.rs
index 273a719740e2a49e7017fb93fe4ebb318d17f8a0..98cfc35f008d829651acf1fa9089a706b5e9c281 100644 (file)
@@ -4,7 +4,7 @@ use std::path::{Path, PathBuf};
 
 const DATA_PATH: &str = "/var/lib/voter";
 const COOKIE_NAME: &[u8] = b"__Secure-id";
-const COOKIE_LENGTH: usize = 32;
+const COOKIE_LENGTH: usize = 12;
 
 fn validate_path(path: &str) -> Result<PathBuf, cgi::Response> {
     let invalid_path = || cgi::text_response(404, "Invalid path");
@@ -45,14 +45,16 @@ fn get_voter(request: &cgi::Request) -> Result<&[u8], cgi::Response> {
 }
 
 fn make_random_id() -> [u8; COOKIE_LENGTH] {
-    std::iter::from_fn(random)
-        .filter(|c| {
-            (b'A'..=b'Z').contains(c) || (b'a'..=b'z').contains(c) || (b'0'..=b'9').contains(c)
-        })
-        .take(COOKIE_LENGTH)
-        .collect::<Vec<_>>()
-        .try_into()
-        .unwrap()
+    let mut id = [0; COOKIE_LENGTH];
+    for i in 0..COOKIE_LENGTH {
+        while !(b'A'..=b'Z').contains(&id[i])
+            && !(b'a'..=b'z').contains(&id[i])
+            && !(b'0'..=b'9').contains(&id[i])
+        {
+            id[i] = random()
+        }
+    }
+    id
 }
 
 fn set_cookie(mut response: cgi::Response, path: &str) -> Result<cgi::Response, cgi::Response> {
@@ -73,9 +75,70 @@ fn set_cookie(mut response: cgi::Response, path: &str) -> Result<cgi::Response,
     Ok(response)
 }
 
+const HTML_HEADER: &str = "<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset=\"utf-8\">
+    <title>Vote!</title>
+    <style>
+      input { transform: scale(1.5) }
+      div { animation: 2s infinite linear spin }
+      @keyframes spin {
+        from { transform:rotate(0) }
+        to { transform:rotate(1turn) }
+      }
+    </style>
+    <script>
+      window.onload = function() {
+        for (cb of document.getElementsByTagName('input')) {
+          cb.addEventListener('click', (function(cb) {
+            return function() {
+              cb.style.display = 'none'
+              const spin = document.createElement('div')
+              spin.appendChild(document.createTextNode('⏳'))
+              cb.parentElement.insertBefore(spin, cb)
+
+              const req = new XMLHttpRequest()
+              req.addEventListener('load', function(e) {
+                cb.parentElement.removeChild(cb.previousElementSibling)
+                if (req.status == 200) {
+                    cb.style.display = ''
+                } else {
+                   cb.parentElement.insertBefore(document.createTextNode('❗'), cb)
+                }
+              })
+              req.open('PUT', window.location.href)
+              req.send((cb.checked ? 1 : 0) + ' ' + cb.parentElement.nextSibling.innerHTML)
+            }
+          })(cb))
+          cb.disabled = false
+        }
+      }
+    </script>
+  </head>
+  <body>
+    <table>";
+const HTML_FOOTER: &str = "
+    </table>
+  </body>
+</html>";
+
 fn prompt_for_vote(dir: PathBuf, request: cgi::Request) -> Result<cgi::Response, cgi::Response> {
     let voter = get_voter(&request);
-    let mut response = cgi::html_response(200, "<html><body>You should vote</body></html>");
+    let cfile = std::fs::File::open(dir.join("candidates"))
+        .map_err(|_| cgi::text_response(503, "No candidates"))?;
+    let mut response = cgi::html_response(
+        200,
+        std::iter::once(Ok(HTML_HEADER.to_owned()))
+            .chain(std::io::BufReader::new(cfile).lines().map(|rc| {
+                rc.map(|c| {
+                    format!("<tr><td><input type=\"checkbox\" autocomplete=\"off\" disabled></td><td>{c}</td></tr>")
+                })
+            }))
+            .chain(std::iter::once(Ok(HTML_FOOTER.to_owned())))
+            .collect::<std::io::Result<String>>()
+            .map_err(|_| cgi::text_response(503, "Missing candidates"))?,
+    );
     if voter.is_err() {
         response = set_cookie(response, request.uri().path())?
     }