filipriec/kompress_eshop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

account type is permanent and password registration is now working at checkout
Some checks failed
CI / Check Style (push) Has been cancelled
Details
CI / Run Clippy (push) Has been cancelled
Details
CI / Run Tests (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Priec
2026-06-18 22:10:17 +02:00
parent 46cc2459bd
commit f3daa27ce7
24 changed files with 483 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
src/controllers/account.rs
View File

@@ -2,6 +2,10 @@
//! fields prefill the checkout form. Gated to authenticated non-admin users:
//! anonymous visitors are bounced to `/login`. Admins have their own area and
//! are sent to the dashboard.
//!
//! The account *type* (personal vs company) is fixed at registration and lives
//! on the user — it is shown here read-only and can never be changed. The
//! profile only edits the type-specific details (company identity + address).
use axum_extra::extract::cookie::CookieJar;
use loco_rs::prelude::*;
@@ -10,13 +14,15 @@ use serde_json::json;
use crate::{
controllers::i18n::current_lang,
models::customer_profiles::{self, ProfileFields},
models::{
customer_profiles::{self, ProfileFields},
users,
},
shared::guard,
};
#[derive(Debug, Deserialize)]
struct ProfileForm {
account_type: Option<String>,
company_name: Option<String>,
company_id: Option<String>,
tax_id: Option<String>,
@@ -33,34 +39,21 @@ fn trimmed(value: Option<&str>) -> Option<String> {
value.map(str::trim).filter(|v| !v.is_empty()).map(String::from)
}
/// Normalize an account type to one of the two known values, defaulting to
/// "personal" for anything unexpected.
pub fn normalize_account_type(value: Option<&str>) -> String {
match value.map(str::trim) {
Some("company") => "company".to_string(),
_ => "personal".to_string(),
}
}
impl From<ProfileForm> for ProfileFields {
fn from(form: ProfileForm) -> Self {
let is_company = normalize_account_type(form.account_type.as_deref()) == "company";
// Company identifiers are only stored for company accounts, so switching
// back to personal clears stale data.
let company = |v: Option<&str>| if is_company { trimmed(v) } else { None };
Self {
account_type: normalize_account_type(form.account_type.as_deref()),
company_name: company(form.company_name.as_deref()),
company_id: company(form.company_id.as_deref()),
tax_id: company(form.tax_id.as_deref()),
vat_id: company(form.vat_id.as_deref()),
phone_prefix: trimmed(form.phone_prefix.as_deref()),
phone: trimmed(form.phone.as_deref()),
address: trimmed(form.address.as_deref()),
city: trimmed(form.city.as_deref()),
zip: trimmed(form.zip.as_deref()),
country: trimmed(form.country.as_deref()),
}
/// Build the persisted fields from the submitted form. Company identifiers are
/// only kept for company accounts (a personal account can never carry them).
fn fields_from_form(form: &ProfileForm, is_company: bool) -> ProfileFields {
let company = |v: Option<&str>| if is_company { trimmed(v) } else { None };
ProfileFields {
company_name: company(form.company_name.as_deref()),
company_id: company(form.company_id.as_deref()),
tax_id: company(form.tax_id.as_deref()),
vat_id: company(form.vat_id.as_deref()),
phone_prefix: trimmed(form.phone_prefix.as_deref()),
phone: trimmed(form.phone.as_deref()),
address: trimmed(form.address.as_deref()),
city: trimmed(form.city.as_deref()),
zip: trimmed(form.zip.as_deref()),
country: trimmed(form.country.as_deref()),
}
}
@@ -68,7 +61,6 @@ impl From<ProfileForm> for ProfileFields {
fn fields_of(profile: Option<&customer_profiles::Model>) -> ProfileFields {
match profile {
Some(p) => ProfileFields {
account_type: p.account_type.clone(),
company_name: p.company_name.clone(),
company_id: p.company_id.clone(),
tax_id: p.tax_id.clone(),
@@ -80,30 +72,22 @@ fn fields_of(profile: Option<&customer_profiles::Model>) -> ProfileFields {
zip: p.zip.clone(),
country: p.country.clone(),
},
None => ProfileFields {
account_type: "personal".to_string(),
..Default::default()
},
None => ProfileFields::default(),
}
}
/// A company profile must carry its invoicing identity (company name + IČO +
/// DIČ; IČ DPH stays optional). Personal profiles have no such requirement.
/// A company account must carry its invoicing identity (company name + IČO +
/// DIČ; IČ DPH stays optional). Personal accounts have no such requirement.
fn company_fields_missing(fields: &ProfileFields) -> bool {
fields.account_type == "company"
&& (fields.company_name.is_none()
|| fields.company_id.is_none()
|| fields.tax_id.is_none())
fields.company_name.is_none() || fields.company_id.is_none() || fields.tax_id.is_none()
}
/// Render the profile form prefilled from `fields`. `saved` shows the success
/// banner; `error` shows a validation message and is set when a company profile
/// is missing required identifiers.
/// Render the profile form for `user`, prefilled from `fields`. `saved` shows
/// the success banner; `error` shows the company-required validation message.
fn profile_view(
v: &TeraView,
jar: &CookieJar,
name: &str,
email: &str,
user: &users::Model,
fields: &ProfileFields,
saved: bool,
error: bool,
@@ -116,9 +100,9 @@ fn profile_view(
"logged_in_customer": true,
"saved": saved,
"error": error,
"name": name,
"email": email,
"account_type": fields.account_type,
"name": user.name,
"email": user.email,
"account_type": user.account_type,
"company_name": fields.company_name,
"company_id": fields.company_id,
"tax_id": fields.tax_id,
@@ -147,7 +131,7 @@ async fn profile_page(
return format::redirect("/admin/dashboard");
}
let profile = customer_profiles::Model::find_for_user(&ctx.db, user.id).await?;
profile_view(&v, &jar, &user.name, &user.email, &fields_of(profile.as_ref()), false, false)
profile_view(&v, &jar, &user, &fields_of(profile.as_ref()), false, false)
}
#[debug_handler]
@@ -163,14 +147,14 @@ async fn save_profile(
if guard::is_admin(&ctx, &user) {
return format::redirect("/admin/dashboard");
}
let fields: ProfileFields = form.into();
// A company profile is rejected (and the form re-shown with the entered
let fields = fields_from_form(&form, user.is_company());
// A company account's profile is rejected (and re-shown with the entered
// values) until it carries its required identifiers.
if company_fields_missing(&fields) {
return profile_view(&v, &jar, &user.name, &user.email, &fields, false, true);
if user.is_company() && company_fields_missing(&fields) {
return profile_view(&v, &jar, &user, &fields, false, true);
}
customer_profiles::Model::upsert(&ctx.db, user.id, fields.clone()).await?;
profile_view(&v, &jar, &user.name, &user.email, &fields, true, false)
profile_view(&v, &jar, &user, &fields, true, false)
}
pub fn routes() -> Routes {

