From 07977292fe5c80a677d4fcca98c389ed5b252f99 Mon Sep 17 00:00:00 2001
From: ngoomie <nu@hyperboreal.zone>
Date: Sun, 7 May 2023 22:16:22 -0600
Subject: [PATCH] Prettify `login_do` action and remove one session per user
 limit `login_do` now uses a try/catch control structure instead of the
 horrifying nested if/else control structure it used before. I'd think a
 failed login attempt counts as an exception, so it should be fair to use it
 here?

I have also removed the one session per user limit for now. I'm going to
replace it with a manual session manager in user settings later
hopefully, and some sort of periodically run script that deletes any
expired sessions from the DB, plus maybe other places where they get
deleted.

any `use experimental 'name'` instances have been removed too since
Mojolicious complains about your use of experimental features no matter
what anyways!
---
 .vscode/extensions.json           |  6 +++
 .vscode/settings.json             | 49 ++++++++++++++++++++++++
 database.sql                      |  3 +-
 lib/CharmBoard.pm                 |  1 -
 lib/CharmBoard/Controller/Auth.pm | 62 ++++++++++++++-----------------
 script/CharmBoard                 |  1 -
 6 files changed, 84 insertions(+), 38 deletions(-)
 create mode 100644 .vscode/extensions.json

diff --git a/.vscode/extensions.json b/.vscode/extensions.json
new file mode 100644
index 0000000..9cb5fa0
--- /dev/null
+++ b/.vscode/extensions.json
@@ -0,0 +1,6 @@
+{
+  "recommendations": [
+    "kraih.mojolicious",
+    "aaron-bond.better-comments"
+  ]
+}
\ No newline at end of file
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 0b963d1..8603b1b 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -16,5 +16,54 @@
         "subf",
         "subforum",
         "subforums"
+    ],
+    "better-comments.highlightPlainText": true,
+    "better-comments.tags": [
+    
+        {
+            "tag": "!",
+            "color": "#FF2D00",
+            "strikethrough": false,
+            "underline": false,
+            "backgroundColor": "transparent",
+            "bold": false,
+            "italic": false
+        },
+        {
+            "tag": "?",
+            "color": "#3498DB",
+            "strikethrough": false,
+            "underline": false,
+            "backgroundColor": "transparent",
+            "bold": false,
+            "italic": false
+        },
+        {
+            "tag": "//",
+            "color": "#474747",
+            "strikethrough": true,
+            "underline": false,
+            "backgroundColor": "transparent",
+            "bold": false,
+            "italic": false
+        },
+        {
+            "tag": "todo",
+            "color": "#FF8C00",
+            "strikethrough": false,
+            "underline": false,
+            "backgroundColor": "transparent",
+            "bold": false,
+            "italic": false
+        },
+        {
+            "tag": "*",
+            "color": "#98C379",
+            "strikethrough": false,
+            "underline": false,
+            "backgroundColor": "transparent",
+            "bold": false,
+            "italic": false
+        }
     ]
 }
\ No newline at end of file
diff --git a/database.sql b/database.sql
index 0579130..545ffe4 100644
--- a/database.sql
+++ b/database.sql
@@ -1,5 +1,5 @@
 --
--- File generated with SQLiteStudio v3.4.4 on Sun. May 7 00:02:05 2023
+-- File generated with SQLiteStudio v3.4.4 on Sun. May 7 22:15:23 2023
 --
 -- Text encoding used: UTF-8
 --
@@ -48,7 +48,6 @@ DROP TABLE IF EXISTS sessions;
 CREATE TABLE IF NOT EXISTS sessions (
     user_id        INTEGER        PRIMARY KEY
                                   REFERENCES users (user_id) 
-                                  UNIQUE
                                   NOT NULL,
     session_key    TEXT           NOT NULL
                                   UNIQUE,
diff --git a/lib/CharmBoard.pm b/lib/CharmBoard.pm
index 733f225..47698fc 100644
--- a/lib/CharmBoard.pm
+++ b/lib/CharmBoard.pm
@@ -1,5 +1,4 @@
 package CharmBoard;
-use experimental 'smartmatch';
 use Mojo::Base 'Mojolicious', -signatures;
 use CharmBoard::Schema;
 
diff --git a/lib/CharmBoard/Controller/Auth.pm b/lib/CharmBoard/Controller/Auth.pm
index 25c1e15..dd8a244 100644
--- a/lib/CharmBoard/Controller/Auth.pm
+++ b/lib/CharmBoard/Controller/Auth.pm
@@ -76,48 +76,42 @@ sub login_do ($app) {
   my $username = $app->param('username');
   my $password = $app->pepper . ':' . $app->param('password');
 
-  my $userInfoCheck = $app->schema->resultset('Users')->search({username => $username});
+  try {
+    # check to see if user by entered username exists
+    my $userInfo = $app->schema->resultset('Users')->search({username => $username});
+    $userInfo or die;
 
-  if ($userInfoCheck) {
-    my $passCheckStatus = passchk($userInfoCheck->get_column('salt')->first,
-        $userInfoCheck->get_column('password')->first, $password);
+    # now check password validity
+    my $passCheck = passchk($userInfo->get_column('salt')->first,
+      $userInfo->get_column('password')->first, $password);
+    $passCheck or die;
 
-    if ($passCheckStatus) {
-      my $userID = $userInfoCheck->get_column('user_id')->first;
+    # get user ID for session creation
+    my $userID = $userInfo->get_column('user_id')->first;
 
-      # delete old session from DB if exists
-      if ($app->schema->resultset('Session')->search({user_id => $userID})) {
-        $app->schema->resultset('Session')->search({user_id => $userID})->delete; };
+    # gen session key and set expiry time
+    my $sessionKey = seasoning(16);
+    my $sessionExpiry = time + 604800;
 
-      # gen session key and set expiry time
-      my $sessionKey = seasoning(16);
-      my $sessionExpiry = time + 604800;
-
-      # add session to database
-      $app->schema->resultset('Session')->create({
+    # add session to database
+    $app->schema->resultset('Session')->create({
       user_id        => $userID,
       session_key    => $sessionKey,
       session_expiry => $sessionExpiry,
       is_ip_bound    => 0,
       bound_ip       => undef });
-
-      # now create session cookie for user
-      $app->session(is_auth => 1);
-      $app->session(user_id => $userID);
-      $app->session(session_key => $sessionKey);
-      $app->session(expires => $sessionExpiry);
-
-      # redirect to index
-      $app->redirect_to('/')}
-
-    else {
-      $app->flash(error => 'Password incorrect');
-      $app->redirect_to('login')}}
-
-  else {
-    $app->flash(error => 'User ' . $username . ' does not exist.');
-    $app->redirect_to('login')};
-
-}
+    
+    # now create session cookie for user
+    $app->session(is_auth => 1);
+    $app->session(user_id => $userID);
+    $app->session(session_key => $sessionKey);
+    $app->session(expires => $sessionExpiry);
+    
+    # redirect to index upon success
+    $app->redirect_to('/')}
+  catch ($error) { # redir to login page on fail
+    print $error;
+    $app->flash(error => 'Username or password incorrect.');
+    $app->redirect_to('login')}};
 
 1;
\ No newline at end of file
diff --git a/script/CharmBoard b/script/CharmBoard
index a9effff..b786670 100755
--- a/script/CharmBoard
+++ b/script/CharmBoard
@@ -3,7 +3,6 @@
 use strict;
 use warnings;
 use utf8;
-use experimental 'smartmatch';
 
 use Mojo::File qw(curfile);
 use lib curfile->dirname->sibling('lib')->to_string;