Compare commits
20 Commits
7da4109584
...
v0.1.11
| Author | SHA1 | Date | |
|---|---|---|---|
|
42f30261d0 | ||
|
|
ffda718a46 | ||
|
|
673b28c361 | ||
|
|
454d5cb349 | ||
|
|
14ae859152 | ||
|
|
43c6c04dcf | ||
|
|
e51eda9a8c | ||
|
|
12e00a782d | ||
|
|
5278988842 | ||
|
|
e70743996b | ||
|
|
11762728c9 | ||
|
|
ebb208baba | ||
|
|
7cba3d9eba | ||
|
|
35e2b6edc9 | ||
|
|
f3daa27ce7 | ||
|
|
46cc2459bd | ||
|
|
996358be87 | ||
|
|
c6624e1b3d | ||
|
|
b9c1277876 | ||
|
|
42bab82960 |
2
.gitignore
vendored
2
.gitignore
vendored
@@ -19,6 +19,8 @@ target/
|
||||
*.sqlite-*
|
||||
.env
|
||||
.env.production
|
||||
.envrc
|
||||
.direnv/
|
||||
uploads/
|
||||
*.report.html
|
||||
favicon_io.zip
|
||||
|
||||
1287
Cargo.lock
generated
1287
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
15
Cargo.toml
15
Cargo.toml
@@ -3,7 +3,7 @@
|
||||
[package]
|
||||
name = "kompress_eshop"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
edition = "2024"
|
||||
publish = false
|
||||
default-run = "kompress-eshop-cli"
|
||||
|
||||
@@ -16,14 +16,14 @@ loco-rs = { version = "0.16" }
|
||||
loco-rs = { workspace = true }
|
||||
serde = { version = "1", features = ["derive"] }
|
||||
serde_json = { version = "1" }
|
||||
tokio = { version = "1.45", default-features = false, features = [
|
||||
tokio = { version = "1.52", default-features = false, features = [
|
||||
"rt-multi-thread",
|
||||
] }
|
||||
async-trait = { version = "0.1" }
|
||||
axum = { version = "0.8", features = ["multipart"] }
|
||||
tracing = { version = "0.1" }
|
||||
tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
|
||||
regex = { version = "1.11" }
|
||||
regex = { version = "1.12" }
|
||||
migration = { path = "migration" }
|
||||
sea-orm = { version = "1.1", features = [
|
||||
"sqlx-sqlite",
|
||||
@@ -35,7 +35,7 @@ chrono = { version = "0.4" }
|
||||
time = { version = "0.3" }
|
||||
dotenvy = { version = "0.15" }
|
||||
validator = { version = "0.20" }
|
||||
uuid = { version = "1.6", features = ["v4"] }
|
||||
uuid = { version = "1.23", features = ["v4"] }
|
||||
include_dir = { version = "0.7" }
|
||||
# outbound HTTP for carrier shipment APIs (Packeta / DPD / DHL)
|
||||
reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] }
|
||||
@@ -46,6 +46,9 @@ unic-langid = { version = "0.9" }
|
||||
axum-extra = { version = "0.10", features = ["form"] }
|
||||
bytes = { version = "1" }
|
||||
axum-casbin = "1.3.0"
|
||||
loco-oauth2 = "0.5.0"
|
||||
passwords = "3.1.16"
|
||||
tower-sessions = "0.14"
|
||||
|
||||
[[bin]]
|
||||
name = "kompress-eshop-cli"
|
||||
@@ -54,6 +57,6 @@ required-features = []
|
||||
|
||||
[dev-dependencies]
|
||||
loco-rs = { workspace = true, features = ["testing"] }
|
||||
serial_test = { version = "3.1.1" }
|
||||
serial_test = { version = "3.5.0" }
|
||||
rstest = { version = "0.25" }
|
||||
insta = { version = "1.34", features = ["redactions", "yaml", "filters"] }
|
||||
insta = { version = "1.48", features = ["redactions", "yaml", "filters"] }
|
||||
|
||||
@@ -66,8 +66,11 @@ login-email = Email
|
||||
login-password = Password
|
||||
login-no-account = Don't have an account?
|
||||
login-have-account = Already have an account?
|
||||
auth-or = or
|
||||
auth-google = Continue with Google
|
||||
nav-login = Sign in
|
||||
nav-register = Register
|
||||
nav-profile = My profile
|
||||
register-title = Create account
|
||||
register-name = Name
|
||||
register-submit = Create account
|
||||
@@ -254,8 +257,55 @@ country-de = Germany
|
||||
country-pl = Poland
|
||||
country-hu = Hungary
|
||||
checkout-note = Order note
|
||||
checkout-save-profile = Save this address to my profile
|
||||
account-type = Account type
|
||||
account-personal = Individual
|
||||
account-company = Company
|
||||
account-company-details = Company details
|
||||
company-name = Company name
|
||||
company-ico = Company ID (IČO)
|
||||
company-dic = Tax ID (DIČ)
|
||||
company-icdph = VAT ID (IČ DPH)
|
||||
field-optional = optional
|
||||
checkout-place-order = Place order
|
||||
checkout-summary = Order summary
|
||||
profile-title = My profile
|
||||
profile-intro = We'll use these details to prefill checkout.
|
||||
profile-saved = Profile saved.
|
||||
profile-save = Save profile
|
||||
profile-company-required = For a company account, please fill in company name, IČO and DIČ.
|
||||
profile-first-name = First name
|
||||
profile-last-name = Surname
|
||||
profile-edit = Edit profile
|
||||
profile-cancel = Cancel
|
||||
profile-not-set = Not set
|
||||
nav-account = My account
|
||||
account-orders = My orders
|
||||
account-change-password = Change password
|
||||
orders-active = Active orders
|
||||
orders-past = Past orders
|
||||
orders-empty = You don't have any orders yet.
|
||||
password-change-title = Change password
|
||||
password-current = Current password
|
||||
password-current-wrong = Your current password is incorrect.
|
||||
password-changed = Your password has been changed.
|
||||
account-type-locked = Account type can't be changed after registration.
|
||||
checkout-create-account = Create an account from this order
|
||||
checkout-create-account-hint = We'll email you a link to set your password. This order will be linked to your account.
|
||||
order-account-created = We created an account for you. Check your email to set your password.
|
||||
set-password-title = Set your password
|
||||
set-password-intro = Choose a password to finish setting up your account.
|
||||
set-password-new = New password
|
||||
set-password-confirm = Confirm password
|
||||
set-password-submit = Set password
|
||||
set-password-invalid = This link is invalid or has expired.
|
||||
set-password-weak = Password must be at least 8 characters.
|
||||
set-password-mismatch = Passwords don't match.
|
||||
resend-verification-title = Resend verification email
|
||||
resend-verification-intro = Enter your email and we'll send a fresh verification link.
|
||||
resend-verification-submit = Resend
|
||||
resend-verification-done = If that email belongs to an unverified account, we've sent a new verification link. Check your inbox (and spam). You can request another in a minute.
|
||||
login-resend = Didn't get the verification email? Resend it
|
||||
order-confirmed-title = Thank you for your order!
|
||||
order-confirmed-sub = We have received your order.
|
||||
order-number = Order number
|
||||
@@ -268,6 +318,7 @@ admin-no-orders = No orders yet.
|
||||
order-status-pending = Pending
|
||||
order-status-paid = Paid
|
||||
order-status-shipped = Shipped
|
||||
order-status-delivered = Delivered
|
||||
order-status-cancelled = Cancelled
|
||||
order-update-status = Update status
|
||||
|
||||
|
||||
@@ -66,8 +66,11 @@ login-email = E-mail
|
||||
login-password = Heslo
|
||||
login-no-account = Nemáte účet?
|
||||
login-have-account = Už máte účet?
|
||||
auth-or = alebo
|
||||
auth-google = Pokračovať cez Google
|
||||
nav-login = Prihlásiť sa
|
||||
nav-register = Registrácia
|
||||
nav-profile = Môj profil
|
||||
register-title = Vytvoriť účet
|
||||
register-name = Meno
|
||||
register-submit = Zaregistrovať sa
|
||||
@@ -254,8 +257,55 @@ country-de = Nemecko
|
||||
country-pl = Poľsko
|
||||
country-hu = Maďarsko
|
||||
checkout-note = Poznámka k objednávke
|
||||
checkout-save-profile = Uložiť túto adresu do môjho profilu
|
||||
account-type = Typ účtu
|
||||
account-personal = Súkromná osoba
|
||||
account-company = Firma
|
||||
account-company-details = Firemné údaje
|
||||
company-name = Názov firmy
|
||||
company-ico = IČO
|
||||
company-dic = DIČ
|
||||
company-icdph = IČ DPH
|
||||
field-optional = nepovinné
|
||||
checkout-place-order = Odoslať objednávku
|
||||
checkout-summary = Súhrn objednávky
|
||||
profile-title = Môj profil
|
||||
profile-intro = Tieto údaje použijeme na predvyplnenie pokladne.
|
||||
profile-saved = Profil bol uložený.
|
||||
profile-save = Uložiť profil
|
||||
profile-company-required = Pri firemnom účte vyplňte názov firmy, IČO a DIČ.
|
||||
profile-first-name = Meno
|
||||
profile-last-name = Priezvisko
|
||||
profile-edit = Upraviť profil
|
||||
profile-cancel = Zrušiť
|
||||
profile-not-set = Neuvedené
|
||||
nav-account = Môj účet
|
||||
account-orders = Moje objednávky
|
||||
account-change-password = Zmeniť heslo
|
||||
orders-active = Aktívne objednávky
|
||||
orders-past = Staršie objednávky
|
||||
orders-empty = Zatiaľ nemáte žiadne objednávky.
|
||||
password-change-title = Zmeniť heslo
|
||||
password-current = Súčasné heslo
|
||||
password-current-wrong = Vaše súčasné heslo je nesprávne.
|
||||
password-changed = Vaše heslo bolo zmenené.
|
||||
account-type-locked = Typ účtu sa po registrácii nedá zmeniť.
|
||||
checkout-create-account = Vytvoriť účet z tejto objednávky
|
||||
checkout-create-account-hint = Pošleme vám e-mail na nastavenie hesla. Objednávka sa priradí k vášmu účtu.
|
||||
order-account-created = Vytvorili sme vám účet. Skontrolujte si e-mail a nastavte si heslo.
|
||||
set-password-title = Nastavte si heslo
|
||||
set-password-intro = Zvoľte si heslo a dokončite vytvorenie účtu.
|
||||
set-password-new = Nové heslo
|
||||
set-password-confirm = Potvrďte heslo
|
||||
set-password-submit = Nastaviť heslo
|
||||
set-password-invalid = Odkaz je neplatný alebo vypršal.
|
||||
set-password-weak = Heslo musí mať aspoň 8 znakov.
|
||||
set-password-mismatch = Heslá sa nezhodujú.
|
||||
resend-verification-title = Znova odoslať overovací e-mail
|
||||
resend-verification-intro = Zadajte svoj e-mail a pošleme vám nový overovací odkaz.
|
||||
resend-verification-submit = Odoslať znova
|
||||
resend-verification-done = Ak k tomuto e-mailu patrí neoverený účet, poslali sme naň nový overovací odkaz. Skontrolujte si schránku aj priečinok so spamom. Ďalšiu žiadosť môžete odoslať o minútu.
|
||||
login-resend = Nedostali ste overovací e-mail? Poslať znova
|
||||
order-confirmed-title = Ďakujeme za objednávku!
|
||||
order-confirmed-sub = Vašu objednávku sme prijali.
|
||||
order-number = Číslo objednávky
|
||||
@@ -268,6 +318,7 @@ admin-no-orders = Zatiaľ žiadne objednávky.
|
||||
order-status-pending = Čaká na spracovanie
|
||||
order-status-paid = Zaplatené
|
||||
order-status-shipped = Odoslané
|
||||
order-status-delivered = Doručené
|
||||
order-status-cancelled = Zrušené
|
||||
order-update-status = Zmeniť stav
|
||||
|
||||
|
||||
File diff suppressed because one or more lines are too long
15
assets/static/vendor/alpine/alpine-focus-3.14.9.min.js
vendored
Normal file
15
assets/static/vendor/alpine/alpine-focus-3.14.9.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
76
assets/views/account/order_detail.html
Normal file
76
assets/views/account/order_detail.html
Normal file
@@ -0,0 +1,76 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ order.order_number }}{% endblock title %}
|
||||
|
||||
{% macro status_badge(status) %}
|
||||
{% if status == "delivered" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="success") }}
|
||||
{% elif status == "shipped" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% elif status == "paid" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="info") }}
|
||||
{% elif status == "cancelled" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="danger") }}
|
||||
{% else %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="warning") }}
|
||||
{% endif %}
|
||||
{% endmacro status_badge %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto max-w-2xl space-y-6">
|
||||
<a href="/account/orders" class="inline-flex items-center gap-1 text-sm text-primary underline-offset-2 hover:underline dark:text-primary-dark">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" class="size-4"><path stroke-linecap="round" stroke-linejoin="round" d="M15.75 19.5 8.25 12l7.5-7.5" /></svg>
|
||||
{{ t(key="account-orders", lang=lang | default(value='sk')) }}
|
||||
</a>
|
||||
|
||||
<div class="flex flex-wrap items-center justify-between gap-3">
|
||||
<h1 class="font-mono text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.order_number }}</h1>
|
||||
{{ self::status_badge(status=order.status) }}
|
||||
</div>
|
||||
<p class="text-sm text-on-surface/60 dark:text-on-surface-dark/60">{{ order.created_at | truncate(length=10, end="") }}</p>
|
||||
|
||||
<div class="rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<ul class="space-y-2 pb-3 text-sm">
|
||||
{% for item in items %}
|
||||
<li class="flex justify-between gap-2">
|
||||
<span class="text-on-surface/80 dark:text-on-surface-dark/80">{{ item.product_name }} × {{ item.quantity }}</span>
|
||||
<span class="tabular-nums">{{ item.line_total }} {{ order.currency }}</span>
|
||||
</li>
|
||||
{% endfor %}
|
||||
</ul>
|
||||
<div class="space-y-1 border-t border-outline py-3 text-sm dark:border-outline-dark">
|
||||
<div class="flex justify-between"><span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="checkout-subtotal", lang=lang | default(value='sk')) }}</span><span class="tabular-nums">{{ order.subtotal }} {{ order.currency }}</span></div>
|
||||
<div class="flex justify-between"><span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ order.carrier_name }}</span><span class="tabular-nums">{{ order.shipping }} {{ order.currency }}</span></div>
|
||||
{% if order.pickup_point_name %}<div class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ order.pickup_point_name }}</div>{% endif %}
|
||||
</div>
|
||||
<div class="flex justify-between border-t border-outline pt-3 font-bold dark:border-outline-dark">
|
||||
<span>{{ t(key="order-total", lang=lang | default(value='sk')) }}</span>
|
||||
<span class="tabular-nums text-primary dark:text-primary-dark">{{ order.total }} {{ order.currency }}</span>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% if order.tracking_number %}
|
||||
<div class="rounded-radius border border-outline bg-surface p-4 text-sm dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<div class="flex flex-wrap items-center justify-between gap-2">
|
||||
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="order-tracking", lang=lang | default(value='sk')) }}</span>
|
||||
<span class="font-mono font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.tracking_number }}</span>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="rounded-radius border border-outline bg-surface p-6 text-sm dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<h2 class="mb-2 font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-shipping", lang=lang | default(value='sk')) }}</h2>
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.customer_name }}</p>
|
||||
{% if order.address %}<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.address }}</p>{% endif %}
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.zip }} {{ order.city }}{% if order.country %}, {{ order.country }}{% endif %}</p>
|
||||
</div>
|
||||
|
||||
{% if order.payment_method == "bank_transfer" and order.status == "pending" %}
|
||||
<div class="space-y-2 rounded-radius border border-primary/40 bg-primary/5 p-6 text-sm dark:border-primary-dark/40">
|
||||
<p class="font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="payment-bank-instructions", lang=lang | default(value='sk')) }}</p>
|
||||
<div class="grid grid-cols-[auto_1fr] gap-x-4 gap-y-1">
|
||||
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="bank-account-name", lang=lang | default(value='sk')) }}</span><span class="font-medium">{{ order.bank_account_name }}</span>
|
||||
<span class="text-on-surface/70 dark:text-on-surface-dark/70">IBAN</span><span class="font-mono font-medium">{{ order.bank_iban }}</span>
|
||||
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="bank-variable-symbol", lang=lang | default(value='sk')) }}</span><span class="font-mono font-medium">{{ order.variable_symbol }}</span>
|
||||
<span class="text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="bank-amount", lang=lang | default(value='sk')) }}</span><span class="font-medium tabular-nums">{{ order.total }} {{ order.currency }}</span>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endblock content %}
|
||||
52
assets/views/account/orders.html
Normal file
52
assets/views/account/orders.html
Normal file
@@ -0,0 +1,52 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ t(key="account-orders", lang=lang | default(value='sk')) }}{% endblock title %}
|
||||
|
||||
{# status → badge variant #}
|
||||
{% macro status_badge(status) %}
|
||||
{% if status == "delivered" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="success") }}
|
||||
{% elif status == "shipped" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% elif status == "paid" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="info") }}
|
||||
{% elif status == "cancelled" %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="danger") }}
|
||||
{% else %}{{ ui::badge(label=t(key="order-status-" ~ status, lang=lang | default(value='sk')), variant="warning") }}
|
||||
{% endif %}
|
||||
{% endmacro status_badge %}
|
||||
|
||||
{% macro order_row(order) %}
|
||||
<a href="/account/orders/{{ order.order_number }}"
|
||||
class="flex flex-wrap items-center justify-between gap-3 rounded-radius border border-outline bg-surface p-4 transition hover:border-primary hover:bg-primary/5 dark:border-outline-dark dark:bg-surface-dark-alt dark:hover:border-primary-dark">
|
||||
<div class="min-w-0">
|
||||
<p class="font-mono text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.order_number }}</p>
|
||||
<p class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ order.created_at | truncate(length=10, end="") }}</p>
|
||||
</div>
|
||||
<div class="flex items-center gap-4">
|
||||
{{ self::status_badge(status=order.status) }}
|
||||
<span class="tabular-nums text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.total }} {{ order.currency }}</span>
|
||||
</div>
|
||||
</a>
|
||||
{% endmacro order_row %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto max-w-3xl space-y-8">
|
||||
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-orders", lang=lang | default(value='sk')) }}</h1>
|
||||
|
||||
{% if active_orders | length == 0 and past_orders | length == 0 %}
|
||||
<p class="rounded-radius border border-outline bg-surface p-6 text-sm text-on-surface/70 dark:border-outline-dark dark:bg-surface-dark-alt dark:text-on-surface-dark/70">{{ t(key="orders-empty", lang=lang | default(value='sk')) }}</p>
|
||||
{% endif %}
|
||||
|
||||
{% if active_orders | length > 0 %}
|
||||
<section class="space-y-3">
|
||||
<h2 class="text-lg font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="orders-active", lang=lang | default(value='sk')) }}</h2>
|
||||
{% for order in active_orders %}{{ self::order_row(order=order) }}{% endfor %}
|
||||
</section>
|
||||
{% endif %}
|
||||
|
||||
{% if past_orders | length > 0 %}
|
||||
<section class="space-y-3">
|
||||
<h2 class="text-lg font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="orders-past", lang=lang | default(value='sk')) }}</h2>
|
||||
{% for order in past_orders %}{{ self::order_row(order=order) }}{% endfor %}
|
||||
</section>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endblock content %}
|
||||
43
assets/views/account/password.html
Normal file
43
assets/views/account/password.html
Normal file
@@ -0,0 +1,43 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ t(key="password-change-title", lang=lang | default(value='sk')) }}{% endblock title %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto max-w-md">
|
||||
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="password-change-title", lang=lang | default(value='sk')) }}</h1>
|
||||
|
||||
{% if changed %}