67
src/controllers/auth_pages.rs
View File

@@ -185,6 +185,71 @@ fn verified_view(v: &TeraView, jar: &CookieJar, ok: bool) -> Result<Response> {
)
}
/// Set-password form for accounts created during checkout (and any account that
/// has a valid reset token). Reuses the password-reset token machinery.
#[derive(Debug, serde::Deserialize)]
struct SetPasswordForm {
token: String,
password: String,
password_confirm: String,
}
fn set_password_view(
v: &TeraView,
jar: &CookieJar,
token: &str,
valid: bool,
error: Option<&str>,
) -> Result<Response> {
format::view(
v,
"auth/set_password.html",
json!({
"token": token,
"valid": valid,
"error": error,
"logged_in_admin": false,
"lang": current_lang(jar),
}),
)
}
#[debug_handler]
async fn set_password_page(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Path(token): Path<String>,
) -> Result<Response> {
let valid = users::Model::find_by_reset_token(&ctx.db, &token).await.is_ok();
set_password_view(&v, &jar, &token, valid, None)
}
#[debug_handler]
async fn set_password(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
State(ctx): State<AppContext>,
Form(form): Form<SetPasswordForm>,
) -> Result<Response> {
let Ok(user) = users::Model::find_by_reset_token(&ctx.db, &form.token).await else {
return set_password_view(&v, &jar, &form.token, false, None);
};
if form.password != form.password_confirm {
return set_password_view(&v, &jar, &form.token, true, Some("mismatch"));
}
if form.password.len() < 8 {
return set_password_view(&v, &jar, &form.token, true, Some("weak"));
}
// Setting the password through an emailed link also proves email ownership,
// so the account is marked verified here.
let user = user.into_active_model().reset_password(&ctx.db, &form.password).await?;
if user.email_verified_at.is_none() {
user.into_active_model().verified(&ctx.db).await?;
}
format::redirect("/login")
}
#[debug_handler]
async fn logout() -> Result<Response> {
format::render()
@@ -211,6 +276,8 @@ pub fn routes() -> Routes {
.add("/register", get(register_page))
.add("/register", post(register))
.add("/verify/{token}", get(verify))
.add("/set-password/{token}", get(set_password_page))
.add("/set-password", post(set_password))
.add("/logout", post(logout))
.add("/admin", get(admin_entry))
}

