greg/rss-reader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use Feed::write_to_database method in demo

Browse Source
This commit is contained in:
Greg Shuflin 2025-02-04 01:04:37 -08:00
parent 6e815a94a0
commit 50bfe09bcf
3 changed files with 3 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
TODO.md
View File

@ -1,24 +1,10 @@
# TODO List # TODO List
## Security Improvements
### Make Server Secret Configurable
Currently, the server secret used for cookie encryption is not configurable and uses Rocket's default. We should:
- Add a configuration option for the server secret
- Allow it to be set via environment variable or config file
- Generate and persist a random secret on first run if none is provided
- Add documentation about the security implications of the secret
### Improve Session Management ### Improve Session Management
Current session management is basic and needs improvement: Current session management is basic and needs improvement:
- Replace simple user_id cookie with a proper session system
- Add session expiry and renewal logic - Add session expiry and renewal logic
- Store sessions in the database with proper cleanup - Store sessions in the database with proper cleanup
- Add ability to revoke sessions - Add ability to revoke sessions
- Consider adding "remember me" functionality - Consider adding "remember me" functionality
- Add session tracking (last used, IP, user agent, etc.) - Add session tracking (last used, IP, user agent, etc.)
Reference: [Current basic implementation in user.rs](src/user.rs) with the comment:
```rust
// TODO there should be a more complicated notion of a session
```

26
src/demo.rs
View File

@ -1,6 +1,3 @@
use chrono;
use rocket::serde;
use sqlx;
use uuid::Uuid; use uuid::Uuid;
use crate::feeds::Feed; use crate::feeds::Feed;
@ -80,28 +77,7 @@ pub async fn setup_demo_data(pool: &sqlx::SqlitePool) {
let feeds = [bbc_news, xkcd, isidore, acx]; let feeds = [bbc_news, xkcd, isidore, acx];
for feed in feeds { for feed in feeds {
// TODO: This insert logic is substantially the same as Feed::write_to_database. feed.write_to_database(pool)
// Should find a way to unify these two code paths to avoid duplication.
let categorization_json = serde::json::to_value(feed.categorization)
.map_err(|e| {
eprintln!("Failed to serialize categorization: {}", e);
sqlx::Error::Decode(Box::new(e))
})
.unwrap();
println!("{}", categorization_json);
sqlx::query(
"INSERT INTO feeds (feed_id, name, url, user_id, added_time, last_checked_time, categorization)
VALUES (?1, ?2, ?3, ?4, ?5, ?6, json(?7))",
)
.bind(feed.feed_id.to_string())
.bind(&feed.name)
.bind(feed.url.as_str())
.bind(feed.user_id.to_string())
.bind(feed.added_time.to_rfc3339())
.bind(feed.last_checked_time.to_rfc3339())
.bind(categorization_json.to_string())
.execute(pool)
.await .await
.expect("Failed to create demo feed"); .expect("Failed to create demo feed");
} }

4
src/feeds.rs
View File

@ -2,9 +2,9 @@ use rocket::http::Status;
use rocket::serde::{self, json::Json, Deserialize, Serialize}; use rocket::serde::{self, json::Json, Deserialize, Serialize};
use rocket_db_pools::Connection; use rocket_db_pools::Connection;
use sqlx::types::JsonValue; use sqlx::types::JsonValue;
use sqlx::Executor;
use url::Url; use url::Url;
use uuid::Uuid; use uuid::Uuid;
use sqlx::Executor;
use crate::feed_utils::fetch_feed; use crate::feed_utils::fetch_feed;
use crate::user::AuthenticatedUser; use crate::user::AuthenticatedUser;
@ -38,7 +38,7 @@ impl Feed {
pub async fn write_to_database<'a, E>(&self, executor: E) -> sqlx::Result<()> pub async fn write_to_database<'a, E>(&self, executor: E) -> sqlx::Result<()>
where where
E: Executor<'a, Database = sqlx::Sqlite> E: Executor<'a, Database = sqlx::Sqlite>,
{ {
// Convert categorization to JSON value // Convert categorization to JSON value
let categorization_json = serde::json::to_value(&self.categorization).map_err(|e| { let categorization_json = serde::json::to_value(&self.categorization).map_err(|e| {