|
||||
<div class="mt-4 rounded-radius border border-success bg-success/10 px-4 py-3 text-sm text-success" role="status">
|
||||
{{ t(key="password-changed", lang=lang | default(value='sk')) }}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if error == "current" %}
|
||||
{{ ui::alert_danger(message=t(key="password-current-wrong", lang=lang | default(value='sk')), extra="mt-4") }}
|
||||
{% elif error == "mismatch" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-mismatch", lang=lang | default(value='sk')), extra="mt-4") }}
|
||||
{% elif error == "weak" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-weak", lang=lang | default(value='sk')), extra="mt-4") }}
|
||||
{% endif %}
|
||||
|
||||
<form method="post" action="/account/password" hx-boost="false" class="mt-6 flex flex-col gap-4"
|
||||
x-data="{ password: '', confirm: '' }">
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="current_password" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="password-current", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="current_password", id="current_password", type="password", required=true, autocomplete="current-password") }}
|
||||
</div>
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="password" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-new", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="password", id="password", type="password", required=true, autocomplete="new-password", attrs='x-model="password"') }}
|
||||
</div>
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="password_confirm" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-confirm", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="password_confirm", id="password_confirm", type="password", required=true, autocomplete="new-password", attrs='x-model="confirm"') }}
|
||||
<span x-cloak x-show="confirm.length > 0 && password !== confirm" class="text-xs text-danger dark:text-danger">
|
||||
{{ t(key="set-password-mismatch", lang=lang | default(value='sk')) }}
|
||||
</span>
|
||||
</div>
|
||||
{{ ui::button(label=t(key="password-change-title", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full", attrs=':disabled="password !== confirm"') }}
|
||||
</form>
|
||||
</div>
|
||||
{% endblock content %}
|
||||
228
assets/views/account/profile.html
Normal file
228
assets/views/account/profile.html
Normal file
@@ -0,0 +1,228 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ t(key="profile-title", lang=lang | default(value='sk')) }}{% endblock title %}
|
||||
|
||||
{% macro field(label, value) %}
|
||||
<div class="space-y-1.5">
|
||||
<label class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ label }}</label>
|
||||
{% if value %}
|
||||
<p class="text-sm text-on-surface/80 dark:text-on-surface-dark/80">{{ value }}</p>
|
||||
{% else %}
|
||||
<p class="text-sm italic text-on-surface/50 dark:text-on-surface-dark/50">{{ t(key="profile-not-set", lang=lang | default(value='sk')) }}</p>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endmacro field %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto max-w-2xl" x-data="{ editing: {% if error %}true{% else %}false{% endif %} }">
|
||||
<h1 class="text-3xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="profile-title", lang=lang | default(value='sk')) }}</h1>
|
||||
<p class="mt-2 text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="profile-intro", lang=lang | default(value='sk')) }}</p>
|
||||
|
||||
{% if saved %}
|
||||
<div class="mt-4 rounded-radius border border-success bg-success/10 px-4 py-3 text-sm text-success" role="status">
|
||||
{{ t(key="profile-saved", lang=lang | default(value='sk')) }}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% if error %}
|
||||
{{ ui::alert_danger(message=t(key="profile-company-required", lang=lang | default(value='sk')), extra="mt-4") }}
|
||||
{% endif %}
|
||||
|
||||
<!-- read-only view (default) -->
|
||||
<div x-show="!editing" class="mt-6 space-y-6">
|
||||
<fieldset class="space-y-2 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="flex items-center gap-2">
|
||||
{% if account_type == "company" %}
|
||||
{{ ui::badge(label=t(key="account-company", lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% else %}
|
||||
{{ ui::badge(label=t(key="account-personal", lang=lang | default(value='sk')), variant="neutral") }}
|
||||
{% endif %}
|
||||
<span class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="account-type-locked", lang=lang | default(value='sk')) }}</span>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
{% if account_type == "company" %}
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-company-details", lang=lang | default(value='sk')) }}</legend>
|
||||
{{ self::field(label=t(key="company-name", lang=lang | default(value='sk')), value=company_name) }}
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
{{ self::field(label=t(key="company-ico", lang=lang | default(value='sk')), value=company_id) }}
|
||||
{{ self::field(label=t(key="company-dic", lang=lang | default(value='sk')), value=tax_id) }}
|
||||
{{ self::field(label=t(key="company-icdph", lang=lang | default(value='sk')), value=vat_id) }}
|
||||
</div>
|
||||
</fieldset>
|
||||
{% endif %}
|
||||
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-contact", lang=lang | default(value='sk')) }}</legend>
|
||||
{{ self::field(label=t(key="checkout-name", lang=lang | default(value='sk')), value=name) }}
|
||||
{{ self::field(label=t(key="checkout-email", lang=lang | default(value='sk')), value=email) }}
|
||||
{% if phone %}
|
||||
{% set phone_full = phone_prefix | default(value='') %}
|
||||
{% set phone_full = phone_full ~ ' ' ~ phone %}
|
||||
{{ self::field(label=t(key="checkout-phone", lang=lang | default(value='sk')), value=phone_full) }}
|
||||
{% else %}
|
||||
{{ self::field(label=t(key="checkout-phone", lang=lang | default(value='sk')), value='') }}
|
||||
{% endif %}
|
||||
</fieldset>
|
||||
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-shipping", lang=lang | default(value='sk')) }}</legend>
|
||||
{{ self::field(label=t(key="checkout-address", lang=lang | default(value='sk')), value=address) }}
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
{{ self::field(label=t(key="checkout-city", lang=lang | default(value='sk')), value=city) }}
|
||||
{{ self::field(label=t(key="checkout-zip", lang=lang | default(value='sk')), value=zip) }}
|
||||
{{ self::field(label=t(key="checkout-country", lang=lang | default(value='sk')), value=country) }}
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
{{ ui::button(label=t(key="profile-edit", lang=lang | default(value='sk')), type="button", size="px-6 py-2.5 text-sm", attrs='@click="editing = true"') }}
|
||||
</div>
|
||||
|
||||
<!-- edit form -->
|
||||
<form x-show="editing" x-cloak method="post" action="/account/profile" hx-boost="false" class="mt-6 space-y-6">
|
||||
<!-- account type is fixed at registration and shown read-only -->
|
||||
<fieldset class="space-y-2 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="flex items-center gap-2">
|
||||
{% if account_type == "company" %}
|
||||
{{ ui::badge(label=t(key="account-company", lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% else %}
|
||||
{{ ui::badge(label=t(key="account-personal", lang=lang | default(value='sk')), variant="neutral") }}
|
||||
{% endif %}
|
||||
<span class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="account-type-locked", lang=lang | default(value='sk')) }}</span>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
{% if account_type == "company" %}
|
||||
<!-- company billing details (company accounts only) -->
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-company-details", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="space-y-1.5">
|
||||
<label for="company_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-name", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="company_name", id="company_name", value=company_name | default(value=''), autocomplete="organization") }}
|
||||
</div>
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
<div class="space-y-1.5">
|
||||
<label for="company_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-ico", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="company_id", id="company_id", value=company_id | default(value='')) }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="tax_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-dic", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="tax_id", id="tax_id", value=tax_id | default(value='')) }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="vat_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-icdph", lang=lang | default(value='sk')) }} <span class="text-on-surface/50 dark:text-on-surface-dark/50">({{ t(key="field-optional", lang=lang | default(value='sk')) }})</span></label>
|
||||
{{ ui::input(name="vat_id", id="vat_id", value=vat_id | default(value='')) }}
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
{% endif %}
|
||||
|
||||
<!-- contact (name/email are managed by the login) -->
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-contact", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="grid gap-4 sm:grid-cols-2">
|
||||
<div class="space-y-1.5">
|
||||
<label for="first_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="profile-first-name", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="first_name", id="first_name", value=first_name | default(value=''), autocomplete="given-name") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="last_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="profile-last-name", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="last_name", id="last_name", value=last_name | default(value=''), autocomplete="family-name") }}
|
||||
</div>
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-email", lang=lang | default(value='sk')) }}</label>
|
||||
<p class="text-sm text-on-surface/80 dark:text-on-surface-dark/80">{{ email }}</p>
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="phone" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-phone", lang=lang | default(value='sk')) }}</label>
|
||||
<div class="flex gap-2">
|
||||
<!-- editable combobox: type freely or pick from the dropdown -->
|
||||
<div class="relative w-28 shrink-0" @click.outside="prefixOpen = false"
|
||||
x-data="{ prefixOpen: false, prefix: '{{ phone_prefix | default(value='+421') }}', opts: [
|
||||
{ v: '+421', l: '🇸🇰 +421' }, { v: '+420', l: '🇨🇿 +420' },
|
||||
{ v: '+43', l: '🇦🇹 +43' }, { v: '+49', l: '🇩🇪 +49' },
|
||||
{ v: '+48', l: '🇵🇱 +48' }, { v: '+36', l: '🇭🇺 +36' },
|
||||
{ v: '+44', l: '🇬🇧 +44' }, { v: '+39', l: '🇮🇹 +39' }, { v: '+33', l: '🇫🇷 +33' }
|
||||
], get filtered() { return this.opts.filter(o => !this.prefix || o.v.includes(this.prefix)) } }">
|
||||
<input name="phone_prefix" type="text" x-model="prefix" @focus="prefixOpen = true" @input="prefixOpen = true"
|
||||
aria-label="{{ t(key='checkout-phone', lang=lang | default(value='sk')) }}" autocomplete="tel-country-code" inputmode="tel"
|
||||
class="w-full rounded-radius border border-outline bg-surface py-2 pl-3 pr-7 text-sm text-on-surface focus:outline-2 focus:outline-primary dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark">
|
||||
<button type="button" tabindex="-1" @click="prefixOpen = !prefixOpen"
|
||||
class="absolute inset-y-0 right-0 flex w-7 items-center justify-center text-on-surface/60 dark:text-on-surface-dark/60">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor"
|
||||
class="size-4 transition-transform" :class="prefixOpen && 'rotate-180'">
|
||||
<path stroke-linecap="round" stroke-linejoin="round" d="m19.5 8.25-7.5 7.5-7.5-7.5" />
|
||||
</svg>
|
||||
</button>
|
||||
<ul x-show="prefixOpen" x-cloak x-transition
|
||||
class="absolute z-20 mt-1 max-h-56 w-full overflow-auto rounded-radius border border-outline bg-surface p-1 shadow-lg dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<template x-for="o in filtered" :key="o.v">
|
||||
<li><button type="button" @click="prefix = o.v; prefixOpen = false" x-text="o.l"
|
||||
class="block w-full rounded-radius px-3 py-1.5 text-left text-sm text-on-surface transition hover:bg-surface-alt dark:text-on-surface-dark dark:hover:bg-surface-dark"></button></li>
|
||||
</template>
|
||||
</ul>
|
||||
</div>
|
||||
{{ ui::input(name="phone", id="phone", type="tel", value=phone | default(value=''), autocomplete="tel", placeholder="900 000 000", attrs='inputmode="tel"') }}
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
<!-- default shipping address -->
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-shipping", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="space-y-1.5">
|
||||
<label for="address" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-address", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="address", id="address", value=address | default(value=''), autocomplete="street-address") }}
|
||||
</div>
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
<div class="space-y-1.5">
|
||||
<label for="city" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-city", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="city", id="city", value=city | default(value=''), autocomplete="address-level2") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="zip" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-zip", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="zip", id="zip", value=zip | default(value=''), autocomplete="postal-code") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="country" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-country", lang=lang | default(value='sk')) }}</label>
|
||||
<div class="relative" @click.outside="countryOpen = false"
|
||||
x-data="{ countryOpen: false, country: '{{ country | default(value='') }}', opts: [
|
||||
{ v: '{{ t(key='country-sk', lang=lang | default(value='sk')) }}', l: '🇸🇰 {{ t(key='country-sk', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-cz', lang=lang | default(value='sk')) }}', l: '🇨🇿 {{ t(key='country-cz', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-at', lang=lang | default(value='sk')) }}', l: '🇦🇹 {{ t(key='country-at', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-de', lang=lang | default(value='sk')) }}', l: '🇩🇪 {{ t(key='country-de', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-pl', lang=lang | default(value='sk')) }}', l: '🇵🇱 {{ t(key='country-pl', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-hu', lang=lang | default(value='sk')) }}', l: '🇭🇺 {{ t(key='country-hu', lang=lang | default(value='sk')) }}' }
|
||||
], get filtered() { return this.opts.filter(o => !this.country || o.v.toLowerCase().includes(this.country.toLowerCase())) } }">
|
||||
<input id="country" name="country" type="text" x-model="country" @focus="countryOpen = true" @input="countryOpen = true"
|
||||
class="w-full rounded-radius border border-outline bg-surface py-2 pl-3 pr-8 text-sm text-on-surface focus:outline-2 focus:outline-primary dark:border-outline-dark dark:bg-surface-dark dark:text-on-surface-dark">
|
||||
<button type="button" tabindex="-1" @click="countryOpen = !countryOpen"
|
||||
class="absolute inset-y-0 right-0 flex w-8 items-center justify-center text-on-surface/60 dark:text-on-surface-dark/60">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor"
|
||||
class="size-4 transition-transform" :class="countryOpen && 'rotate-180'">
|
||||
<path stroke-linecap="round" stroke-linejoin="round" d="m19.5 8.25-7.5 7.5-7.5-7.5" />
|
||||
</svg>
|
||||
</button>
|
||||
<ul x-show="countryOpen" x-cloak x-transition
|
||||
class="absolute z-20 mt-1 max-h-56 w-full overflow-auto rounded-radius border border-outline bg-surface p-1 shadow-lg dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<template x-for="o in filtered" :key="o.v">
|
||||
<li><button type="button" @click="country = o.v; countryOpen = false" x-text="o.l"
|
||||
class="block w-full rounded-radius px-3 py-1.5 text-left text-sm text-on-surface transition hover:bg-surface-alt dark:text-on-surface-dark dark:hover:bg-surface-dark"></button></li>
|
||||
</template>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
<div class="flex items-center gap-3">
|
||||
{{ ui::button(label=t(key="profile-save", lang=lang | default(value='sk')), type="submit", size="px-6 py-2.5 text-sm") }}
|
||||
{{ ui::button(label=t(key="profile-cancel", lang=lang | default(value='sk')), type="button", variant="outline-secondary", size="px-6 py-2.5 text-sm", attrs='@click="editing = false"') }}
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
{% endblock content %}
|
||||
@@ -117,8 +117,8 @@
|
||||
{% block crumb %}{{ t(key="admin-title", lang=lang | default(value='sk')) }}{% endblock crumb %}
|
||||
</span>
|
||||
|
||||
<!-- settings (language + theme) dropdown -->
|
||||
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative ml-auto">
|
||||
<!-- settings (language + theme) dropdown (self-contained Alpine state) -->
|
||||
<div class="ml-auto">
|
||||
{% include "partials/settings_dropdown.html" %}
|
||||
</div>
|
||||
</header>
|
||||
|
||||
@@ -6,7 +6,15 @@
|
||||
|
||||
{% block content %}
|
||||
<div class="flex flex-wrap items-center justify-between gap-3">
|
||||
<h1 class="font-mono text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.order_number }}</h1>
|
||||
<div class="flex flex-wrap items-center gap-3">
|
||||
<h1 class="font-mono text-2xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.order_number }}</h1>
|
||||
{% if order.status == "delivered" %}{{ ui::badge(label=t(key="order-status-" ~ order.status, lang=lang | default(value='sk')), variant="success") }}
|
||||
{% elif order.status == "shipped" %}{{ ui::badge(label=t(key="order-status-" ~ order.status, lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% elif order.status == "paid" %}{{ ui::badge(label=t(key="order-status-" ~ order.status, lang=lang | default(value='sk')), variant="info") }}
|
||||
{% elif order.status == "cancelled" %}{{ ui::badge(label=t(key="order-status-" ~ order.status, lang=lang | default(value='sk')), variant="danger") }}
|
||||
{% else %}{{ ui::badge(label=t(key="order-status-" ~ order.status, lang=lang | default(value='sk')), variant="warning") }}
|
||||
{% endif %}
|
||||
</div>
|
||||
{{ ui::button(variant="outline-secondary", label=t(key="admin-orders", lang=lang | default(value='sk')), href="/admin/orders", size="px-3 py-2 text-sm") }}
|
||||
</div>
|
||||
|
||||
@@ -52,6 +60,15 @@
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.email }}</p>
|
||||
{% if order.phone %}<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.phone }}</p>{% endif %}
|
||||
</div>
|
||||
{% if order.account_type == "company" %}
|
||||
<div>
|
||||
<p class="text-xs uppercase tracking-wide text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="account-company-details", lang=lang | default(value='sk')) }}</p>
|
||||
<p class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ order.company_name }}</p>
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ t(key="company-ico", lang=lang | default(value='sk')) }}: {{ order.company_id }}</p>
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ t(key="company-dic", lang=lang | default(value='sk')) }}: {{ order.tax_id }}</p>
|
||||
{% if order.vat_id %}<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ t(key="company-icdph", lang=lang | default(value='sk')) }}: {{ order.vat_id }}</p>{% endif %}
|
||||
</div>
|
||||
{% endif %}
|
||||
<div>
|
||||