126
src/controllers/checkout.rs
View File

@@ -1,6 +1,7 @@
//! Public checkout flow: the checkout form, placing an order, and the order
//! confirmation page.
use axum::extract::Query;
use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
use loco_rs::prelude::*;
use sea_orm::{ColumnTrait, EntityTrait, QueryFilter, QueryOrder};
@@ -9,9 +10,13 @@ use serde_json::json;
use time::Duration as TimeDuration;
use crate::{
controllers::account::normalize_account_type,
controllers::cart::{resolve_cart, CART_COOKIE},
models::{customer_profiles::{self, ProfileFields}, order_items, orders, shipping_methods},
mailers::auth::AuthMailer,
models::{
customer_profiles::{self, ProfileFields},
order_items, orders, shipping_methods,
users::{self, normalize_account_type},
},
controllers::i18n::current_lang,
shared::{guard, money::format_price, settings},
views::checkout as view,
@@ -41,6 +46,8 @@ struct CheckoutForm {
pickup_point_name: Option<String>,
// Present (as "on") only when a logged-in customer ticks "save my address".
save_profile: Option<String>,
// Present only when a guest ticks "create an account from this order".
create_account: Option<String>,
}
fn trimmed(value: &str) -> Option<String> {
@@ -119,9 +126,13 @@ async fn checkout_page(
"packeta_api_key": settings::get(&ctx, "packeta_api_key").unwrap_or(""),
"logged_in_admin": is_admin,
"logged_in_customer": is_customer,
// A logged-in customer's account type is fixed; only guests pick it
// and may opt to create an account from the order.
"account_fixed": is_customer,
"can_create_account": user.is_none(),
"prefill_email": user.as_ref().filter(|_| is_customer).map(|u| u.email.clone()),
"prefill_name": user.as_ref().filter(|_| is_customer).map(|u| u.name.clone()),
"prefill_account_type": profile.as_ref().map_or("personal", |x| x.account_type.as_str()),
"prefill_account_type": user.as_ref().filter(|_| is_customer).map_or("personal", |u| u.account_type.as_str()),
"prefill_company_name": p(|x| x.company_name.clone()),
"prefill_company_id": p(|x| x.company_id.clone()),
"prefill_tax_id": p(|x| x.tax_id.clone()),
@@ -169,9 +180,20 @@ async fn place_order(
let zip = require(&form.zip, "zip")?;
let country = require(&form.country, "country")?;
// The account type is fixed for a logged-in customer (taken from their
// account, never the form); a guest picks it on the form. Admins are treated
// as guests here.
let current_user = guard::current_user(&ctx, &jar).await;
let logged_in_customer = current_user
.as_ref()
.filter(|u| !guard::is_admin(&ctx, u));
let account_type = match logged_in_customer {
Some(u) => u.account_type.clone(),
None => normalize_account_type(form.account_type.as_deref()),
};
// Company purchases must carry the invoicing identifiers (IČO + DIČ
// required, IČ DPH optional). Personal orders carry none.
let account_type = normalize_account_type(form.account_type.as_deref());
let (company_name, company_id, tax_id, vat_id) = if account_type == "company" {
(
Some(require(form.company_name.as_deref().unwrap_or(""), "company name")?),
@@ -207,29 +229,70 @@ async fn place_order(
(None, None)
};
// If a logged-in customer opted in, persist this address to their profile
// so the next checkout is prefilled. Phone is stored split (prefix + number)
// to match the profile/checkout fields. Best-effort: a failure here is logged
// but must not block the order.
if form.save_profile.is_some() {
if let Some(user) = guard::current_user(&ctx, &jar).await {
if !guard::is_admin(&ctx, &user) {
let fields = ProfileFields {
account_type: account_type.clone(),
company_name: company_name.clone(),
company_id: company_id.clone(),
tax_id: tax_id.clone(),
vat_id: vat_id.clone(),
phone_prefix: trimmed(&form.phone_prefix),
phone: Some(number.clone()),
address: Some(address.clone()),
city: Some(city.clone()),
zip: Some(zip.clone()),
country: Some(country.clone()),
};
