]> git.scottworley.com Git - voter/blobdiff - src/main.rs
projects / voter / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DOCTYPE and charset
[voter] / src / main.rs
diff --git a/src/main.rs b/src/main.rs
index 700cce03f3f7f4b74ac6654ea9e22a5709335631..4c09c105e769a22618eb162d752088ac5d877b0f 100644 (file)
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,9 +1,10 @@
+use rand::prelude::*;
 use std::io::prelude::*;
 use std::path::{Path, PathBuf};
 
 const DATA_PATH: &str = "/var/lib/voter";
 const COOKIE_NAME: &[u8] = b"__Secure-id";
-const COOKIE_LENGTH: usize = 32;
+const COOKIE_LENGTH: usize = 12;
 
 fn validate_path(path: &str) -> Result<PathBuf, cgi::Response> {
     let invalid_path = || cgi::text_response(404, "Invalid path");
@@ -43,8 +44,71 @@ fn get_voter(request: &cgi::Request) -> Result<&[u8], cgi::Response> {
     }
 }
 
+fn make_random_id() -> [u8; COOKIE_LENGTH] {
+    let mut id = [0; COOKIE_LENGTH];
+    for i in 0..COOKIE_LENGTH {
+        while !(b'A'..=b'Z').contains(&id[i])
+            && !(b'a'..=b'z').contains(&id[i])
+            && !(b'0'..=b'9').contains(&id[i])
+        {
+            id[i] = random()
+        }
+    }
+    id
+}
+
+fn set_cookie(mut response: cgi::Response, path: &str) -> Result<cgi::Response, cgi::Response> {
+    response.headers_mut().append(
+        cgi::http::header::SET_COOKIE,
+        cgi::http::header::HeaderValue::from_bytes(
+            &[
+                COOKIE_NAME,
+                b"=",
+                &make_random_id(),
+                b"; Secure HttpOnly SameSite=Strict Max-Age=30000000 Path=",
+                path.as_bytes(),
+            ]
+            .concat(),
+        )
+        .map_err(|_| cgi::text_response(503, "Couldn't make cookie"))?,
+    );
+    Ok(response)
+}
+
+const HTML_HEADER: &str = "<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset=\"utf-8\">
+    <title>Vote!</title>
+    <style>
+      input { transform: scale(1.5); }
+    </style>
+  </head>
+  <body>
+    <table>";
+const HTML_FOOTER: &str = "
+    </table>
+  </body>
+</html>";
+
 fn prompt_for_vote(dir: PathBuf, request: cgi::Request) -> Result<cgi::Response, cgi::Response> {
-    Err(cgi::text_response(503, "Not Implemented"))
+    let voter = get_voter(&request);
+    let cfile = std::fs::File::open(dir.join("candidates"))
+        .map_err(|_| cgi::text_response(503, "No candidates"))?;
+    let mut response = cgi::html_response(
+        200,
+        std::iter::once(Ok(HTML_HEADER.to_owned()))
+            .chain(std::io::BufReader::new(cfile).lines().map(|rc| {
+                rc.map(|c| format!("<tr><td><input type=\"checkbox\"></td><td>{c}</td></tr>"))
+            }))
+            .chain(std::iter::once(Ok(HTML_FOOTER.to_owned())))
+            .collect::<std::io::Result<String>>()
+            .map_err(|_| cgi::text_response(503, "Missing candidates"))?,
+    );
+    if voter.is_err() {
+        response = set_cookie(response, request.uri().path())?
+    }
+    Ok(response)
 }
 
 fn write_vote(dir: PathBuf, voter: &[u8], vote: &[u8]) -> std::io::Result<()> {
A simple CGI voting thing