<p class="text-xs uppercase tracking-wide text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="checkout-shipping", lang=lang | default(value='sk')) }}</p>
|
||||
<p class="text-on-surface/80 dark:text-on-surface-dark/80">{{ order.address }}<br>{{ order.zip }} {{ order.city }}<br>{{ order.country }}</p>
|
||||
|
||||
@@ -22,6 +22,9 @@
|
||||
|
||||
{% if error == "unverified" %}
|
||||
{{ ui::alert_danger(message=t(key="login-error-unverified", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
<p class="mt-2 text-sm text-on-surface dark:text-on-surface-dark">
|
||||
<a href="/resend-verification" class="font-medium text-primary underline-offset-2 hover:underline dark:text-primary-dark">{{ t(key="login-resend", lang=lang | default(value='sk')) }}</a>
|
||||
</p>
|
||||
{% elif error %}
|
||||
{{ ui::alert_danger(message=t(key="login-error", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% endif %}
|
||||
@@ -46,6 +49,13 @@
|
||||
{{ ui::button(label=t(key="login-auth", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full") }}
|
||||
</form>
|
||||
|
||||
<div class="mt-5 flex items-center gap-3 text-xs text-on-surface/50 dark:text-on-surface-dark/50">
|
||||
<span class="h-px flex-1 bg-outline dark:bg-outline-dark"></span>
|
||||
{{ t(key="auth-or", lang=lang | default(value='sk')) }}
|
||||
<span class="h-px flex-1 bg-outline dark:bg-outline-dark"></span>
|
||||
</div>
|
||||
{{ ui::button(label=t(key="auth-google", lang=lang | default(value='sk')), href="/api/oauth2/google", variant="outline-secondary", attrs='hx-boost="false"', extra="mt-4 w-full", icon='<svg class="size-4" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"><path fill="#FFC107" d="M43.611 20.083H42V20H24v8h11.303c-1.649 4.657-6.08 8-11.303 8-6.627 0-12-5.373-12-12s5.373-12 12-12c3.059 0 5.842 1.154 7.961 3.039l5.657-5.657C34.046 6.053 29.268 4 24 4 12.955 4 4 12.955 4 24s8.955 20 20 20 20-8.955 20-20c0-1.341-.138-2.65-.389-3.917z"/><path fill="#FF3D00" d="m6.306 14.691 6.571 4.819C14.655 15.108 18.961 12 24 12c3.059 0 5.842 1.154 7.961 3.039l5.657-5.657C34.046 6.053 29.268 4 24 4 16.318 4 9.656 8.337 6.306 14.691z"/><path fill="#4CAF50" d="M24 44c5.166 0 9.86-1.977 13.409-5.192l-6.19-5.238A11.91 11.91 0 0 1 24 36c-5.202 0-9.619-3.317-11.283-7.946l-6.522 5.025C9.505 39.556 16.227 44 24 44z"/><path fill="#1976D2" d="M43.611 20.083H42V20H24v8h11.303a12.04 12.04 0 0 1-4.087 5.571l.003-.002 6.19 5.238C36.971 39.205 44 34 44 24c0-1.341-.138-2.65-.389-3.917z"/></svg>') }}
|
||||
|
||||
<p class="mt-4 text-sm text-on-surface dark:text-on-surface-dark">
|
||||
{{ t(key="login-no-account", lang=lang | default(value='sk')) }}
|
||||
<a href="/register"
|
||||
|
||||
@@ -22,17 +22,29 @@
|
||||
|
||||
{% if error == "exists" %}
|
||||
{{ ui::alert_danger(message=t(key="register-error-exists", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% elif error == "mismatch" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-mismatch", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% elif error == "weak" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-weak", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% elif error %}
|
||||
{{ ui::alert_danger(message=t(key="register-error-invalid", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% endif %}
|
||||
|
||||
<form method="post" action="/register" hx-boost="false" class="mt-4 flex flex-col gap-4">
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="name"
|
||||
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
|
||||
{{ t(key="register-name", lang=lang | default(value='sk')) }}
|
||||
</label>
|
||||
{{ ui::input(name="name", id="name", required=true, autocomplete="name", attrs="autofocus") }}
|
||||
<form method="post" action="/register" hx-boost="false" class="mt-4 flex flex-col gap-4"
|
||||
x-data="{ password: '', confirm: '' }">
|
||||
<div class="flex flex-col gap-1.5">
|
||||
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</span>
|
||||
<div class="grid grid-cols-2 gap-2">
|
||||
<label class="flex cursor-pointer items-center gap-2 rounded-radius border border-outline px-3 py-2 text-sm transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
{{ ui::radio(name="account_type", value="personal", checked=true) }}
|
||||
<span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-personal", lang=lang | default(value='sk')) }}</span>
|
||||
</label>
|
||||
<label class="flex cursor-pointer items-center gap-2 rounded-radius border border-outline px-3 py-2 text-sm transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
{{ ui::radio(name="account_type", value="company") }}
|
||||
<span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-company", lang=lang | default(value='sk')) }}</span>
|
||||
</label>
|
||||
</div>
|
||||
<span class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="account-type-locked", lang=lang | default(value='sk')) }}</span>
|
||||
</div>
|
||||
|
||||
<div class="flex flex-col gap-1">
|
||||
@@ -40,7 +52,7 @@
|
||||
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
|
||||
{{ t(key="login-email", lang=lang | default(value='sk')) }}
|
||||
</label>
|
||||
{{ ui::input(name="email", id="email", type="email", required=true, autocomplete="email") }}
|
||||
{{ ui::input(name="email", id="email", type="email", required=true, autocomplete="email", attrs="autofocus") }}
|
||||
</div>
|
||||
|
||||
<div class="flex flex-col gap-1">
|
||||
@@ -48,12 +60,31 @@
|
||||
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
|
||||
{{ t(key="login-password", lang=lang | default(value='sk')) }}
|
||||
</label>
|
||||
{{ ui::input(name="password", id="password", type="password", required=true, autocomplete="new-password") }}
|
||||
{{ ui::input(name="password", id="password", type="password", required=true, autocomplete="new-password", attrs='x-model="password"') }}
|
||||
</div>
|
||||
|
||||
{{ ui::button(label=t(key="register-submit", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full") }}
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="password_confirm"
|
||||
class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">
|
||||
{{ t(key="set-password-confirm", lang=lang | default(value='sk')) }}
|
||||
</label>
|
||||
{{ ui::input(name="password_confirm", id="password_confirm", type="password", required=true, autocomplete="new-password", attrs='x-model="confirm"') }}
|
||||
<span x-cloak x-show="confirm.length > 0 && password !== confirm"
|
||||
class="text-xs text-danger dark:text-danger">
|
||||
{{ t(key="set-password-mismatch", lang=lang | default(value='sk')) }}
|
||||
</span>
|
||||
</div>
|
||||
|
||||
{{ ui::button(label=t(key="register-submit", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full", attrs=':disabled="password !== confirm"') }}
|
||||
</form>
|
||||
|
||||
<div class="mt-5 flex items-center gap-3 text-xs text-on-surface/50 dark:text-on-surface-dark/50">
|
||||
<span class="h-px flex-1 bg-outline dark:bg-outline-dark"></span>
|
||||
{{ t(key="auth-or", lang=lang | default(value='sk')) }}
|
||||
<span class="h-px flex-1 bg-outline dark:bg-outline-dark"></span>
|
||||
</div>
|
||||
{{ ui::button(label=t(key="auth-google", lang=lang | default(value='sk')), href="/api/oauth2/google", variant="outline-secondary", attrs='hx-boost="false"', extra="mt-4 w-full", icon='<svg class="size-4" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"><path fill="#FFC107" d="M43.611 20.083H42V20H24v8h11.303c-1.649 4.657-6.08 8-11.303 8-6.627 0-12-5.373-12-12s5.373-12 12-12c3.059 0 5.842 1.154 7.961 3.039l5.657-5.657C34.046 6.053 29.268 4 24 4 12.955 4 4 12.955 4 24s8.955 20 20 20 20-8.955 20-20c0-1.341-.138-2.65-.389-3.917z"/><path fill="#FF3D00" d="m6.306 14.691 6.571 4.819C14.655 15.108 18.961 12 24 12c3.059 0 5.842 1.154 7.961 3.039l5.657-5.657C34.046 6.053 29.268 4 24 4 16.318 4 9.656 8.337 6.306 14.691z"/><path fill="#4CAF50" d="M24 44c5.166 0 9.86-1.977 13.409-5.192l-6.19-5.238A11.91 11.91 0 0 1 24 36c-5.202 0-9.619-3.317-11.283-7.946l-6.522 5.025C9.505 39.556 16.227 44 24 44z"/><path fill="#1976D2" d="M43.611 20.083H42V20H24v8h11.303a12.04 12.04 0 0 1-4.087 5.571l.003-.002 6.19 5.238C36.971 39.205 44 34 44 24c0-1.341-.138-2.65-.389-3.917z"/></svg>') }}
|
||||
|
||||
<p class="mt-4 text-sm text-on-surface dark:text-on-surface-dark">
|
||||
{{ t(key="login-have-account", lang=lang | default(value='sk')) }}
|
||||
<a href="/login"
|
||||
|
||||
37
assets/views/auth/resend_verification.html
Normal file
37
assets/views/auth/resend_verification.html
Normal file
@@ -0,0 +1,37 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ t(key="resend-verification-title", lang=lang | default(value='sk')) }}{% endblock title %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto mt-8 max-w-sm">
|
||||
<div class="rounded-radius border border-outline bg-surface-alt shadow-sm dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<div class="flex items-center justify-between border-b border-outline px-5 py-3 dark:border-outline-dark">
|
||||
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="brand", lang=lang | default(value='sk')) }}</span>
|
||||
{{ ui::badge(label=t(key="auth", lang=lang | default(value='sk')), variant="primary") }}
|
||||
</div>
|
||||
|
||||
<div class="p-5">
|
||||
<h1 class="text-xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="resend-verification-title", lang=lang | default(value='sk')) }}</h1>
|
||||
|
||||
{% if done %}
|
||||
<div class="mt-3 rounded-radius border border-success bg-success/10 px-4 py-3 text-sm text-success" role="status">
|
||||
{{ t(key="resend-verification-done", lang=lang | default(value='sk')) }}
|
||||
</div>
|
||||
<p class="mt-4 text-sm text-on-surface dark:text-on-surface-dark">
|
||||
<a href="/login" class="font-medium text-primary underline-offset-2 hover:underline dark:text-primary-dark">{{ t(key="nav-login", lang=lang | default(value='sk')) }}</a>
|
||||
</p>
|
||||
{% else %}
|
||||
<p class="mt-1 text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="resend-verification-intro", lang=lang | default(value='sk')) }}</p>
|
||||
<form method="post" action="/resend-verification" hx-boost="false" class="mt-4 flex flex-col gap-4">
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="email" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="login-email", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="email", id="email", type="email", required=true, autocomplete="email", attrs="autofocus") }}
|
||||
</div>
|
||||
{{ ui::button(label=t(key="resend-verification-submit", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full") }}
|
||||
</form>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock content %}
|
||||
47
assets/views/auth/set_password.html
Normal file
47
assets/views/auth/set_password.html
Normal file
@@ -0,0 +1,47 @@
|
||||
{% extends "base.html" %}
|
||||
{% import "macros/ui.html" as ui %}
|
||||
|
||||
{% block title %}{{ t(key="set-password-title", lang=lang | default(value='sk')) }}{% endblock title %}
|
||||
|
||||
{% block content %}
|
||||
<div class="mx-auto mt-8 max-w-sm">
|
||||
<div class="rounded-radius border border-outline bg-surface-alt shadow-sm dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<div class="flex items-center justify-between border-b border-outline px-5 py-3 dark:border-outline-dark">
|
||||
<span class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="brand", lang=lang | default(value='sk')) }}</span>
|
||||
{{ ui::badge(label=t(key="auth", lang=lang | default(value='sk')), variant="primary") }}
|
||||
</div>
|
||||
|
||||
<div class="p-5">
|
||||
<h1 class="text-xl font-bold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-title", lang=lang | default(value='sk')) }}</h1>
|
||||
|
||||
{% if not valid %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-invalid", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
<p class="mt-4 text-sm text-on-surface dark:text-on-surface-dark">
|
||||
<a href="/login" class="font-medium text-primary underline-offset-2 hover:underline dark:text-primary-dark">{{ t(key="nav-login", lang=lang | default(value='sk')) }}</a>
|
||||
</p>
|
||||
{% else %}
|
||||
<p class="mt-1 text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="set-password-intro", lang=lang | default(value='sk')) }}</p>
|
||||
|
||||
{% if error == "mismatch" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-mismatch", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% elif error == "weak" %}
|
||||
{{ ui::alert_danger(message=t(key="set-password-weak", lang=lang | default(value='sk')), extra="mt-3") }}
|
||||
{% endif %}
|
||||
|
||||
<form method="post" action="/set-password" hx-boost="false" class="mt-4 flex flex-col gap-4">
|
||||
<input type="hidden" name="token" value="{{ token }}">
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="password" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-new", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="password", id="password", type="password", required=true, autocomplete="new-password", attrs="autofocus") }}
|
||||
</div>
|
||||
<div class="flex flex-col gap-1">
|
||||
<label for="password_confirm" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="set-password-confirm", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="password_confirm", id="password_confirm", type="password", required=true, autocomplete="new-password") }}
|
||||
</div>
|
||||
{{ ui::button(label=t(key="set-password-submit", lang=lang | default(value='sk')), type="submit", extra="mt-1 w-full") }}
|
||||
</form>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock content %}
|
||||
@@ -57,6 +57,9 @@
|
||||
</script>
|
||||
<link href="/static/css/app.css?v=2026-06-16" rel="stylesheet" type="text/css">
|
||||
<script src="/static/vendor/htmx/htmx-1.9.12.min.js"></script>
|
||||
<!-- Alpine Focus plugin (x-trap / $focus) — must load before Alpine core;
|
||||
required by the Penguin UI keyboard-accessible dropdowns. -->
|
||||
<script defer src="/static/vendor/alpine/alpine-focus-3.14.9.min.js"></script>
|
||||
<script defer src="/static/vendor/alpine/alpinejs-3.14.9.min.js"></script>
|
||||
</head>
|
||||
<body hx-boost="true"
|
||||
@@ -85,6 +88,8 @@
|
||||
<button type="submit" class="text-sm font-medium text-danger underline-offset-2 transition hover:opacity-75 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
|
||||
</form>
|
||||
</li>
|
||||
{% elif logged_in_customer %}
|
||||
{# customer account links live in the profile dropdown next to the cart #}
|
||||
{% else %}
|
||||
<li>{{ ui::nav_link(label=t(key="nav-login", lang=lang | default(value='sk')), href="/login", data_nav="/login") }}</li>
|
||||
<li>{{ ui::nav_link(label=t(key="nav-register", lang=lang | default(value='sk')), href="/register", data_nav="/register") }}</li>
|
||||
@@ -92,9 +97,14 @@
|
||||
</ul>
|
||||
|
||||
<!-- right side: cart + settings + mobile toggle -->
|
||||
<div class="ml-auto flex items-center gap-1">
|
||||
<!-- cart with live item-count badge read from the `cart` cookie -->
|
||||
<a href="/cart" data-nav="/cart"
|
||||
<div class="ml-auto flex items-center gap-2">
|
||||
<!-- customer profile dropdown (avatar + name + account type) -->
|
||||
{% if logged_in_customer %}
|
||||
{% include "partials/profile_menu.html" %}
|
||||
{% endif %}
|
||||
<!-- cart with live item-count badge read from the `cart` cookie.
|
||||
hx-boost=false: a plain full-page navigation to /cart, no SPA swap. -->
|
||||
<a href="/cart" data-nav="/cart" hx-boost="false"
|
||||
x-data="{ count: 0 }"
|
||||
x-init="count = cartCount(); ['htmx:afterSwap', 'htmx:afterRequest'].forEach(function (e) { window.addEventListener(e, function () { count = cartCount() }) })"
|
||||
aria-label="{{ t(key='cart-title', lang=lang | default(value='sk')) }}"
|
||||
@@ -104,10 +114,9 @@
|
||||
<span x-show="count > 0" x-cloak x-text="count"
|
||||
class="absolute -right-1 -top-1 inline-flex min-w-4 items-center justify-center rounded-full bg-primary px-1 text-[10px] font-semibold leading-4 text-on-primary dark:bg-primary-dark dark:text-on-primary-dark"></span>
|
||||
</a>
|
||||
<!-- settings (language + theme) dropdown -->
|
||||
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative">
|
||||
{% include "partials/settings_dropdown.html" %}
|
||||
</div>
|
||||
|
||||
<!-- settings (language + theme) dropdown (self-contained Alpine state) -->
|
||||
{% include "partials/settings_dropdown.html" %}
|
||||
|
||||
<!-- mobile hamburger — Penguin animated icon swap (bars ↔ X), kept in
|
||||
our ghost-square icon-button shell for consistency with cart/gear -->
|
||||
@@ -131,6 +140,13 @@
|
||||
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
|
||||
</form>
|
||||
</li>
|
||||
{% elif logged_in_customer %}
|
||||
<li><a href="/account/profile" data-nav="/account" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="nav-profile", lang=lang | default(value='sk')) }}</a></li>
|
||||
<li>
|
||||
<form method="post" action="/logout" hx-boost="false">
|
||||
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
|
||||
</form>
|
||||
</li>
|
||||
{% else %}
|
||||
<li><a href="/login" data-nav="/login" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="nav-login", lang=lang | default(value='sk')) }}</a></li>
|
||||
<li><a href="/register" data-nav="/register" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="nav-register", lang=lang | default(value='sk')) }}</a></li>
|
||||
@@ -144,6 +160,22 @@
|
||||
class="fixed inset-0 z-30 bg-black/50 lg:hidden"></div>
|
||||
|
||||
<div class="mx-auto flex w-full max-w-7xl gap-8 px-4 py-8">
|
||||
{% if account_nav %}
|
||||
<!-- account-area sidebar: replaces the storefront categories while the
|
||||
customer is inside /account/*. -->
|
||||
<aside x-cloak x-show="cats || lg" aria-label="{{ t(key='nav-account', lang=lang | default(value='sk')) }}"
|
||||
class="fixed inset-y-0 left-0 z-40 w-64 overflow-y-auto border-r border-outline bg-surface-alt p-4 lg:static lg:z-auto lg:w-64 lg:shrink-0 lg:self-start lg:overflow-visible lg:rounded-radius lg:border lg:p-3 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<h2 class="px-3 pb-2 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="nav-account", lang=lang | default(value='sk')) }}</h2>
|
||||
<ul class="space-y-1">
|
||||
<li><a href="/account/orders" data-nav="/account/orders" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="account-orders", lang=lang | default(value='sk')) }}</a></li>
|
||||
<li><a href="/account/profile" data-nav="/account/profile" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="profile-title", lang=lang | default(value='sk')) }}</a></li>
|
||||
<li><a href="/account/password" data-nav="/account/password" class="block rounded-radius px-3 py-2 text-sm font-medium text-on-surface underline-offset-2 transition hover:bg-primary/5 hover:text-primary focus:outline-hidden focus-visible:underline aria-[current=page]:font-semibold aria-[current=page]:bg-primary/10 aria-[current=page]:text-primary dark:text-on-surface-dark dark:hover:text-primary-dark dark:aria-[current=page]:text-primary-dark">{{ t(key="account-change-password", lang=lang | default(value='sk')) }}</a></li>
|
||||
</ul>
|
||||
<form method="post" action="/logout" hx-boost="false" class="mt-4 border-t border-outline pt-3 dark:border-outline-dark">
|
||||
<button type="submit" class="block w-full rounded-radius px-3 py-2 text-left text-sm font-medium text-danger underline-offset-2 transition hover:bg-primary/5 focus:outline-hidden focus-visible:underline">{{ t(key="logout", lang=lang | default(value='sk')) }}</button>
|
||||
</form>
|
||||
</aside>
|
||||
{% else %}
|
||||
<!-- persistent category sidebar (off-canvas drawer on mobile).