if let Err(err) = customer_profiles::Model::upsert(&ctx.db, user.id, fields).await {
tracing::error!(error = %err, user_id = user.id, "failed to save checkout profile");
// The address/contact captured here, ready to seed a profile (for the
// logged-in "save my address" opt-in or a freshly created guest account).
let entered_profile = || ProfileFields {
company_name: company_name.clone(),
company_id: company_id.clone(),
tax_id: tax_id.clone(),
vat_id: vat_id.clone(),
phone_prefix: trimmed(&form.phone_prefix),
phone: Some(number.clone()),
address: Some(address.clone()),
city: Some(city.clone()),
zip: Some(zip.clone()),
country: Some(country.clone()),
};
// Resolve the account that will own this order. A logged-in customer always
// owns their orders. A guest may opt to create an account from the order;
// the new account's type matches what they bought as, its profile is seeded
// from the entered details, and a "set your password" link is emailed. If
// the email already belongs to an account we silently fall back to a guest
// order (no hijacking an existing account).
let mut order_user_id = logged_in_customer.map(|u| u.id);
let mut account_created = false;
if order_user_id.is_none() && form.create_account.is_some() {
match users::Model::create_guest_account(&ctx.db, &email, &customer_name, &account_type)
.await
{
Ok(new_user) => {
if let Err(err) =
customer_profiles::Model::upsert(&ctx.db, new_user.id, entered_profile()).await
{
tracing::error!(error = %err, user_id = new_user.id, "failed to seed guest profile");
}
let user_id = new_user.id;
match new_user.into_active_model().set_forgot_password_sent(&ctx.db).await {
Ok(user) => {
if let Err(err) = AuthMailer::send_set_password(&ctx, &user).await {
tracing::error!(error = %err, "failed to send set-password email");
}
order_user_id = Some(user_id);
account_created = true;
}
Err(err) => {
tracing::error!(error = %err, "failed to issue set-password token");
order_user_id = Some(user_id);
}
}
}
Err(ModelError::EntityAlreadyExists {}) => {
tracing::info!(email = %email, "checkout account-create skipped: email already registered");
}
Err(err) => tracing::error!(error = %err, "failed to create checkout account"),
}
}
// If a logged-in customer opted in, persist this address to their profile so
// the next checkout is prefilled. Best-effort: a failure here is logged but
// must not block the order.
if form.save_profile.is_some() {
if let Some(user) = logged_in_customer {
if let Err(err) =
customer_profiles::Model::upsert(&ctx.db, user.id, entered_profile()).await
{
tracing::error!(error = %err, user_id = user.id, "failed to save checkout profile");
}
}
}
@@ -241,6 +304,7 @@ async fn place_order(
email,
phone,
customer_name: Some(customer_name),
user_id: order_user_id,
account_type,
company_name,
company_id,
@@ -259,9 +323,14 @@ async fn place_order(
)
.await?;
let target = if account_created {
format!("/orders/{}?account_created=1", order.order_number)
} else {
format!("/orders/{}", order.order_number)
};
format::render()
.cookies(&[cleared_cart_cookie()])?
.redirect(&format!("/orders/{}", order.order_number))
.redirect(&target)
}
#[debug_handler]
@@ -269,6 +338,7 @@ async fn order_confirmation(
jar: CookieJar,
ViewEngine(v): ViewEngine<TeraView>,
Path(order_number): Path<String>,
Query(params): Query<std::collections::HashMap<String, String>>,
State(ctx): State<AppContext>,
) -> Result<Response> {
let order = orders::Entity::find()
@@ -281,6 +351,7 @@ async fn order_confirmation(
.all(&ctx.db)
.await?;
let (logged_in_admin, logged_in_customer) = guard::chrome(&ctx, &jar).await;
let account_created = params.contains_key("account_created");
format::view(
&v,
@@ -294,6 +365,7 @@ async fn order_confirmation(
"items": view::items(&items),
"logged_in_admin": logged_in_admin,
"logged_in_customer": logged_in_customer,
"account_created": account_created,
"lang": current_lang(&jar),
}),
)

