Bugfixes to admin panel

ml-archive · Jul 6, 2017 · 803d94d · 803d94d
1 parent 4eb7228
commit 803d94d
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 18 deletions.
diff --git a/Sources/AdminPanel/Controllers/BackendUsersController.swift b/Sources/AdminPanel/Controllers/BackendUsersController.swift
@@ -120,12 +120,16 @@ public final class BackendUsersController {
 
         let fieldset = try request.storage["_fieldset"] as? Node ?? BackendUserForm.emptyUser.makeNode(in: nil)
 
-        return try drop.view.make("BackendUsers/edit", [
-            "fieldset": fieldset,
-            "backendUser": try user.makeNode(in: nil),
-            "roles": Configuration.shared?.getRoleOptions(request.authedBackendUser().role).makeNode(in: nil) ?? [:],
-            "defaultRole": (Configuration.shared?.defaultRole ?? "user").makeNode(in: nil)
-        ], for: request)
+        return try drop.view.make(
+            "BackendUsers/edit",
+            [
+                "fieldset": fieldset,
+                "backendUser": try user.makeNode(in: nil),
+                "roles": Configuration.shared?.getRoleOptions(request.authedBackendUser().role).makeNode(in: nil) ?? [:],
+                "defaultRole": (Configuration.shared?.defaultRole ?? "user").makeNode(in: nil)
+            ],
+            for: request
+        )
     }
 
     /**
@@ -136,7 +140,8 @@ public final class BackendUsersController {
      * - return: View
      */
     public func update(request: Request) throws -> ResponseRepresentable {
-        guard let id = request.data["id"]?.int, let backendUser = try BackendUser.makeQuery().filter("id", id).first() else {
+        let backendUser = try request.parameters.next(BackendUser.self)
+        guard let id = try backendUser.assertExists().string else {
             throw Abort.notFound
         }
 
@@ -149,7 +154,7 @@ public final class BackendUsersController {
             // Validate
             let (backendUserForm, hasErrors) = BackendUserForm.validating(request.data)
             if hasErrors {
-                let response = Response(redirect: "/admin/backend_users/edit/" + String(id)).flash(.error, "Validation error")
+                let response = Response(redirect: "/admin/backend_users/edit/" + id).flash(.error, "Validation error")
                 let fieldset = try backendUserForm.makeNode(in: nil)
                 response.storage["_fieldset"] = fieldset
                 return response
@@ -162,11 +167,11 @@ public final class BackendUsersController {
             if Gate.allow(request, "admin") {
                return Response(redirect: "/admin/backend_users").flash(.success, "User updated")
             } else {
-               return Response(redirect: "/admin/backend_users/edit/" + String(id)).flash(.success, "User updated")
+               return Response(redirect: "/admin/backend_users/edit/" + id).flash(.success, "User updated")
             }
 
         } catch {
-            return Response(redirect: "/admin/backend_users/edit/" + String(id)).flash(.error, "Failed to update user")
+            return Response(redirect: "/admin/backend_users/edit/" + id).flash(.error, "Failed to update user")
         }
     }
 

diff --git a/Sources/AdminPanel/Controllers/LoginController.swift b/Sources/AdminPanel/Controllers/LoginController.swift
@@ -189,7 +189,8 @@ public final class LoginController {
         do {
             // TODO REMEMBER
             //let remember: Bool = request.data["remember"]?.bool ?? false
-            try request.auth.authenticate(BackendUser(credentials: Password(username: username, password: password)))
+            let user = try BackendUser.authenticate(Password(username: username, password: password))
+            request.auth.authenticate(user)
 
             // Generate redirect path
             var redirect = "/admin/dashboard"

diff --git a/Sources/AdminPanel/Models/BackendUsers/BackendUser.swift b/Sources/AdminPanel/Models/BackendUsers/BackendUser.swift
@@ -118,6 +118,7 @@ public final class BackendUser: Model, Timestampable, NodeConvertible, Preparati
 
     public func makeNode(in context: Context?) throws -> Node {
         return try Node(node: [
+            "id": id,
             "name": name,
             "email": email,
             "password": password,
@@ -202,3 +203,5 @@ extension BackendUser: PasswordAuthenticatable {
 
     }
 }
+
+extension BackendUser: SessionPersistable {}
diff --git a/Sources/AdminPanel/Support/Middlewares/ProtectMiddleware.swift b/Sources/AdminPanel/Support/Middlewares/ProtectMiddleware.swift
@@ -38,6 +38,8 @@ class ProtectMiddleware: Middleware {
                 }
 
                 try request.storage["authedBackendUser"] = backendUser.toBackendView()
+            } else {
+                return Response(redirect: "/admin/login?next=" + request.uri.path).flash(.error, "Session expired login again")
             }
         } catch {
             // If local & config is true & first backend user

diff --git a/Sources/AdminPanel/Support/Provider.swift b/Sources/AdminPanel/Support/Provider.swift
@@ -5,11 +5,11 @@ import AuthProvider
 import HTTP
 import Sugar
 import LeafProvider
+import Sessions
 
 public final class Provider: Vapor.Provider {
     public static var repositoryName: String = "AdminPanel"
 
-
     var config: Configuration
     var ssoProvider: SSOProtocol?
 
@@ -35,37 +35,36 @@ public final class Provider: Vapor.Provider {
 
         droplet.storage["adminPanelConfig"] = config
         Configuration.shared = config
-
+        
         droplet.config.preparations.append(BackendUserResetPasswordTokens.self)
         droplet.config.preparations.append(BackendUser.self)
 
         droplet.config.addConfigurable(command: Seeder.init, name: "admin-panel:seeder")
 
         // Init middlewares
         let middlewares: [Middleware] = [
-            PasswordAuthenticationMiddleware(BackendUser.self),
             FlashMiddleware(),
+            PersistMiddleware(BackendUser.self),
             ConfigPublishMiddleware(config: config),
             FieldsetMiddleware()
         ]
 
-        var protectedMiddlewares: [Middleware] = middlewares
+        var protectedMiddlewares = middlewares
         protectedMiddlewares.append(ProtectMiddleware(droplet: droplet))
 
         // Apply
         Middlewares.unsecured = middlewares
         Middlewares.secured = protectedMiddlewares
 
         if(config.loadRoutes) {
-
             let unsecured = droplet.grouped(Middlewares.unsecured)
-            try unsecured.grouped("/").collection(LoginRoutes(droplet: droplet, config: config))
+            try unsecured.collection(LoginRoutes(droplet: droplet, config: config))
 
             let secured = droplet.grouped(Middlewares.secured)
             if config.loadDashboardRoute {
                 try secured.grouped("/admin/dashboard").collection(DashboardRoutes(droplet: droplet))
             }
-            try secured.grouped("/admin/backend_users").collection(BackendUsersRoutes(droplet: droplet))
+            try secured.grouped("/admin/backend_users/").collection(BackendUsersRoutes(droplet: droplet))
         }
     }