|
||||
hx-preserve keeps this node across boosted page swaps, so it is
|
||||
fetched once (hx-trigger=load) and never reloaded on navigation. -->
|
||||
@@ -152,6 +184,7 @@
|
||||
hx-get="/partials/categories" hx-trigger="load"
|
||||
class="fixed inset-y-0 left-0 z-40 w-64 overflow-y-auto border-r border-outline bg-surface-alt p-4 lg:static lg:z-auto lg:w-64 lg:shrink-0 lg:self-start lg:overflow-visible lg:rounded-radius lg:border lg:p-3 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
</aside>
|
||||
{% endif %}
|
||||
|
||||
<main class="min-w-0 flex-1">
|
||||
{% block content %}{% endblock content %}
|
||||
|
||||
@@ -82,6 +82,11 @@
|
||||
{# Compact danger alert (form/inline errors). Adapted from
|
||||
penguinui/alert/default-alert.html (danger variant), trimmed to a single line
|
||||
with the danger icon. #}
|
||||
{# Required-field marker: a red asterisk appended to a field label. #}
|
||||
{% macro req() -%}
|
||||
<span class="ml-0.5 text-danger" aria-hidden="true">*</span>
|
||||
{%- endmacro req %}
|
||||
|
||||
{% macro alert_danger(message, extra="") -%}
|
||||
<div class="flex w-full items-center gap-2 overflow-hidden rounded-radius border border-danger bg-danger/10 px-3 py-2 text-sm text-danger {{ extra }}" role="alert">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" class="size-5 shrink-0" aria-hidden="true">
|
||||
|
||||
73
assets/views/partials/profile_menu.html
Normal file
73
assets/views/partials/profile_menu.html
Normal file
@@ -0,0 +1,73 @@
|
||||
{# Customer profile dropdown in the storefront navbar.
|
||||
|
||||
Proper Penguin UI dropdown: behaviour is the vendored
|
||||
dropdowns/dropdown-with-icons.html verbatim (isOpen / openedWithKeyboard,
|
||||
x-trap + $focus keyboard nav, x-cloak x-show, @click.outside). Trigger is the
|
||||
round initials avatar (avatar-with-initials.html, primary variant). Menu items
|
||||
are our account links.
|
||||
|
||||
Needs the Alpine Focus plugin (loaded before Alpine core in base.html) for
|
||||
x-trap / $focus. Self-contained Alpine state; the host only needs to place it
|
||||
in the navbar flex row. The panel has NO id on purpose — an id would make htmx
|
||||
hx-boost "settle" it across boosted navigations and reappear; id-less Penguin
|
||||
dropdowns are unaffected. #}
|
||||
|
||||
{# initials from the full name, e.g. "Filip Priec" -> "FP" #}
|
||||
{% set _name = customer_name | default(value='') | trim %}
|
||||
{% set _parts = _name | split(pat=' ') %}
|
||||
{% set _initials = _parts.0 | truncate(length=1, end='') | upper %}
|
||||
{% if _parts | length > 1 %}{% set _second = _parts | last | truncate(length=1, end='') | upper %}{% set _initials = _initials ~ _second %}{% endif %}
|
||||
{% if customer_account_type == "company" %}{% set _type_label = t(key="account-company", lang=lang | default(value='sk')) %}{% else %}{% set _type_label = t(key="account-personal", lang=lang | default(value='sk')) %}{% endif %}
|
||||
|
||||
{% set _person_icon = '<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-5"><path fill-rule="evenodd" d="M7.5 6a4.5 4.5 0 119 0 4.5 4.5 0 01-9 0zM3.751 20.105a8.25 8.25 0 0116.498 0 .75.75 0 01-.437.695A18.683 18.683 0 0112 22.5c-2.786 0-5.433-.608-7.812-1.7a.75.75 0 01-.437-.695z" clip-rule="evenodd"/></svg>' %}
|
||||
|
||||
<div x-data="{ isOpen: false, openedWithKeyboard: false }"
|
||||
x-on:keydown.esc.window="isOpen = false, openedWithKeyboard = false"
|
||||
class="relative">
|
||||
<!-- Toggle Button: round initials avatar -->
|
||||
<button type="button" x-on:click="isOpen = ! isOpen"
|
||||
x-on:keydown.space.prevent="openedWithKeyboard = true" x-on:keydown.enter.prevent="openedWithKeyboard = true" x-on:keydown.down.prevent="openedWithKeyboard = true"
|
||||
x-bind:aria-expanded="isOpen || openedWithKeyboard" aria-haspopup="true"
|
||||
aria-label="{{ t(key='nav-account', lang=lang | default(value='sk')) }}"
|
||||
class="flex size-9 shrink-0 items-center justify-center overflow-hidden rounded-full border border-primary bg-primary text-sm font-bold tracking-wider text-on-primary/90 transition hover:opacity-90 focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary dark:border-primary-dark dark:bg-primary-dark dark:text-on-primary-dark/90 dark:focus-visible:outline-primary-dark">
|
||||
{%- if _initials %}{{ _initials }}{% else %}{{ _person_icon | safe }}{% endif -%}
|
||||
</button>
|
||||
<!-- Dropdown Menu (positioned like the settings cog: right-0 mt-2) -->
|
||||
<div x-cloak x-show="isOpen || openedWithKeyboard" x-transition x-trap="openedWithKeyboard"
|
||||
x-on:click.outside="isOpen = false, openedWithKeyboard = false"
|
||||
x-on:keydown.down.prevent="$focus.wrap().next()" x-on:keydown.up.prevent="$focus.wrap().previous()"
|
||||
class="absolute right-0 mt-2 flex w-60 min-w-48 flex-col divide-y divide-outline overflow-hidden rounded-radius border border-outline bg-surface-alt shadow-lg dark:divide-outline-dark dark:border-outline-dark dark:bg-surface-dark-alt" role="menu">
|
||||
<!-- header: avatar + name + account type -->
|
||||
<div class="flex items-center gap-3 px-4 py-2.5">
|
||||
<span class="flex size-11 shrink-0 items-center justify-center overflow-hidden rounded-full border border-primary bg-primary text-base font-bold tracking-wider text-on-primary/90 dark:border-primary-dark dark:bg-primary-dark dark:text-on-primary-dark/90">
|
||||
{%- if _initials %}{{ _initials }}{% else %}{{ _person_icon | safe }}{% endif -%}
|
||||
</span>
|
||||
<div class="flex min-w-0 flex-col">
|
||||
<span class="truncate text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ _name }}</span>
|
||||
<p class="truncate text-xs text-on-surface dark:text-on-surface-dark">{{ _type_label }}</p>
|
||||
</div>
|
||||
</div>
|
||||
<!-- account links (with icons) -->
|
||||
<div class="flex flex-col py-1.5">
|
||||
<a href="/account/orders" data-nav="/account/orders" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
|
||||
{{ ui::icon(name="cart", size="size-4", extra="shrink-0") }}
|
||||
{{ t(key="account-orders", lang=lang | default(value='sk')) }}
|
||||
</a>
|
||||
<a href="/account/profile" data-nav="/account/profile" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M7.5 6a4.5 4.5 0 119 0 4.5 4.5 0 01-9 0zM3.751 20.105a8.25 8.25 0 0116.498 0 .75.75 0 01-.437.695A18.683 18.683 0 0112 22.5c-2.786 0-5.433-.608-7.812-1.7a.75.75 0 01-.437-.695z" clip-rule="evenodd"/></svg>
|
||||
{{ t(key="profile-title", lang=lang | default(value='sk')) }}
|
||||
</a>
|
||||
<a href="/account/password" data-nav="/account/password" role="menuitem" class="flex items-center gap-2 bg-surface-alt px-4 py-2 text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M15.75 1.5a6.75 6.75 0 00-6.651 7.906c.067.39-.032.717-.221.906l-6.5 6.499a3 3 0 00-.878 2.121v2.818c0 .414.336.75.75.75H6a.75.75 0 00.75-.75v-1.5h1.5A.75.75 0 009 21v-1.5h1.5a.75.75 0 00.53-.22l2.658-2.658c.19-.189.517-.288.906-.22A6.75 6.75 0 1015.75 1.5zm0 3a.75.75 0 000 1.5A2.25 2.25 0 0118 8.25a.75.75 0 001.5 0 3.75 3.75 0 00-3.75-3.75z" clip-rule="evenodd"/></svg>
|
||||
{{ t(key="account-change-password", lang=lang | default(value='sk')) }}
|
||||
</a>
|
||||
</div>
|
||||
<!-- logout -->
|
||||
<div class="flex flex-col py-1.5">
|
||||
<form method="post" action="/logout" hx-boost="false"><button type="submit" role="menuitem" class="flex w-full items-center gap-2 bg-surface-alt px-4 py-2 text-left text-sm text-on-surface hover:bg-surface-dark-alt/5 hover:text-on-surface-strong focus-visible:bg-surface-dark-alt/10 focus-visible:text-on-surface-strong focus-visible:outline-hidden dark:bg-surface-dark-alt dark:text-on-surface-dark dark:hover:bg-surface-alt/5 dark:hover:text-on-surface-dark-strong dark:focus-visible:bg-surface-alt/10 dark:focus-visible:text-on-surface-dark-strong">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" aria-hidden="true" fill="currentColor" class="size-4 shrink-0"><path fill-rule="evenodd" d="M7.5 3.75A1.5 1.5 0 006 5.25v13.5a1.5 1.5 0 001.5 1.5h6a1.5 1.5 0 001.5-1.5V15a.75.75 0 011.5 0v3.75a3 3 0 01-3 3h-6a3 3 0 01-3-3V5.25a3 3 0 013-3h6a3 3 0 013 3V9A.75.75 0 0115 9V5.25a1.5 1.5 0 00-1.5-1.5h-6zm10.72 4.72a.75.75 0 011.06 0l3 3a.75.75 0 010 1.06l-3 3a.75.75 0 11-1.06-1.06l1.72-1.72H9a.75.75 0 010-1.5h10.94l-1.72-1.72a.75.75 0 010-1.06z" clip-rule="evenodd"/></svg>
|
||||
{{ t(key="logout", lang=lang | default(value='sk')) }}
|
||||
</button></form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -1,18 +1,22 @@
|
||||
{# Settings dropdown (language + theme). Shared by base.html and admin/base.html
|
||||
to kill the former ~100-line copy-paste duplication.
|
||||
|
||||
Adapted from the vendored Penguin UI component
|
||||
penguinui-components/dropdowns/dropdown-with-click.html: Penguin's dropdown
|
||||
menu container + item treatment. Deviations: kept our gear icon-only trigger
|
||||
and our core-Alpine open / @click.outside toggle (upstream's x-trap / $focus
|
||||
need the Alpine Focus plugin, which we don't bundle); item hover uses
|
||||
bg-primary/5 to stay consistent with the rest of our Penguin-ified UI.
|
||||
Proper Penguin UI dropdown: behaviour is the vendored
|
||||
dropdowns/dropdown-with-icons.html verbatim (isOpen / openedWithKeyboard,
|
||||
x-trap + $focus keyboard nav, x-cloak x-show, @click.outside). Trigger is our
|
||||
gear icon-only button; content is the language form + theme toggle. Needs the
|
||||
Alpine Focus plugin (loaded in base.html) for x-trap / $focus.
|
||||
|
||||
The host template provides the wrapper
|
||||
<div x-data="{ open: false }" @keydown.escape="open = false" class="relative ...">
|
||||
so it controls its own positioning (e.g. ml-auto in admin). #}
|
||||
{{ ui::icon_button(aria_label=t(key='settings', lang=lang | default(value='sk')), attrs='@click="open = !open" :aria-expanded="open"', icon='<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-5"><path stroke-linecap="round" stroke-linejoin="round" d="M9.594 3.94c.09-.542.56-.94 1.11-.94h2.593c.55 0 1.02.398 1.11.94l.213 1.281c.063.374.313.686.645.87.074.04.147.083.22.127.324.196.72.257 1.075.124l1.217-.456a1.125 1.125 0 0 1 1.37.49l1.296 2.247a1.125 1.125 0 0 1-.26 1.431l-1.003.827c-.293.241-.438.613-.43.992a7.723 7.723 0 0 1 0 .255c-.008.378.137.75.43.991l1.004.827c.424.35.534.955.26 1.43l-1.298 2.247a1.125 1.125 0 0 1-1.369.491l-1.217-.456c-.355-.133-.75-.072-1.076.124a6.47 6.47 0 0 1-.22.128c-.331.183-.581.495-.644.869l-.213 1.281c-.09.543-.56.94-1.11.94h-2.594c-.55 0-1.019-.398-1.11-.94l-.213-1.281c-.062-.374-.312-.686-.644-.87a6.52 6.52 0 0 1-.22-.127c-.325-.196-.72-.257-1.076-.124l-1.217.456a1.125 1.125 0 0 1-1.369-.49l-1.297-2.247a1.125 1.125 0 0 1 .26-1.431l1.004-.827c.292-.24.437-.613.43-.991a6.932 6.932 0 0 1 0-.255c.007-.38-.138-.751-.43-.992l-1.004-.827a1.125 1.125 0 0 1-.26-1.43l1.297-2.247a1.125 1.125 0 0 1 1.37-.491l1.216.456c.356.133.751.072 1.076-.124.072-.044.146-.086.22-.128.332-.183.582-.495.644-.869l.214-1.28Z" /><path stroke-linecap="round" stroke-linejoin="round" d="M15 12a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" /></svg>') }}
|
||||
<div x-show="open" x-cloak @click.outside="open = false" x-transition.origin.top.right
|
||||
Self-contained Alpine state + relative positioning; the host only places it
|
||||
(e.g. ml-auto in admin). The panel has NO id on purpose (see profile_menu.html
|
||||
for why — htmx hx-boost settles by id). #}
|
||||
<div x-data="{ isOpen: false, openedWithKeyboard: false }"
|
||||
x-on:keydown.esc.window="isOpen = false, openedWithKeyboard = false"
|
||||
class="relative">
|
||||
{{ ui::icon_button(aria_label=t(key='settings', lang=lang | default(value='sk')), attrs='x-on:click="isOpen = ! isOpen" x-on:keydown.space.prevent="openedWithKeyboard = true" x-on:keydown.enter.prevent="openedWithKeyboard = true" x-on:keydown.down.prevent="openedWithKeyboard = true" x-bind:aria-expanded="isOpen || openedWithKeyboard" aria-haspopup="true"', icon='<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="size-5"><path stroke-linecap="round" stroke-linejoin="round" d="M9.594 3.94c.09-.542.56-.94 1.11-.94h2.593c.55 0 1.02.398 1.11.94l.213 1.281c.063.374.313.686.645.87.074.04.147.083.22.127.324.196.72.257 1.075.124l1.217-.456a1.125 1.125 0 0 1 1.37.49l1.296 2.247a1.125 1.125 0 0 1-.26 1.431l-1.003.827c-.293.241-.438.613-.43.992a7.723 7.723 0 0 1 0 .255c-.008.378.137.75.43.991l1.004.827c.424.35.534.955.26 1.43l-1.298 2.247a1.125 1.125 0 0 1-1.369.491l-1.217-.456c-.355-.133-.75-.072-1.076.124a6.47 6.47 0 0 1-.22.128c-.331.183-.581.495-.644.869l-.213 1.281c-.09.543-.56.94-1.11.94h-2.594c-.55 0-1.019-.398-1.11-.94l-.213-1.281c-.062-.374-.312-.686-.644-.87a6.52 6.52 0 0 1-.22-.127c-.325-.196-.72-.257-1.076-.124l-1.217.456a1.125 1.125 0 0 1-1.369-.49l-1.297-2.247a1.125 1.125 0 0 1 .26-1.431l1.004-.827c.292-.24.437-.613.43-.991a6.932 6.932 0 0 1 0-.255c.007-.38-.138-.751-.43-.992l-1.004-.827a1.125 1.125 0 0 1-.26-1.43l1.297-2.247a1.125 1.125 0 0 1 1.37-.491l1.216.456c.356.133.751.072 1.076-.124.072-.044.146-.086.22-.128.332-.183.582-.495.644-.869l.214-1.28Z" /><path stroke-linecap="round" stroke-linejoin="round" d="M15 12a3 3 0 1 1-6 0 3 3 0 0 1 6 0Z" /></svg>') }}
|
||||
<div x-cloak x-show="isOpen || openedWithKeyboard" x-transition x-trap="openedWithKeyboard"
|
||||
x-on:click.outside="isOpen = false, openedWithKeyboard = false"
|
||||
x-on:keydown.down.prevent="$focus.wrap().next()" x-on:keydown.up.prevent="$focus.wrap().previous()"
|
||||
class="absolute right-0 mt-2 flex w-56 flex-col overflow-hidden rounded-radius border border-outline bg-surface-alt py-1 shadow-lg dark:border-outline-dark dark:bg-surface-dark-alt"
|
||||
role="menu">
|
||||
<form method="post" action="/lang" hx-boost="false">
|
||||
@@ -54,3 +58,4 @@
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
<form method="post" action="/checkout" hx-boost="false"
|
||||
x-data="{
|
||||
paymentMethod: '',
|
||||
accountType: '{{ prefill_account_type | default(value='personal') }}',
|
||||
carrier: '',
|
||||
carrierPrice: 0,
|
||||
requiresPoint: false,
|
||||
@@ -31,23 +32,73 @@
|
||||
class="mt-6 grid gap-8 lg:grid-cols-3">
|
||||
|
||||
<div class="space-y-6 lg:col-span-2">
|
||||
<!-- personal vs company. Fixed (read-only) for a logged-in account; a guest
|
||||
picks it and the choice will type any account they create. -->
|
||||
<fieldset class="space-y-3 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-type", lang=lang | default(value='sk')) }}</legend>
|
||||
{% if account_fixed %}
|
||||
<div class="flex items-center gap-2">
|
||||
{% if prefill_account_type == "company" %}
|
||||
{{ ui::badge(label=t(key="account-company", lang=lang | default(value='sk')), variant="primary") }}
|
||||
{% else %}
|
||||
{{ ui::badge(label=t(key="account-personal", lang=lang | default(value='sk')), variant="neutral") }}
|
||||
{% endif %}
|
||||
<span class="text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="account-type-locked", lang=lang | default(value='sk')) }}</span>
|
||||
</div>
|
||||
{% else %}
|
||||
<div class="grid gap-3 sm:grid-cols-2">
|
||||
<label class="flex cursor-pointer items-center gap-3 rounded-radius border border-outline px-4 py-3 transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
{{ ui::radio(name="account_type", value="personal", attrs='x-model="accountType"') }}
|
||||
<span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-personal", lang=lang | default(value='sk')) }}</span>
|
||||
</label>
|
||||
<label class="flex cursor-pointer items-center gap-3 rounded-radius border border-outline px-4 py-3 transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
{{ ui::radio(name="account_type", value="company", attrs='x-model="accountType"') }}
|
||||
<span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-company", lang=lang | default(value='sk')) }}</span>
|
||||
</label>
|
||||
</div>
|
||||
{% endif %}
|
||||
</fieldset>
|
||||
|
||||
<!-- company billing details (company accounts only) -->
|
||||
<fieldset x-show="accountType === 'company'" x-cloak class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="account-company-details", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="space-y-1.5">
|
||||
<label for="company_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-name", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="company_name", id="company_name", value=prefill_company_name | default(value=''), autocomplete="organization") }}