1
src/initializers/admin_seeder.rs
View File

@@ -43,6 +43,7 @@ impl Initializer for AdminSeeder {
email: email.clone(),
password,
name,
account_type: None,
},
)
.await?;

26
src/mailers/auth.rs
View File

@@ -9,6 +9,7 @@ use crate::models::users;
static welcome: Dir<'_> = include_dir!("src/mailers/auth/welcome");
static forgot: Dir<'_> = include_dir!("src/mailers/auth/forgot");
static magic_link: Dir<'_> = include_dir!("src/mailers/auth/magic_link");
static set_password: Dir<'_> = include_dir!("src/mailers/auth/set_password");
#[allow(clippy::module_name_repetitions)]
pub struct AuthMailer {}
@@ -62,6 +63,31 @@ impl AuthMailer {
Ok(())
}
/// Sends a "set your password" email to a checkout-created account. Reuses
/// the reset token; the link lands on the HTML `/set-password/{token}` page.
///
/// # Errors
///
/// When email sending is failed
pub async fn send_set_password(ctx: &AppContext, user: &users::Model) -> Result<()> {
Self::mail_template(
ctx,
&set_password,
mailer::Args {
to: user.email.to_string(),
locals: json!({
"name": user.name,
"resetToken": user.reset_token,
"domain": ctx.config.server.full_url()
}),
..Default::default()
},
)
.await?;
Ok(())
}
/// Sends a magic link authentication email to the user.
///
/// # Errors

10
src/mailers/auth/set_password/html.t Normal file
View File

@@ -0,0 +1,10 @@
<html>
<body>
Hey {{name}},
Thanks for your order! We created an account for you. Set your password to finish, then you can track your orders:
<a href="{{domain}}/set-password/{{resetToken}}">Set your password</a>
If you didn't place this order, you can ignore this email.
</body>
</html>

1
src/mailers/auth/set_password/subject.t Normal file
View File

@@ -0,0 +1 @@
Set your password

7
src/mailers/auth/set_password/text.t Normal file
View File

@@ -0,0 +1,7 @@
Hey {{name}},
Thanks for your order! We created an account for you. Set your password to finish, then you can track your orders:
{{domain}}/set-password/{{resetToken}}
If you didn't place this order, you can ignore this email.

1
src/models/_entities/customer_profiles.rs
View File

@@ -13,7 +13,6 @@ pub struct Model {
pub id: i32,
#[sea_orm(unique)]
pub user_id: i32,
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,

1
src/models/_entities/orders.rs
View File

@@ -18,6 +18,7 @@ pub struct Model {
pub status: String,
pub total_cents: i64,
pub currency: String,
pub user_id: Option<i32>,
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,

1
src/models/_entities/users.rs
View File

@@ -25,6 +25,7 @@ pub struct Model {
pub magic_link_token: Option<String>,
pub magic_link_expiration: Option<DateTimeWithTimeZone>,
pub theme: String,
pub account_type: String,
}
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]

6
src/models/customer_profiles.rs
View File

@@ -9,11 +9,10 @@ use sea_orm::{ActiveValue, IntoActiveModel, QueryFilter, TryIntoModel};
pub type CustomerProfiles = Entity;
/// The editable profile fields, shared by the profile page and the checkout
/// "save my address" path. `account_type` is "personal" or "company"; the
/// `company_*` fields are only meaningful for company accounts.
/// "save my address" path. The `company_*` fields are only meaningful for
/// company accounts (account type now lives on `users`, fixed at registration).
#[derive(Debug, Default, Clone)]
pub struct ProfileFields {
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,
pub tax_id: Option<String>,
@@ -59,7 +58,6 @@ impl Model {
..Default::default()
},
};
active.account_type = ActiveValue::set(fields.account_type);
active.company_name = ActiveValue::set(fields.company_name);
active.company_id = ActiveValue::set(fields.company_id);
active.tax_id = ActiveValue::set(fields.tax_id);

4
src/models/orders.rs
View File

@@ -14,6 +14,9 @@ pub struct Checkout {
pub email: String,
pub phone: String,
pub customer_name: Option<String>,
/// The account that owns this order, if any (a logged-in buyer or a guest
/// who created an account during checkout). `None` for pure guest orders.
pub user_id: Option<i32>,
pub account_type: String,
pub company_name: Option<String>,
pub company_id: Option<String>,
@@ -75,6 +78,7 @@ pub async fn place(ctx: &AppContext, items: &[(i32, i32)], details: Checkout) ->
status: Set("pending".to_string()),
total_cents: Set(subtotal + details.method.price_cents),
currency: Set(currency),
user_id: Set(details.user_id),
account_type: Set(details.account_type),
company_name: Set(details.company_name),
company_id: Set(details.company_id),

58
src/models/users.rs
View File

@@ -24,6 +24,21 @@ pub struct RegisterParams {
pub email: String,
pub password: String,
pub name: String,
/// "personal" or "company"; permanent for the account. Optional on the wire
/// (older/JSON callers omit it) and normalized via [`normalize_account_type`].
#[serde(default)]
pub account_type: Option<String>,
}
/// Normalize an account type to one of the two permanent values, defaulting to
/// "personal" for anything missing or unexpected. An account's type is chosen
/// once at registration and never changes.
#[must_use]
pub fn normalize_account_type(value: Option<&str>) -> String {
match value.map(str::trim) {
Some("company") => "company".to_string(),
_ => "personal".to_string(),
}
}
#[derive(Debug, Validate, Deserialize)]
@@ -216,6 +231,13 @@ impl Model {
hash::verify_password(password, &self.password)
}
/// Whether this is a company account (vs a personal one). Fixed at
/// registration.
#[must_use]
pub fn is_company(&self) -> bool {
self.account_type == "company"
}
/// Asynchronously creates a user with a password and saves it to the
/// database.
///
@@ -247,6 +269,7 @@ impl Model {
email: ActiveValue::set(params.email.to_string()),
password: ActiveValue::set(password_hash),
name: ActiveValue::set(params.name.to_string()),
account_type: ActiveValue::set(normalize_account_type(params.account_type.as_deref())),
..Default::default()
}
.insert(&txn)
@@ -257,6 +280,41 @@ impl Model {
Ok(user)
}
/// Creates an account on behalf of a checkout guest. The user never picks a
/// password here (a strong random one satisfies the NOT NULL column, as in
/// the OAuth path); they receive a "set your password" link by email. Errors
/// with [`ModelError::EntityAlreadyExists`] if the email is already taken.
///
/// # Errors
///
/// When the email already exists or the insert fails.
pub async fn create_guest_account(
db: &DatabaseConnection,
email: &str,
name: &str,
account_type: &str,
) -> ModelResult<Self> {
let password = PasswordGenerator::new()
.length(16)
.numbers(true)
.lowercase_letters(true)
.uppercase_letters(true)
.symbols(true)
.strict(true)
.generate_one()
.map_err(|e| ModelError::Any(e.into()))?;
Self::create_with_password(
db,
&RegisterParams {
email: email.to_string(),
password,
name: name.to_string(),
account_type: Some(account_type.to_string()),
},
)
.await
}
/// Creates a JWT
///
/// # Errors