|
||||
</div>
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
<div class="space-y-1.5">
|
||||
<label for="company_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-ico", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="company_id", id="company_id", value=prefill_company_id | default(value='')) }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="tax_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-dic", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="tax_id", id="tax_id", value=prefill_tax_id | default(value='')) }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="vat_id" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="company-icdph", lang=lang | default(value='sk')) }} <span class="text-on-surface/50 dark:text-on-surface-dark/50">({{ t(key="field-optional", lang=lang | default(value='sk')) }})</span></label>
|
||||
{{ ui::input(name="vat_id", id="vat_id", value=prefill_vat_id | default(value='')) }}
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
<!-- contact -->
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-contact", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="space-y-1.5">
|
||||
<label for="email" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-email", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="email", id="email", type="email", required=true, autocomplete="email") }}
|
||||
<label for="email" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-email", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="email", id="email", type="email", value=prefill_email | default(value=''), required=true, autocomplete="email") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="customer_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-name", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="customer_name", id="customer_name", required=true, autocomplete="name") }}
|
||||
<label for="customer_name" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-name", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="customer_name", id="customer_name", value=prefill_name | default(value=''), required=true, autocomplete="name") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="phone" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-phone", lang=lang | default(value='sk')) }}</label>
|
||||
<label for="phone" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-phone", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
<div class="flex gap-2">
|
||||
<!-- editable combobox: type freely or pick from the dropdown -->
|
||||
<div class="relative w-28 shrink-0" @click.outside="prefixOpen = false"
|
||||
x-data="{ prefixOpen: false, prefix: '+421', opts: [
|
||||
x-data="{ prefixOpen: false, prefix: '{{ prefill_phone_prefix | default(value='+421') }}', opts: [
|
||||
{ v: '+421', l: '🇸🇰 +421' }, { v: '+420', l: '🇨🇿 +420' },
|
||||
{ v: '+43', l: '🇦🇹 +43' }, { v: '+49', l: '🇩🇪 +49' },
|
||||
{ v: '+48', l: '🇵🇱 +48' }, { v: '+36', l: '🇭🇺 +36' },
|
||||
@@ -71,7 +122,7 @@
|
||||
</template>
|
||||
</ul>
|
||||
</div>
|
||||
{{ ui::input(name="phone", id="phone", type="tel", required=true, autocomplete="tel", placeholder="900 000 000", attrs='inputmode="tel"') }}
|
||||
{{ ui::input(name="phone", id="phone", type="tel", value=prefill_phone | default(value=''), required=true, autocomplete="tel", placeholder="900 000 000", attrs='inputmode="tel"') }}
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
@@ -80,22 +131,22 @@
|
||||
<fieldset class="space-y-4 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-shipping", lang=lang | default(value='sk')) }}</legend>
|
||||
<div class="space-y-1.5">
|
||||
<label for="address" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-address", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="address", id="address", required=true, autocomplete="street-address") }}
|
||||
<label for="address" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-address", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="address", id="address", value=prefill_address | default(value=''), required=true, autocomplete="street-address") }}
|
||||
</div>
|
||||
<div class="grid gap-4 sm:grid-cols-3">
|
||||
<div class="space-y-1.5">
|
||||
<label for="city" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-city", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="city", id="city", required=true, autocomplete="address-level2") }}
|
||||
<label for="city" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-city", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="city", id="city", value=prefill_city | default(value=''), required=true, autocomplete="address-level2") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="zip" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-zip", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::input(name="zip", id="zip", required=true, autocomplete="postal-code") }}
|
||||
<label for="zip" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-zip", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
{{ ui::input(name="zip", id="zip", value=prefill_zip | default(value=''), required=true, autocomplete="postal-code") }}
|
||||
</div>
|
||||
<div class="space-y-1.5">
|
||||
<label for="country" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-country", lang=lang | default(value='sk')) }}</label>
|
||||
<label for="country" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-country", lang=lang | default(value='sk')) }}{{ ui::req() }}</label>
|
||||
<div class="relative" @click.outside="countryOpen = false"
|
||||
x-data="{ countryOpen: false, country: '{{ t(key='country-sk', lang=lang | default(value='sk')) }}', opts: [
|
||||
x-data="{ countryOpen: false, country: '{{ prefill_country | default(value=t(key='country-sk', lang=lang | default(value='sk'))) }}', opts: [
|
||||
{ v: '{{ t(key='country-sk', lang=lang | default(value='sk')) }}', l: '🇸🇰 {{ t(key='country-sk', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-cz', lang=lang | default(value='sk')) }}', l: '🇨🇿 {{ t(key='country-cz', lang=lang | default(value='sk')) }}' },
|
||||
{ v: '{{ t(key='country-at', lang=lang | default(value='sk')) }}', l: '🇦🇹 {{ t(key='country-at', lang=lang | default(value='sk')) }}' },
|
||||
@@ -126,7 +177,7 @@
|
||||
|
||||
<!-- carrier -->
|
||||
<fieldset class="space-y-3 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-carrier", lang=lang | default(value='sk')) }}</legend>
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-carrier", lang=lang | default(value='sk')) }}{{ ui::req() }}</legend>
|
||||
{% for m in shipping_methods %}
|
||||
<label class="flex cursor-pointer items-center justify-between gap-3 rounded-radius border border-outline px-4 py-3 transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
<span class="flex items-center gap-3">
|
||||
@@ -162,7 +213,7 @@
|
||||
|
||||
<!-- payment -->
|
||||
<fieldset class="space-y-3 rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-payment", lang=lang | default(value='sk')) }}</legend>
|
||||
<legend class="px-1 text-sm font-semibold text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-payment", lang=lang | default(value='sk')) }}{{ ui::req() }}</legend>
|
||||
<label class="flex cursor-pointer items-center gap-3 rounded-radius border border-outline px-4 py-3 transition has-[:checked]:border-primary dark:border-outline-dark dark:has-[:checked]:border-primary-dark">
|
||||
{{ ui::radio(name="payment_method", value="cod", attrs='required x-model="paymentMethod"') }}
|
||||
<span class="font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="payment-cod", lang=lang | default(value='sk')) }}</span>
|
||||
@@ -177,6 +228,20 @@
|
||||
<label for="note" class="text-sm font-medium text-on-surface-strong dark:text-on-surface-dark-strong">{{ t(key="checkout-note", lang=lang | default(value='sk')) }}</label>
|
||||
{{ ui::textarea(name="note", id="note", rows="3") }}
|
||||
</div>
|
||||
|
||||
{% if logged_in_customer and not profile_filled %}
|
||||
<!-- offered only when the profile has no saved address yet; if it was filled
|
||||
in advance we leave it untouched -->
|
||||
{{ ui::checkbox(name="save_profile", id="save_profile", label=t(key="checkout-save-profile", lang=lang | default(value='sk'))) }}
|
||||
{% endif %}
|
||||
|
||||
{% if can_create_account %}
|
||||
<!-- guests may turn this order into an account (typed by their choice above) -->
|
||||
<div class="space-y-1.5 rounded-radius border border-outline bg-surface p-4 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
{{ ui::checkbox(name="create_account", id="create_account", label=t(key="checkout-create-account", lang=lang | default(value='sk'))) }}
|
||||
<p class="pl-6 text-xs text-on-surface/60 dark:text-on-surface-dark/60">{{ t(key="checkout-create-account-hint", lang=lang | default(value='sk')) }}</p>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
<!-- summary -->
|
||||
|
||||
@@ -15,6 +15,12 @@
|
||||
<p class="mt-1 text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="order-confirmed-sub", lang=lang | default(value='sk')) }}</p>
|
||||
</div>
|
||||
|
||||
{% if account_created %}
|
||||
<div class="rounded-radius border border-primary/40 bg-primary/5 p-4 text-sm text-on-surface dark:border-primary-dark/40 dark:text-on-surface-dark" role="status">
|
||||
{{ t(key="order-account-created", lang=lang | default(value='sk')) }}
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="rounded-radius border border-outline bg-surface p-6 dark:border-outline-dark dark:bg-surface-dark-alt">
|
||||
<div class="flex flex-wrap justify-between gap-2 border-b border-outline pb-3 dark:border-outline-dark">
|
||||
<span class="text-sm text-on-surface/70 dark:text-on-surface-dark/70">{{ t(key="order-number", lang=lang | default(value='sk')) }}</span>
|
||||
|
||||
@@ -45,19 +45,24 @@ workers:
|
||||
|
||||
# Mailer Configuration.
|
||||
mailer:
|
||||
# SMTP mailer configuration.
|
||||
# SMTP mailer configuration. Defaults target a local catcher (MailHog/Mailpit
|
||||
# on localhost:1025); set the SMTP_* env vars to point at a real server. The
|
||||
# auth block is only emitted when SMTP_PASSWORD is provided, so the secret is
|
||||
# never stored here — pass it in at launch (e.g. from `pass`).
|
||||
smtp:
|
||||
# Enable/Disable smtp mailer.
|
||||
enable: true
|
||||
enable: {{ get_env(name="SMTP_ENABLE", default="true") }}
|
||||
# SMTP server host. e.x localhost, smtp.gmail.com
|
||||
host: localhost
|
||||
host: "{{ get_env(name="SMTP_HOST", default="localhost") }}"
|
||||
# SMTP server port
|
||||
port: 1025
|
||||
port: {{ get_env(name="SMTP_PORT", default="1025") }}
|
||||
# Use secure connection (SSL/TLS).
|
||||
secure: false
|
||||
# auth:
|
||||
# user:
|
||||
# password:
|
||||
secure: {{ get_env(name="SMTP_SECURE", default="false") }}
|
||||
{% if get_env(name="SMTP_PASSWORD", default="") != "" %}
|
||||
auth:
|
||||
user: "{{ get_env(name="SMTP_USER", default="") }}"
|
||||
password: "{{ get_env(name="SMTP_PASSWORD", default="") }}"
|
||||
{% endif %}
|
||||
# Override the SMTP hello name (default is the machine's hostname)
|
||||
# hello_name:
|
||||
|
||||
@@ -125,3 +130,30 @@ settings:
|
||||
# Bank-transfer payment details shown on the order confirmation.
|
||||
bank_iban: {{ get_env(name="BANK_IBAN", default="SK00 0000 0000 0000 0000 0000") }}
|
||||
bank_account_name: {{ get_env(name="BANK_ACCOUNT_NAME", default="Kompress s.r.o.") }}
|
||||
|
||||
# loco-oauth2: social login. Credentials come from .env (create them in the
|
||||
# Google Cloud console and register the redirect_url below as an authorized
|
||||
# redirect URI). Until OAUTH_CLIENT_ID/SECRET are set, the "Continue with
|
||||
# Google" button will fail at the consent screen — the rest of auth is unaffected.
|
||||
initializers:
|
||||
oauth2:
|
||||
# Key for the loco-oauth2 private cookie jar (>= 64 bytes). Override in prod.
|
||||
secret_key: {{ get_env(name="OAUTH_PRIVATE_KEY", default="144, 76, 183, 1, 15, 184, 233, 174, 214, 251, 190, 186, 122, 61, 74, 84, 225, 110, 189, 115, 10, 251, 133, 128, 52, 46, 15, 66, 85, 1, 245, 73, 27, 113, 189, 15, 209, 205, 61, 100, 73, 31, 18, 58, 235, 105, 141, 36, 70, 92, 231, 151, 27, 32, 243, 117, 30, 244, 110, 89, 233, 196, 137, 130") }}
|
||||
authorization_code:
|
||||
- client_identifier: google
|
||||
client_credentials:
|
||||
client_id: {{ get_env(name="OAUTH_CLIENT_ID", default="oauth_client_id") }}
|
||||
client_secret: {{ get_env(name="OAUTH_CLIENT_SECRET", default="oauth_client_secret") }}
|
||||
url_config:
|
||||
auth_url: {{ get_env(name="OAUTH_AUTH_URL", default="https://accounts.google.com/o/oauth2/auth") }}
|
||||
token_url: {{ get_env(name="OAUTH_TOKEN_URL", default="https://www.googleapis.com/oauth2/v3/token") }}
|
||||
redirect_url: {{ get_env(name="OAUTH_REDIRECT_URL", default="http://localhost:5150/api/oauth2/google/callback/cookie") }}
|
||||
profile_url: {{ get_env(name="OAUTH_PROFILE_URL", default="https://openidconnect.googleapis.com/v1/userinfo") }}
|
||||
scopes:
|
||||
- "https://www.googleapis.com/auth/userinfo.email"
|
||||
- "https://www.googleapis.com/auth/userinfo.profile"
|
||||
cookie_config:
|
||||
# After loco-oauth2 sets its session cookie it redirects here, where we
|
||||
# mint our own auth_token cookie (see controllers/oauth2.rs::complete).
|
||||
protected_url: {{ get_env(name="OAUTH_PROTECTED_URL", default="http://localhost:5150/api/oauth2/protected") }}
|
||||
timeout_seconds: 600
|
||||
|
||||
@@ -55,3 +55,25 @@ auth:
|
||||
settings:
|
||||
admin_email: "{{ get_env(name="ADMIN_EMAIL", default="") }}"
|
||||
uploads_root: "{{ get_env(name="UPLOADS_ROOT", default="data/uploads") }}"
|
||||
|
||||
# loco-oauth2 social login. All values must come from the environment in prod;
|
||||
# OAUTH_REDIRECT_URL / OAUTH_PROTECTED_URL must use the real public origin.
|
||||
initializers:
|
||||
oauth2:
|
||||
secret_key: "{{ get_env(name="OAUTH_PRIVATE_KEY") }}"
|
||||
authorization_code:
|
||||
- client_identifier: google
|
||||
client_credentials:
|
||||
client_id: "{{ get_env(name="OAUTH_CLIENT_ID") }}"
|
||||
client_secret: "{{ get_env(name="OAUTH_CLIENT_SECRET") }}"
|
||||
url_config:
|
||||
auth_url: "{{ get_env(name="OAUTH_AUTH_URL", default="https://accounts.google.com/o/oauth2/auth") }}"
|
||||
token_url: "{{ get_env(name="OAUTH_TOKEN_URL", default="https://www.googleapis.com/oauth2/v3/token") }}"
|
||||
redirect_url: "{{ get_env(name="OAUTH_REDIRECT_URL") }}"
|
||||
profile_url: "{{ get_env(name="OAUTH_PROFILE_URL", default="https://openidconnect.googleapis.com/v1/userinfo") }}"
|
||||
scopes:
|
||||
- "https://www.googleapis.com/auth/userinfo.email"
|
||||
- "https://www.googleapis.com/auth/userinfo.profile"
|
||||
cookie_config:
|
||||
protected_url: "{{ get_env(name="OAUTH_PROTECTED_URL") }}"
|
||||
timeout_seconds: 600
|
||||
|
||||
@@ -42,33 +42,58 @@ workers:
|
||||
|
||||
|
||||
# Mailer Configuration.
|
||||
# Defaults keep the whole suite on the in-memory stub mailer. The real-SMTP
|
||||
# smoke test (tests/mailer/smtp_send.rs) opts in by setting these env vars
|
||||
# before boot; nothing else in the suite sends real mail.
|
||||
mailer:
|
||||
stub: true
|
||||
stub: {{ get_env(name="MAILER_STUB", default="true") }}
|
||||
# SMTP mailer configuration.
|
||||
smtp:
|
||||
# Enable/Disable smtp mailer.
|
||||
enable: true
|
||||
enable: {{ get_env(name="SMTP_ENABLE", default="true") }}
|
||||
# SMTP server host. e.x localhost, smtp.gmail.com
|
||||
host: localhost
|
||||
host: "{{ get_env(name="SMTP_HOST", default="localhost") }}"
|
||||
# SMTP server port
|
||||
port: 1025
|
||||
port: {{ get_env(name="SMTP_PORT", default="1025") }}
|
||||
# Use secure connection (SSL/TLS).
|
||||
secure: false
|
||||
# auth:
|
||||
# user:
|
||||
# password:
|
||||
secure: {{ get_env(name="SMTP_SECURE", default="false") }}
|
||||
auth:
|
||||
user: "{{ get_env(name="SMTP_USER", default="") }}"
|
||||
password: "{{ get_env(name="SMTP_PASSWORD", default="") }}"
|
||||
|
||||
# Initializers Configuration
|
||||
# initializers:
|
||||
# oauth2:
|
||||
# authorization_code: # Authorization code grant type
|
||||
# - client_identifier: google # Identifier for the OAuth2 provider. Replace 'google' with your provider's name if different, must be unique within the oauth2 config.
|
||||
# ... other fields
|
||||
# OAuth2StoreInitializer requires this block to boot (it builds the client store
|
||||
# in after_routes). Static, non-secret placeholders: tests never perform a real
|
||||
# OAuth2 handshake, they just need the store to construct successfully.
|
||||
initializers:
|
||||
oauth2:
|
||||
# Private-cookie key: a ", "-separated list of >=64 byte values (not a
|
||||
# plain string). This is loco-oauth2's documented sample key; fine for tests.
|
||||
secret_key: "144, 76, 183, 1, 15, 184, 233, 174, 214, 251, 190, 186, 122, 61, 74, 84, 225, 110, 189, 115, 10, 251, 133, 128, 52, 46, 15, 66, 85, 1, 245, 73, 27, 113, 189, 15, 209, 205, 61, 100, 73, 31, 18, 58, 235, 105, 141, 36, 70, 92, 231, 151, 27, 32, 243, 117, 30, 244, 110, 89, 233, 196, 137, 130"
|
||||
authorization_code:
|
||||
- client_identifier: google
|
||||
client_credentials:
|
||||
client_id: test-client-id
|
||||
client_secret: test-client-secret
|
||||
url_config:
|
||||
auth_url: https://accounts.google.com/o/oauth2/auth
|
||||
token_url: https://www.googleapis.com/oauth2/v3/token
|
||||
redirect_url: http://localhost:5150/api/oauth2/google/callback
|
||||
profile_url: https://openidconnect.googleapis.com/v1/userinfo
|
||||
scopes:
|
||||
- https://www.googleapis.com/auth/userinfo.email
|
||||
- https://www.googleapis.com/auth/userinfo.profile
|
||||
cookie_config:
|
||||
protected_url: http://localhost:5150/
|
||||
timeout_seconds: 600
|
||||
|
||||
# Database Configuration
|
||||
database:
|
||||
# Database connection URI
|
||||
uri: {{ get_env(name="DATABASE_URL", default="postgres://uni_loco_web_user:3@localhost:5432/kompress_eshop_test") }}
|
||||
# Database connection URI. Pinned to the throwaway test DB and intentionally
|
||||
# NOT read from `DATABASE_URL`: the app loads `.env` on boot (app.rs
|
||||
# `load_config`), and this config has `dangerously_recreate: true`, so honoring
|
||||
# an env override here would let `cargo test` recreate the dev/prod database.
|
||||
uri: "postgres://uni_loco_web_user:3@localhost:5432/kompress_eshop_test"
|
||||
# When enabled, the sql query will be logged.
|
||||
enable_logging: false
|
||||
# Set the timeout duration when acquiring a connection.
|
||||
|
||||
104
docs/integrations/google-oauth.md
Normal file
104
docs/integrations/google-oauth.md
Normal file
@@ -0,0 +1,104 @@
|
||||
# Google OAuth2 sign-in
|
||||
|
||||
"Continue with Google" on `/login` and `/register` is wired through
|
||||
[`loco-oauth2`](https://github.com/yinho999/loco-oauth2). The code is complete
|
||||
and compiles; this doc is the checklist to make the live flow work. Until the
|
||||
credentials below are set, the button reaches Google and fails at the consent
|
||||
screen — the rest of auth (password login, registration, verification) is
|
||||
unaffected.
|
||||
|
||||
## How the flow works (for context)
|
||||
|
||||
1. User clicks **Continue with Google** → `GET /api/oauth2/google` redirects to
|
||||
Google's consent screen.
|
||||
2. Google redirects back to `GET /api/oauth2/google/callback/cookie`.
|
||||
loco-oauth2 exchanges the code, fetches the profile, upserts the user
|
||||
(`OAuth2UserTrait::upsert_with_oauth`), stores an `o_auth2_sessions` row, sets
|
||||
its own private session cookie, and redirects to `protected_url`.
|
||||
3. `protected_url` = `GET /api/oauth2/protected` (our bridge,
|
||||
`controllers/oauth2.rs::complete`). It mints **our** `auth_token` JWT cookie
|
||||
and redirects: admins (email == `ADMIN_EMAIL`) → `/admin/dashboard`,
|
||||
everyone else → `/`.
|
||||
|
||||
From there the user is a normal logged-in user (same JWT cookie as a password
|
||||
login; the Casbin layer and guards treat them identically).
|
||||
|
||||
## 1. Create Google OAuth credentials
|
||||
|
||||
1. Go to <https://console.cloud.google.com/> → create/select a project.
|
||||
2. **APIs & Services → OAuth consent screen**: configure it (External), add the
|
||||
`.../auth/userinfo.email` and `.../auth/userinfo.profile` scopes, and add
|
||||
your Google account as a **test user** while the app is in "Testing".
|
||||
3. **APIs & Services → Credentials → Create Credentials → OAuth client ID**:
|
||||
- Application type: **Web application**.
|
||||
- **Authorized redirect URIs** — add exactly (must match the config's
|
||||
`redirect_url`, no trailing slash):
|
||||
- dev: `http://localhost:5150/api/oauth2/google/callback/cookie`
|
||||
- prod: `https://YOUR_DOMAIN/api/oauth2/google/callback/cookie`
|
||||
4. Copy the generated **Client ID** and **Client secret**.
|
||||
|
||||
## 2. Set environment variables (`.env`)
|
||||
|
||||
Read by `config/development.yaml` → `initializers.oauth2` (and the prod
|
||||
equivalent). dotenvy loads `.env` on boot.
|
||||
|
||||
```bash
|
||||
# Required
|
||||
OAUTH_CLIENT_ID=xxxxxxxx.apps.googleusercontent.com
|
||||
OAUTH_CLIENT_SECRET=xxxxxxxx
|
||||
|
||||
# Required in PRODUCTION (dev has working defaults)
|
||||
OAUTH_PRIVATE_KEY="comma,separated,bytes >= 64 long" # key for loco-oauth2's private cookie jar
|
||||
OAUTH_REDIRECT_URL=https://YOUR_DOMAIN/api/oauth2/google/callback/cookie
|
||||
OAUTH_PROTECTED_URL=https://YOUR_DOMAIN/api/oauth2/protected
|
||||
```
|
||||
|
||||
Notes:
|
||||
- **dev** ships defaults for everything except `OAUTH_CLIENT_ID` /
|
||||
`OAUTH_CLIENT_SECRET`, so locally you only need those two.
|
||||
- `OAUTH_PRIVATE_KEY` must be ≥ 64 bytes (the dev default is a sample key — do
|
||||
**not** reuse it in production). Generate a fresh one, e.g.
|
||||
`python3 -c "import os;print(','.join(str(b) for b in os.urandom(64)))"`.
|
||||
- `OAUTH_REDIRECT_URL` here and the Authorized redirect URI in the Google
|
||||
console must be byte-for-byte identical.
|
||||
|
||||
## 3. Run / test
|
||||
|
||||
```bash
|
||||
nix develop -c cargo loco start # MUST be inside nix develop (OpenSSL link, see memory)
|
||||
```
|
||||
|
||||
- `auto_migrate: true` (dev) creates the `o_auth2_sessions` table on boot.
|
||||
- Open `http://localhost:5150/login` → **Continue with Google** → consent →
|
||||
you should land back on `/` logged in (cart/nav reflect the session).
|
||||
|
||||
## 4. Production checklist
|
||||
|
||||
- [ ] Separate OAuth client (or at least the prod redirect URI) in Google.
|
||||
- [ ] OAuth consent screen **published** (not just "Testing"), or real users
|
||||
get blocked.
|
||||
- [ ] `OAUTH_PRIVATE_KEY` set to a fresh ≥64-byte key (not the dev sample).
|
||||
- [ ] `OAUTH_REDIRECT_URL` / `OAUTH_PROTECTED_URL` use the real `https://` origin.
|
||||
- [ ] `server.host` / public origin correct so cookies + redirects resolve.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
| Symptom | Cause / fix |
|
||||
|---|---|
|
||||
| `redirect_uri_mismatch` at Google | Authorized redirect URI ≠ `OAUTH_REDIRECT_URL`. Make them identical (scheme, host, port, path, no trailing slash). |
|
||||
| 403 / "access blocked: app not verified" | Add your account as a test user, or publish the consent screen. |
|
||||
| `openssl-sys ... Could not find directory` at build | You ran `cargo` outside the dev shell. Use `nix develop -c cargo ...`. |
|
||||
| Callback 500 / "could not create oauth2 store" | `initializers.oauth2` missing/invalid, or `OAUTH_PRIVATE_KEY` < 64 bytes. |
|
||||
| Logged into Google but not into the app | The bridge (`/api/oauth2/protected`) didn't run — check `protected_url` (`OAUTH_PROTECTED_URL`) points at it. |
|
||||
|
||||
## Where things live
|
||||
|
||||
- Config: `config/development.yaml` / `config/production.yaml` →
|
||||
`initializers.oauth2`
|
||||
- Client store + session initializers: `src/initializers/oauth2.rs`,
|
||||
`src/initializers/oauth2_session.rs`
|
||||
- Routes + bridge handler: `src/controllers/oauth2.rs`
|
||||
- User upsert (random password per advisory LOC-2025-04): `src/models/users.rs`
|
||||
(`OAuth2UserTrait`)
|
||||
- Session table: `src/models/o_auth2_sessions.rs` +
|
||||
`migration/.../m20260618_000001_o_auth2_sessions.rs`
|
||||
@@ -86,7 +86,10 @@
|
||||
buildInputs = [
|
||||
rust
|
||||
pkgs.pkg-config
|
||||
# OpenSSL for crypto dependencies (loco-oauth2 -> oauth2/reqwest
|
||||
# use native-tls); .dev provides headers + pkg-config metadata.
|
||||
pkgs.openssl
|
||||
pkgs.openssl.dev
|
||||
pkgs.cmake
|
||||
pkgs.llvmPackages.clang
|
||||
pkgs.llvmPackages.libclang.lib
|
||||
|
||||
@@ -13,7 +13,7 @@ loco-rs = { workspace = true }
|
||||
|
||||
|
||||
[dependencies.sea-orm-migration]
|
||||
version = "1.1.0"
|
||||
version = "1.1.20"
|
||||
features = [
|
||||
# Enable at least one `ASYNC_RUNTIME` and `DATABASE_DRIVER` feature if you want to run migration via CLI.
|
||||
# View the list of supported features at https://www.sea-ql.org/SeaORM/docs/install-and-config/database-and-async-runtime.
|
||||
|
||||
@@ -30,6 +30,10 @@ mod m20260616_160000_add_parent_to_categories;
|
||||
mod m20260617_000001_add_carrier_to_shipping_methods;
|
||||
mod m20260617_000002_add_shipment_to_orders;
|
||||
mod m20260617_000003_add_phone_to_orders;
|
||||
mod m20260618_000001_o_auth2_sessions;
|
||||
mod m20260618_000002_customer_profiles;
|
||||
mod m20260618_000003_account_type;
|
||||
mod m20260618_000004_account_ownership;
|
||||
pub struct Migrator;
|
||||
|
||||
#[async_trait::async_trait]
|
||||
@@ -64,6 +68,10 @@ impl MigratorTrait for Migrator {
|
||||
Box::new(m20260617_000001_add_carrier_to_shipping_methods::Migration),
|
||||
Box::new(m20260617_000002_add_shipment_to_orders::Migration),
|
||||
Box::new(m20260617_000003_add_phone_to_orders::Migration),
|
||||
Box::new(m20260618_000001_o_auth2_sessions::Migration),
|
||||
Box::new(m20260618_000002_customer_profiles::Migration),
|
||||
Box::new(m20260618_000003_account_type::Migration),
|
||||
Box::new(m20260618_000004_account_ownership::Migration),
|
||||
// inject-above (do not remove this comment)
|
||||
]
|
||||
}
|
||||
|
||||
29
migration/src/m20260618_000001_o_auth2_sessions.rs
Normal file
29
migration/src/m20260618_000001_o_auth2_sessions.rs
Normal file
@@ -0,0 +1,29 @@
|
||||
use loco_rs::schema::*;
|
||||
use sea_orm_migration::prelude::*;
|
||||
|
||||
#[derive(DeriveMigrationName)]
|
||||
pub struct Migration;
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl MigrationTrait for Migration {
|
||||
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
// OAuth2 session store used by loco-oauth2 to correlate the provider's
|
||||
// access token with a local user during the callback flow. `user` adds
|
||||
// a user_id FK to the users table.
|
||||
create_table(
|
||||
m,
|
||||
"o_auth2_sessions",
|
||||
&[
|
||||
("id", ColType::PkAuto),
|
||||
("session_id", ColType::StringUniq),
|
||||
("expires_at", ColType::TimestampWithTimeZone),
|
||||
],
|
||||
&[("user", "")],
|
||||
)
|
||||
.await
|
||||
}
|
||||
|
||||
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
drop_table(m, "o_auth2_sessions").await
|
||||
}
|
||||
}
|
||||
44
migration/src/m20260618_000002_customer_profiles.rs
Normal file
44
migration/src/m20260618_000002_customer_profiles.rs
Normal file
@@ -0,0 +1,44 @@
|
||||
use loco_rs::schema::*;
|
||||
use sea_orm_migration::prelude::*;
|
||||
|
||||
#[derive(DeriveMigrationName)]
|
||||
pub struct Migration;
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl MigrationTrait for Migration {
|
||||
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
// One shipping/contact profile per customer, used to prefill the
|
||||
// checkout form. `name`/`email` already live on `users`; this table
|
||||
// holds only the address + phone fields. `user` adds a user_id FK; the
|
||||
// unique index below makes the relationship 1:1.
|
||||
create_table(
|
||||
m,
|
||||
"customer_profiles",
|
||||
&[
|
||||
("id", ColType::PkAuto),
|
||||
("phone_prefix", ColType::StringNull),
|
||||
("phone", ColType::StringNull),
|
||||
("address", ColType::StringNull),
|
||||
("city", ColType::StringNull),
|
||||
("zip", ColType::StringNull),
|
||||
("country", ColType::StringNull),
|
||||
],
|
||||
&[("user", "")],
|
||||
)
|
||||
.await?;
|
||||
|
||||
m.create_index(
|
||||
Index::create()
|
||||
.name("idx_customer_profiles_user_id_unique")
|
||||
.table(Alias::new("customer_profiles"))
|
||||
.col(Alias::new("user_id"))
|
||||
.unique()
|
||||
.to_owned(),
|
||||
)
|
||||
.await
|
||||
}
|
||||
|
||||
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
drop_table(m, "customer_profiles").await
|
||||
}
|
||||
}
|
||||
39
migration/src/m20260618_000003_account_type.rs
Normal file
39
migration/src/m20260618_000003_account_type.rs
Normal file
@@ -0,0 +1,39 @@
|
||||
use loco_rs::schema::*;
|
||||
use sea_orm_migration::prelude::*;
|
||||
|
||||
#[derive(DeriveMigrationName)]
|
||||
pub struct Migration;
|
||||
|
||||
// Personal vs company purchasing. `account_type` is "personal" or "company";
|
||||
// the company_* columns hold the Slovak invoicing identifiers (IČO, DIČ and the
|
||||
// optional VAT id IČ DPH) and are only filled for company accounts/orders.
|
||||
const COMPANY_COLUMNS: [&str; 4] = ["company_name", "company_id", "tax_id", "vat_id"];
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl MigrationTrait for Migration {
|
||||
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
for table in ["customer_profiles", "orders"] {
|
||||
add_column(
|
||||
m,
|
||||
table,
|
||||
"account_type",
|
||||
ColType::StringWithDefault("personal".to_string()),
|
||||
)
|
||||
.await?;
|
||||
for col in COMPANY_COLUMNS {
|
||||
add_column(m, table, col, ColType::StringNull).await?;
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
for table in ["customer_profiles", "orders"] {
|
||||
remove_column(m, table, "account_type").await?;
|
||||
for col in COMPANY_COLUMNS {
|
||||
remove_column(m, table, col).await?;
|
||||
}
|
||||
}
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
38
migration/src/m20260618_000004_account_ownership.rs
Normal file
38
migration/src/m20260618_000004_account_ownership.rs
Normal file
@@ -0,0 +1,38 @@
|
||||
use loco_rs::schema::*;
|
||||
use sea_orm_migration::prelude::*;
|
||||
|
||||
#[derive(DeriveMigrationName)]
|
||||
pub struct Migration;
|
||||
|
||||
// Account type becomes a permanent property of the *user* (chosen at
|
||||
// registration, never switchable), so it moves off `customer_profiles`. Orders
|
||||
// gain a nullable `user_id` linking them to the account that placed them
|
||||
// (null for guest orders that didn't create an account).
|
||||
#[async_trait::async_trait]
|
||||
impl MigrationTrait for Migration {
|
||||
async fn up(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
add_column(
|
||||
m,
|
||||
"users",
|
||||
"account_type",
|
||||
ColType::StringWithDefault("personal".to_string()),
|
||||
)
|
||||
.await?;
|
||||
add_column(m, "orders", "user_id", ColType::IntegerNull).await?;
|
||||
remove_column(m, "customer_profiles", "account_type").await?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
async fn down(&self, m: &SchemaManager) -> Result<(), DbErr> {
|
||||
add_column(
|
||||
m,
|
||||
"customer_profiles",
|
||||
"account_type",
|
||||
ColType::StringWithDefault("personal".to_string()),
|
||||
)
|
||||
.await?;
|
||||
remove_column(m, "orders", "user_id").await?;
|
||||
remove_column(m, "users", "account_type").await?;
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
@@ -17,8 +17,9 @@ use std::{path::Path, sync::Arc};
|
||||
#[allow(unused_imports)]
|
||||
use crate::{
|
||||
controllers::{
|
||||
admin_categories, admin_dashboard, admin_form, admin_orders,
|
||||
admin_products, admin_shipping, auth, auth_pages, cart, checkout, home, i18n, media, shop,
|
||||
account, admin_categories, admin_dashboard, admin_form, admin_orders,
|
||||
admin_products, admin_shipping, auth, auth_pages, cart, checkout, home, i18n, media, oauth2,
|
||||
shop,
|
||||
},
|
||||
initializers,
|
||||
models::_entities::users,
|
||||
@@ -75,6 +76,8 @@ impl Hooks for App {
|
||||
Box::new(initializers::view_engine::ViewEngineInitializer),
|
||||
Box::new(initializers::admin_seeder::AdminSeeder),
|
||||
Box::new(initializers::shipping_seeder::ShippingSeeder),
|
||||
Box::new(initializers::oauth2::OAuth2StoreInitializer),
|
||||
Box::new(initializers::oauth2_session::OAuth2SessionInitializer),
|
||||
])
|
||||
}
|
||||
|
||||
@@ -88,6 +91,8 @@ impl Hooks for App {
|
||||
// cross-cutting
|
||||
.add_route(auth::routes())
|
||||
.add_route(auth_pages::routes())
|
||||
.add_route(account::routes())
|
||||
.add_route(oauth2::routes())
|
||||
.add_route(i18n::routes())
|
||||
.add_route(media::routes())
|
||||
// admin
|
||||
|
||||
374
src/controllers/account.rs
Normal file
374
src/controllers/account.rs
Normal file
@@ -0,0 +1,374 @@
|
||||
//! Customer account area. Currently just the shipping/contact profile, whose
|
||||
//! fields prefill the checkout form. Gated to authenticated non-admin users:
|
||||
//! anonymous visitors are bounced to `/login`. Admins have their own area and
|
||||
//! are sent to the dashboard.
|
||||
//!
|
||||
//! The account *type* (personal vs company) is fixed at registration and lives
|
||||
//! on the user — it is shown here read-only and can never be changed. The
|
||||
//! profile only edits the type-specific details (company identity + address).
|
||||
|
||||
use axum_extra::extract::cookie::CookieJar;
|
||||
use loco_rs::prelude::*;
|
||||
use sea_orm::QueryOrder;
|
||||
use serde::Deserialize;
|
||||
use serde_json::json;
|
||||
|
||||
use crate::{
|
||||
controllers::i18n::current_lang,
|
||||
models::{
|
||||
customer_profiles::{self, ProfileFields},
|
||||
order_items, orders, users,
|
||||
},
|
||||
shared::{guard, settings},
|
||||
views::checkout as order_view,
|
||||
};
|
||||
|
||||
/// Active (still-being-fulfilled) order statuses. Anything else
|
||||
/// (`delivered`, `cancelled`) is considered closed/past.
|
||||
const ACTIVE_STATUSES: [&str; 3] = ["pending", "paid", "shipped"];
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
struct ProfileForm {
|
||||
first_name: Option<String>,
|
||||
last_name: Option<String>,
|
||||
company_name: Option<String>,
|
||||
company_id: Option<String>,
|
||||
tax_id: Option<String>,
|
||||
vat_id: Option<String>,
|
||||
phone_prefix: Option<String>,
|
||||
phone: Option<String>,
|
||||
address: Option<String>,
|
||||
city: Option<String>,
|
||||
zip: Option<String>,
|
||||
country: Option<String>,
|
||||
}
|
||||
|
||||
fn trimmed(value: Option<&str>) -> Option<String> {
|
||||
value.map(str::trim).filter(|v| !v.is_empty()).map(String::from)
|
||||
}
|
||||
|
||||
/// Split a stored full name into (first name, surname). The surname is
|
||||
/// everything after the first whitespace, so multi-word surnames round-trip.
|
||||
fn split_name(name: &str) -> (String, String) {
|
||||
match name.trim().split_once(char::is_whitespace) {
|
||||
Some((first, rest)) => (first.to_string(), rest.trim().to_string()),
|
||||
None => (name.trim().to_string(), String::new()),
|
||||
}
|
||||
}
|
||||
|
||||
/// Recombine the two name fields into the single stored `name`. Returns `None`
|
||||
/// when the result is too short to be a valid name (the user can't blank it out).
|
||||
fn full_name_from_form(form: &ProfileForm) -> Option<String> {
|
||||
let first = form.first_name.as_deref().unwrap_or("").trim();
|
||||
let last = form.last_name.as_deref().unwrap_or("").trim();
|
||||
let full = format!("{first} {last}").trim().to_string();
|
||||
(full.chars().count() >= 2).then_some(full)
|
||||
}
|
||||
|
||||
/// Build the persisted fields from the submitted form. Company identifiers are
|
||||
/// only kept for company accounts (a personal account can never carry them).
|
||||
fn fields_from_form(form: &ProfileForm, is_company: bool) -> ProfileFields {
|
||||
let company = |v: Option<&str>| if is_company { trimmed(v) } else { None };
|
||||
ProfileFields {
|
||||
company_name: company(form.company_name.as_deref()),
|
||||
company_id: company(form.company_id.as_deref()),
|
||||
tax_id: company(form.tax_id.as_deref()),
|
||||
vat_id: company(form.vat_id.as_deref()),
|
||||
phone_prefix: trimmed(form.phone_prefix.as_deref()),
|
||||
phone: trimmed(form.phone.as_deref()),
|
||||
address: trimmed(form.address.as_deref()),
|
||||
city: trimmed(form.city.as_deref()),
|
||||
zip: trimmed(form.zip.as_deref()),
|
||||
country: trimmed(form.country.as_deref()),
|
||||
}
|
||||
}
|
||||
|
||||
/// The profile fields held by a saved profile, for re-prefilling the form.
|
||||
fn fields_of(profile: Option<&customer_profiles::Model>) -> ProfileFields {
|
||||
match profile {
|
||||
Some(p) => ProfileFields {
|
||||
company_name: p.company_name.clone(),
|
||||
company_id: p.company_id.clone(),
|
||||
tax_id: p.tax_id.clone(),
|
||||
vat_id: p.vat_id.clone(),
|
||||
phone_prefix: p.phone_prefix.clone(),
|
||||
phone: p.phone.clone(),
|
||||
address: p.address.clone(),
|
||||
city: p.city.clone(),
|
||||
zip: p.zip.clone(),
|
||||
country: p.country.clone(),
|
||||
},
|
||||
None => ProfileFields::default(),
|
||||
}
|
||||
}
|
||||
|
||||
/// A company account must carry its invoicing identity (company name + IČO +
|
||||
/// DIČ; IČ DPH stays optional). Personal accounts have no such requirement.
|
||||
fn company_fields_missing(fields: &ProfileFields) -> bool {
|
||||
fields.company_name.is_none() || fields.company_id.is_none() || fields.tax_id.is_none()
|
||||
}
|
||||
|
||||
/// Render the profile form for `user`, prefilled from `fields`. `saved` shows
|
||||
/// the success banner; `error` shows the company-required validation message.
|
||||
fn profile_view(
|
||||
v: &TeraView,
|
||||
jar: &CookieJar,
|
||||
user: &users::Model,
|
||||
fields: &ProfileFields,
|
||||
saved: bool,
|
||||
error: bool,
|
||||
) -> Result<Response> {
|
||||
let (first_name, last_name) = split_name(&user.name);
|
||||
format::view(
|
||||
v,
|
||||
"account/profile.html",
|
||||
json!({
|
||||
"logged_in_admin": false,
|
||||
"logged_in_customer": true,
|
||||
"account_nav": true,
|
||||
"customer_name": user.name,
|
||||
"customer_account_type": user.account_type,
|
||||
"saved": saved,
|
||||
"error": error,
|
||||
"name": user.name,
|
||||
"first_name": first_name,
|
||||
"last_name": last_name,
|
||||
"email": user.email,
|
||||
"account_type": user.account_type,
|
||||
"company_name": fields.company_name,
|
||||
"company_id": fields.company_id,
|
||||
"tax_id": fields.tax_id,
|
||||
"vat_id": fields.vat_id,
|
||||
"phone_prefix": fields.phone_prefix,
|
||||
"phone": fields.phone,
|
||||
"address": fields.address,
|
||||
"city": fields.city,
|
||||
"zip": fields.zip,
|
||||
"country": fields.country,
|
||||
"lang": current_lang(jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn profile_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
let profile = customer_profiles::Model::find_for_user(&ctx.db, user.id).await?;
|
||||
profile_view(&v, &jar, &user, &fields_of(profile.as_ref()), false, false)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn save_profile(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Form(form): Form<ProfileForm>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
// Apply the edited name to a working copy so it's reflected on both the
|
||||
// success and re-rendered-error views. A blank/too-short name is ignored —
|
||||
// the field can't be cleared.
|
||||
let mut user = user;
|
||||
let new_name = full_name_from_form(&form).filter(|n| *n != user.name);
|
||||
if let Some(name) = new_name.clone() {
|
||||
user.name = name;
|
||||
}
|
||||
let fields = fields_from_form(&form, user.is_company());
|
||||
// A company account's profile is rejected (and re-shown with the entered
|
||||
// values) until it carries its required identifiers.
|
||||
if user.is_company() && company_fields_missing(&fields) {
|
||||
return profile_view(&v, &jar, &user, &fields, false, true);
|
||||
}
|
||||
if let Some(name) = new_name {
|
||||
let mut active = user.clone().into_active_model();
|
||||
active.name = ActiveValue::set(name);
|
||||
active.update(&ctx.db).await?;
|
||||
}
|
||||
customer_profiles::Model::upsert(&ctx.db, user.id, fields.clone()).await?;
|
||||
profile_view(&v, &jar, &user, &fields, true, false)
|
||||
}
|
||||
|
||||
/// Lists the signed-in customer's orders, split into still-active and past.
|
||||
#[debug_handler]
|
||||
async fn orders_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
let rows = orders::Entity::find()
|
||||
.filter(orders::Column::UserId.eq(user.id))
|
||||
.order_by_desc(orders::Column::CreatedAt)
|
||||
.all(&ctx.db)
|
||||
.await?;
|
||||
let (active, past): (Vec<_>, Vec<_>) = rows
|
||||
.iter()
|
||||
.partition(|o| ACTIVE_STATUSES.contains(&o.status.as_str()));
|
||||
let shape = |list: Vec<&orders::Model>| -> Vec<_> {
|
||||
list.into_iter().map(order_view::summary).collect()
|
||||
};
|
||||
|
||||
format::view(
|
||||
&v,
|
||||
"account/orders.html",
|
||||
json!({
|
||||
"logged_in_admin": false,
|
||||
"logged_in_customer": true,
|
||||
"account_nav": true,
|
||||
"customer_name": user.name,
|
||||
"customer_account_type": user.account_type,
|
||||
"active_orders": shape(active),
|
||||
"past_orders": shape(past),
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
/// Shows a single order belonging to the signed-in customer. Orders owned by
|
||||
/// someone else (or guest orders) are not found here.
|
||||
#[debug_handler]
|
||||
async fn order_detail_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Path(order_number): Path<String>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
let order = orders::Entity::find()
|
||||
.filter(orders::Column::OrderNumber.eq(order_number))
|
||||
.one(&ctx.db)
|
||||
.await?
|
||||
.filter(|o| o.user_id == Some(user.id))
|
||||
.ok_or_else(|| Error::NotFound)?;
|
||||
let items = order_items::Entity::find()
|
||||
.filter(order_items::Column::OrderId.eq(order.id))
|
||||
.all(&ctx.db)
|
||||
.await?;
|
||||
|
||||
format::view(
|
||||
&v,
|
||||
"account/order_detail.html",
|
||||
json!({
|
||||
"logged_in_admin": false,
|
||||
"logged_in_customer": true,
|
||||
"account_nav": true,
|
||||
"customer_name": user.name,
|
||||
"customer_account_type": user.account_type,
|
||||
"order": order_view::detail(
|
||||
&order,
|
||||
settings::get(&ctx, "bank_iban").unwrap_or(""),
|
||||
settings::get(&ctx, "bank_account_name").unwrap_or(""),
|
||||
),
|
||||
"items": order_view::items(&items),
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
struct ChangePasswordForm {
|
||||
current_password: String,
|
||||
password: String,
|
||||
password_confirm: String,
|
||||
}
|
||||
|
||||
fn password_view(
|
||||
v: &TeraView,
|
||||
jar: &CookieJar,
|
||||
user: &users::Model,
|
||||
changed: bool,
|
||||
error: Option<&str>,
|
||||
) -> Result<Response> {
|
||||
format::view(
|
||||
v,
|
||||
"account/password.html",
|
||||
json!({
|
||||
"logged_in_admin": false,
|
||||
"logged_in_customer": true,
|
||||
"account_nav": true,
|
||||
"customer_name": user.name,
|
||||
"customer_account_type": user.account_type,
|
||||
"changed": changed,
|
||||
"error": error,
|
||||
"lang": current_lang(jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn change_password_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
password_view(&v, &jar, &user, false, None)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn change_password(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Form(form): Form<ChangePasswordForm>,
|
||||
) -> Result<Response> {
|
||||
let Some(user) = guard::current_user(&ctx, &jar).await else {
|
||||
return format::redirect("/login");
|
||||
};
|
||||
if guard::is_admin(&ctx, &user) {
|
||||
return format::redirect("/admin/dashboard");
|
||||
}
|
||||
if !user.verify_password(&form.current_password) {
|
||||
return password_view(&v, &jar, &user, false, Some("current"));
|
||||
}
|
||||
if form.password != form.password_confirm {
|
||||
return password_view(&v, &jar, &user, false, Some("mismatch"));
|
||||
}
|
||||
if form.password.len() < 8 {
|
||||
return password_view(&v, &jar, &user, false, Some("weak"));
|
||||
}
|
||||
let user = user
|
||||
.into_active_model()
|
||||
.reset_password(&ctx.db, &form.password)
|
||||
.await?;
|
||||
password_view(&v, &jar, &user, true, None)
|
||||
}
|
||||
|
||||
pub fn routes() -> Routes {
|
||||
Routes::new()
|
||||
.add("/account/profile", get(profile_page))
|
||||
.add("/account/profile", post(save_profile))
|
||||
.add("/account/orders", get(orders_page))
|
||||
.add("/account/orders/{order_number}", get(order_detail_page))
|
||||
.add("/account/password", get(change_password_page))
|
||||
.add("/account/password", post(change_password))
|
||||
}
|
||||
@@ -14,7 +14,8 @@ use crate::{
|
||||
shared::{guard, settings},
|
||||
};
|
||||
|
||||
pub(crate) const ORDER_STATUSES: [&str; 4] = ["pending", "paid", "shipped", "cancelled"];
|
||||
pub(crate) const ORDER_STATUSES: [&str; 5] =
|
||||
["pending", "paid", "shipped", "delivered", "cancelled"];
|
||||
|
||||
/// Fallback parcel weight when products carry no weight of their own.
|
||||
const DEFAULT_PARCEL_WEIGHT_GRAMS: i32 = 1000;
|
||||
|
||||
@@ -106,13 +106,50 @@ async fn register_page(
|
||||
register_view(&v, &jar, None)
|
||||
}
|
||||
|
||||
/// Registration form. The name is no longer collected from the user — it is
|
||||
/// derived from the email — and the password is entered twice to guard against
|
||||
/// typos.
|
||||
#[derive(Debug, serde::Deserialize)]
|
||||
struct RegisterForm {
|
||||
email: String,
|
||||
password: String,
|
||||
password_confirm: String,
|
||||
#[serde(default)]
|
||||
account_type: Option<String>,
|
||||
}
|
||||
|
||||
/// Derive a display name from an email address (its local part), falling back to
|
||||
/// the full address when the local part is too short for the name validator.
|
||||
fn name_from_email(email: &str) -> String {
|
||||
let local = email.split('@').next().unwrap_or("").trim();
|
||||
if local.chars().count() >= 2 {
|
||||
local.to_string()
|
||||
} else {
|
||||
email.trim().to_string()
|
||||
}
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn register(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Form(params): Form<RegisterParams>,
|
||||
Form(form): Form<RegisterForm>,
|
||||
) -> Result<Response> {
|
||||
if form.password != form.password_confirm {
|
||||
return register_view(&v, &jar, Some("mismatch"));
|
||||
}
|
||||
if form.password.len() < 8 {
|
||||
return register_view(&v, &jar, Some("weak"));
|
||||
}
|
||||
|
||||
let params = RegisterParams {
|
||||
name: name_from_email(&form.email),
|
||||
email: form.email,
|
||||
password: form.password,
|
||||
account_type: form.account_type,
|
||||
};
|
||||
|
||||
let user = match users::Model::create_with_password(&ctx.db, ¶ms).await {
|
||||
Ok(user) => user,
|
||||
Err(ModelError::EntityAlreadyExists {}) => {
|
||||
@@ -185,6 +222,127 @@ fn verified_view(v: &TeraView, jar: &CookieJar, ok: bool) -> Result<Response> {
|
||||
)
|
||||
}
|
||||
|
||||
/// Resend the email-verification link. Throttled per account (see
|
||||
/// [`users::Model::verification_resend_wait_secs`]) so it can't be used to spam
|
||||
/// an inbox, and always returns the same neutral message so it can't be used to
|
||||
/// probe which addresses are registered.
|
||||
#[derive(Debug, serde::Deserialize)]
|
||||
struct ResendVerificationForm {
|
||||
email: String,
|
||||
}
|
||||
|
||||
fn resend_verification_view(v: &TeraView, jar: &CookieJar, done: bool) -> Result<Response> {
|
||||
format::view(
|
||||
v,
|
||||
"auth/resend_verification.html",
|
||||
json!({
|
||||
"done": done,
|
||||
"logged_in_admin": false,
|
||||
"lang": current_lang(jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn resend_verification_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
) -> Result<Response> {
|
||||
resend_verification_view(&v, &jar, false)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn resend_verification(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Form(form): Form<ResendVerificationForm>,
|
||||
) -> Result<Response> {
|
||||
// Resend only for a real, still-unverified account that is past its cooldown.
|
||||
// Anything else (unknown email, already verified, too soon) silently does
|
||||
// nothing — the response is identical either way.
|
||||
if let Ok(user) = users::Model::find_by_email(&ctx.db, form.email.trim()).await {
|
||||
if user.email_verified_at.is_none() && user.verification_resend_wait_secs() == 0 {
|
||||
match user.into_active_model().set_email_verification_sent(&ctx.db).await {
|
||||
Ok(user) => {
|
||||
if let Err(err) = AuthMailer::send_welcome(&ctx, &user).await {
|
||||
tracing::error!(error = %err, "failed to resend verification email");
|
||||
}
|
||||
}
|
||||
Err(err) => tracing::error!(error = %err, "failed to refresh verification token"),
|
||||
}
|
||||
} else {
|
||||
tracing::info!("verification resend skipped (already verified or within cooldown)");
|
||||
}
|
||||
}
|
||||
resend_verification_view(&v, &jar, true)
|
||||
}
|
||||
|
||||
/// Set-password form for accounts created during checkout (and any account that
|
||||
/// has a valid reset token). Reuses the password-reset token machinery.
|
||||
#[derive(Debug, serde::Deserialize)]
|
||||
struct SetPasswordForm {
|
||||
token: String,
|
||||
password: String,
|
||||
password_confirm: String,
|
||||
}
|
||||
|
||||
fn set_password_view(
|
||||
v: &TeraView,
|
||||
jar: &CookieJar,
|
||||
token: &str,
|
||||
valid: bool,
|
||||
error: Option<&str>,
|
||||
) -> Result<Response> {
|
||||
format::view(
|
||||
v,
|
||||
"auth/set_password.html",
|
||||
json!({
|
||||
"token": token,
|
||||
"valid": valid,
|
||||
"error": error,
|
||||
"logged_in_admin": false,
|
||||
"lang": current_lang(jar),
|
||||
}),
|
||||
)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn set_password_page(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Path(token): Path<String>,
|
||||
) -> Result<Response> {
|
||||
let valid = users::Model::find_by_reset_token(&ctx.db, &token).await.is_ok();
|
||||
set_password_view(&v, &jar, &token, valid, None)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn set_password(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
State(ctx): State<AppContext>,
|
||||
Form(form): Form<SetPasswordForm>,
|
||||
) -> Result<Response> {
|
||||
let Ok(user) = users::Model::find_by_reset_token(&ctx.db, &form.token).await else {
|
||||
return set_password_view(&v, &jar, &form.token, false, None);
|
||||
};
|
||||
if form.password != form.password_confirm {
|
||||
return set_password_view(&v, &jar, &form.token, true, Some("mismatch"));
|
||||
}
|
||||
if form.password.len() < 8 {
|
||||
return set_password_view(&v, &jar, &form.token, true, Some("weak"));
|
||||
}
|
||||
// Setting the password through an emailed link also proves email ownership,
|
||||
// so the account is marked verified here.
|
||||
let user = user.into_active_model().reset_password(&ctx.db, &form.password).await?;
|
||||
if user.email_verified_at.is_none() {
|
||||
user.into_active_model().verified(&ctx.db).await?;
|
||||
}
|
||||
format::redirect("/login")
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
async fn logout() -> Result<Response> {
|
||||
format::render()
|
||||
@@ -211,6 +369,10 @@ pub fn routes() -> Routes {
|
||||
.add("/register", get(register_page))
|
||||
.add("/register", post(register))
|
||||
.add("/verify/{token}", get(verify))
|
||||
.add("/resend-verification", get(resend_verification_page))
|
||||
.add("/resend-verification", post(resend_verification))
|
||||
.add("/set-password/{token}", get(set_password_page))
|
||||
.add("/set-password", post(set_password))
|
||||
.add("/logout", post(logout))
|
||||
.add("/admin", get(admin_entry))
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
use crate::{controllers::i18n::current_lang, shared::money::format_price, models::products};
|
||||
use crate::{controllers::i18n::current_lang, shared::{guard, money::format_price}, models::products};
|
||||
use axum::{
|
||||
http::{HeaderMap, StatusCode},
|
||||
response::Redirect,
|
||||
@@ -234,6 +234,7 @@ async fn show(
|
||||
|
||||
// Drop any now-invalid lines from the cookie so the badge stays accurate.
|
||||
let rebuilt = serialize_cart(&valid);
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
let response = format::view(
|
||||
&v,
|
||||
"shop/cart.html",
|
||||
@@ -241,6 +242,10 @@ async fn show(
|
||||
"items": lines,
|
||||
"total": format_price(total),
|
||||
"currency": currency,
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)?;
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
//! Public checkout flow: the checkout form, placing an order, and the order
|
||||
//! confirmation page.
|
||||
|
||||
use axum::extract::Query;
|
||||
use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
|
||||
use loco_rs::prelude::*;
|
||||
use sea_orm::{ColumnTrait, EntityTrait, QueryFilter, QueryOrder};
|
||||
@@ -10,9 +11,14 @@ use time::Duration as TimeDuration;
|
||||
|
||||
use crate::{
|
||||
controllers::cart::{resolve_cart, CART_COOKIE},
|
||||
models::{order_items, orders, shipping_methods},
|
||||
mailers::auth::AuthMailer,
|
||||
models::{
|
||||
customer_profiles::{self, ProfileFields},
|
||||
order_items, orders, shipping_methods,
|
||||
users::{self, normalize_account_type},
|
||||
},
|
||||
controllers::i18n::current_lang,
|
||||
shared::{money::format_price, settings},
|
||||
shared::{guard, money::format_price, settings},
|
||||
views::checkout as view,
|
||||
};
|
||||
|
||||
@@ -24,6 +30,11 @@ struct CheckoutForm {
|
||||
phone_prefix: String,
|
||||
phone: String,
|
||||
customer_name: String,
|
||||
account_type: Option<String>,
|
||||
company_name: Option<String>,
|
||||
company_id: Option<String>,
|
||||
tax_id: Option<String>,
|
||||
vat_id: Option<String>,
|
||||
address: String,
|
||||
city: String,
|
||||
zip: String,
|
||||
@@ -33,6 +44,10 @@ struct CheckoutForm {
|
||||
carrier_code: String,
|
||||
pickup_point_id: Option<String>,
|
||||
pickup_point_name: Option<String>,
|
||||
// Present (as "on") only when a logged-in customer ticks "save my address".
|
||||
save_profile: Option<String>,
|
||||
// Present only when a guest ticks "create an account from this order".
|
||||
create_account: Option<String>,
|
||||
}
|
||||
|
||||
fn trimmed(value: &str) -> Option<String> {
|
||||
@@ -86,6 +101,25 @@ async fn checkout_page(
|
||||
})
|
||||
.collect();
|
||||
|
||||
// Prefill the form for a logged-in customer: contact name/email come from
|
||||
// the user account, the address/phone from their saved profile (if any).
|
||||
let user = guard::current_user(&ctx, &jar).await;
|
||||
let is_admin = user.as_ref().is_some_and(|u| guard::is_admin(&ctx, u));
|
||||
let is_customer = user.is_some() && !is_admin;
|
||||
let profile = match (&user, is_customer) {
|
||||
(Some(u), true) => customer_profiles::Model::find_for_user(&ctx.db, u.id).await?,
|
||||
_ => None,
|
||||
};
|
||||
let p = |get: fn(&customer_profiles::Model) -> Option<String>| {
|
||||
profile.as_ref().and_then(get)
|
||||
};
|
||||
// Whether the customer already has a shipping address on file. When they do,
|
||||
// the "save this address to my profile" opt-in is pointless (the profile was
|
||||
// filled in advance), so it's hidden and the existing profile is left alone.
|
||||
let profile_filled = profile
|
||||
.as_ref()
|
||||
.is_some_and(|pr| pr.address.is_some() && pr.city.is_some() && pr.zip.is_some());
|
||||
|
||||
format::view(
|
||||
&v,
|
||||
"shop/checkout.html",
|
||||
@@ -96,6 +130,26 @@ async fn checkout_page(
|
||||
"currency": currency,
|
||||
"shipping_methods": methods,
|
||||
"packeta_api_key": settings::get(&ctx, "packeta_api_key").unwrap_or(""),
|
||||
"logged_in_admin": is_admin,
|
||||
"logged_in_customer": is_customer,
|
||||
"profile_filled": profile_filled,
|
||||
// A logged-in customer's account type is fixed; only guests pick it
|
||||
// and may opt to create an account from the order.
|
||||
"account_fixed": is_customer,
|
||||
"can_create_account": user.is_none(),
|
||||
"prefill_email": user.as_ref().filter(|_| is_customer).map(|u| u.email.clone()),
|
||||
"prefill_name": user.as_ref().filter(|_| is_customer).map(|u| u.name.clone()),
|
||||
"prefill_account_type": user.as_ref().filter(|_| is_customer).map_or("personal", |u| u.account_type.as_str()),
|
||||
"prefill_company_name": p(|x| x.company_name.clone()),
|
||||
"prefill_company_id": p(|x| x.company_id.clone()),
|
||||
"prefill_tax_id": p(|x| x.tax_id.clone()),
|
||||
"prefill_vat_id": p(|x| x.vat_id.clone()),
|
||||
"prefill_phone_prefix": p(|x| x.phone_prefix.clone()),
|
||||
"prefill_phone": p(|x| x.phone.clone()),
|
||||
"prefill_address": p(|x| x.address.clone()),
|
||||
"prefill_city": p(|x| x.city.clone()),
|
||||
"prefill_zip": p(|x| x.zip.clone()),
|
||||
"prefill_country": p(|x| x.country.clone()),
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
@@ -119,7 +173,7 @@ async fn place_order(
|
||||
trimmed(&form.phone).ok_or_else(|| Error::BadRequest("phone is required".to_string()))?;
|
||||
let phone = match trimmed(&form.phone_prefix) {
|
||||
Some(prefix) => format!("{prefix} {number}"),
|
||||
None => number,
|
||||
None => number.clone(),
|
||||
};
|
||||
|
||||
// Contact and shipping-address fields are mandatory (also enforced in the
|
||||
@@ -133,6 +187,31 @@ async fn place_order(
|
||||
let zip = require(&form.zip, "zip")?;
|
||||
let country = require(&form.country, "country")?;
|
||||
|
||||
// The account type is fixed for a logged-in customer (taken from their
|
||||
// account, never the form); a guest picks it on the form. Admins are treated
|
||||
// as guests here.
|
||||
let current_user = guard::current_user(&ctx, &jar).await;
|
||||
let logged_in_customer = current_user
|
||||
.as_ref()
|
||||
.filter(|u| !guard::is_admin(&ctx, u));
|
||||
let account_type = match logged_in_customer {
|
||||
Some(u) => u.account_type.clone(),
|
||||
None => normalize_account_type(form.account_type.as_deref()),
|
||||
};
|
||||
|
||||
// Company purchases must carry the invoicing identifiers (IČO + DIČ
|
||||
// required, IČ DPH optional). Personal orders carry none.
|
||||
let (company_name, company_id, tax_id, vat_id) = if account_type == "company" {
|
||||
(
|
||||
Some(require(form.company_name.as_deref().unwrap_or(""), "company name")?),
|
||||
Some(require(form.company_id.as_deref().unwrap_or(""), "IČO")?),
|
||||
Some(require(form.tax_id.as_deref().unwrap_or(""), "DIČ")?),
|
||||
form.vat_id.as_deref().and_then(trimmed),
|
||||
)
|
||||
} else {
|
||||
(None, None, None, None)
|
||||
};
|
||||
|
||||
if !PAYMENT_METHODS.contains(&form.payment_method.as_str()) {
|
||||
return Err(Error::BadRequest("invalid payment method".to_string()));
|
||||
}
|
||||
@@ -157,6 +236,74 @@ async fn place_order(
|
||||
(None, None)
|
||||
};
|
||||
|
||||
// The address/contact captured here, ready to seed a profile (for the
|
||||
// logged-in "save my address" opt-in or a freshly created guest account).
|
||||
let entered_profile = || ProfileFields {
|
||||
company_name: company_name.clone(),
|
||||
company_id: company_id.clone(),
|
||||
tax_id: tax_id.clone(),
|
||||
vat_id: vat_id.clone(),
|
||||
phone_prefix: trimmed(&form.phone_prefix),
|
||||
phone: Some(number.clone()),
|
||||
address: Some(address.clone()),
|
||||
city: Some(city.clone()),
|
||||
zip: Some(zip.clone()),
|
||||
country: Some(country.clone()),
|
||||
};
|
||||
|
||||
// Resolve the account that will own this order. A logged-in customer always
|
||||
// owns their orders. A guest may opt to create an account from the order;
|
||||
// the new account's type matches what they bought as, its profile is seeded
|
||||
// from the entered details, and a "set your password" link is emailed. If
|
||||
// the email already belongs to an account we silently fall back to a guest
|
||||
// order (no hijacking an existing account).
|
||||
let mut order_user_id = logged_in_customer.map(|u| u.id);
|
||||
let mut account_created = false;
|
||||
if order_user_id.is_none() && form.create_account.is_some() {
|
||||
match users::Model::create_guest_account(&ctx.db, &email, &customer_name, &account_type)
|
||||
.await
|
||||
{
|
||||
Ok(new_user) => {
|
||||
if let Err(err) =
|
||||
customer_profiles::Model::upsert(&ctx.db, new_user.id, entered_profile()).await
|
||||
{
|
||||
tracing::error!(error = %err, user_id = new_user.id, "failed to seed guest profile");
|
||||
}
|
||||
let user_id = new_user.id;
|
||||
match new_user.into_active_model().set_forgot_password_sent(&ctx.db).await {
|
||||
Ok(user) => {
|
||||
if let Err(err) = AuthMailer::send_set_password(&ctx, &user).await {
|
||||
tracing::error!(error = %err, "failed to send set-password email");
|
||||
}
|
||||
order_user_id = Some(user_id);
|
||||
account_created = true;
|
||||
}
|
||||
Err(err) => {
|
||||
tracing::error!(error = %err, "failed to issue set-password token");
|
||||
order_user_id = Some(user_id);
|
||||
}
|
||||
}
|
||||
}
|
||||
Err(ModelError::EntityAlreadyExists {}) => {
|
||||
tracing::info!(email = %email, "checkout account-create skipped: email already registered");
|
||||
}
|
||||
Err(err) => tracing::error!(error = %err, "failed to create checkout account"),
|
||||
}
|
||||
}
|
||||
|
||||
// If a logged-in customer opted in, persist this address to their profile so
|
||||
// the next checkout is prefilled. Best-effort: a failure here is logged but
|
||||
// must not block the order.
|
||||
if form.save_profile.is_some() {
|
||||
if let Some(user) = logged_in_customer {
|
||||
if let Err(err) =
|
||||
customer_profiles::Model::upsert(&ctx.db, user.id, entered_profile()).await
|
||||
{
|
||||
tracing::error!(error = %err, user_id = user.id, "failed to save checkout profile");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
let order = orders::place(
|
||||
&ctx,
|
||||
&valid,
|
||||
@@ -164,6 +311,12 @@ async fn place_order(
|
||||
email,
|
||||
phone,
|
||||
customer_name: Some(customer_name),
|
||||
user_id: order_user_id,
|
||||
account_type,
|
||||
company_name,
|
||||
company_id,
|
||||
tax_id,
|
||||
vat_id,
|
||||
address: Some(address),
|
||||
city: Some(city),
|
||||
zip: Some(zip),
|
||||
@@ -177,9 +330,14 @@ async fn place_order(
|
||||
)
|
||||
.await?;
|
||||
|
||||
let target = if account_created {
|
||||
format!("/orders/{}?account_created=1", order.order_number)
|
||||
} else {
|
||||
format!("/orders/{}", order.order_number)
|
||||
};
|
||||
format::render()
|
||||
.cookies(&[cleared_cart_cookie()])?
|
||||
.redirect(&format!("/orders/{}", order.order_number))
|
||||
.redirect(&target)
|
||||
}
|
||||
|
||||
#[debug_handler]
|
||||
@@ -187,6 +345,7 @@ async fn order_confirmation(
|
||||
jar: CookieJar,
|
||||
ViewEngine(v): ViewEngine<TeraView>,
|
||||
Path(order_number): Path<String>,
|
||||
Query(params): Query<std::collections::HashMap<String, String>>,
|
||||
State(ctx): State<AppContext>,
|
||||
) -> Result<Response> {
|
||||
let order = orders::Entity::find()
|
||||
@@ -198,6 +357,8 @@ async fn order_confirmation(
|
||||
.filter(order_items::Column::OrderId.eq(order.id))
|
||||
.all(&ctx.db)
|
||||
.await?;
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
let account_created = params.contains_key("account_created");
|
||||
|
||||
format::view(
|
||||
&v,
|
||||
@@ -209,6 +370,11 @@ async fn order_confirmation(
|
||||
settings::get(&ctx, "bank_account_name").unwrap_or(""),
|
||||
),
|
||||
"items": view::items(&items),
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"account_created": account_created,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
|
||||
@@ -13,13 +13,17 @@ async fn index(
|
||||
State(ctx): State<AppContext>,
|
||||
) -> Result<Response> {
|
||||
let products = shop::featured_products(&ctx, 8).await?;
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
|
||||
format::view(
|
||||
&v,
|
||||
"home/index.html",
|
||||
json!({
|
||||
"products": products,
|
||||
"logged_in_admin": guard::logged_in(&ctx, &jar).await,
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
pub mod account;
|
||||
pub mod auth;
|
||||
pub mod auth_pages;
|
||||
pub mod oauth2;
|
||||
pub mod admin_categories;
|
||||
pub mod admin_dashboard;
|
||||
pub mod admin_form;
|
||||
|
||||
56
src/controllers/oauth2.rs
Normal file
56
src/controllers/oauth2.rs
Normal file
@@ -0,0 +1,56 @@
|
||||
//! HTML OAuth2 (Google) sign-in.
|
||||
//!
|
||||
//! The provider round-trip is handled by loco-oauth2's built-in authorize +
|
||||
//! cookie-callback handlers. The callback upserts the user, stores an OAuth2
|
||||
//! session, sets loco-oauth2's *private* session cookie, and redirects to the
|
||||
//! configured `protected_url` — which is our [`complete`] handler. There we
|
||||
//! trade the OAuth2 session for OUR Loco `auth_token` JWT cookie, so the rest of
|
||||
//! the app (the Casbin layer, `guard`, the unified `/login`) treats a Google
|
||||
//! user exactly like a password login. Admins (matching `ADMIN_EMAIL`) land on
|
||||
//! the dashboard, everyone else on the storefront.
|
||||
|
||||
use loco_oauth2::controllers::{
|
||||
middleware::OAuth2CookieUser,
|
||||
oauth2::{google_authorization_url, google_callback_cookie},
|
||||
};
|
||||
use loco_rs::prelude::*;
|
||||
|
||||
use crate::{
|
||||
controllers::auth as auth_controller,
|
||||
models::{o_auth2_sessions, users, users::OAuth2UserProfile},
|
||||
shared::guard,
|
||||
};
|
||||
|
||||
type GoogleCookieUser = OAuth2CookieUser<OAuth2UserProfile, users::Model, o_auth2_sessions::Model>;
|
||||
|
||||
/// Bridge from loco-oauth2's session cookie to our own auth cookie.
|
||||
#[debug_handler]
|
||||
async fn complete(State(ctx): State<AppContext>, user: GoogleCookieUser) -> Result<Response> {
|
||||
let user: &users::Model = user.as_ref();
|
||||
let jwt_secret = ctx.config.get_jwt_config()?;
|
||||
let token = user
|
||||
.generate_jwt(&jwt_secret.secret, jwt_secret.expiration)
|
||||
.or_else(|_| unauthorized("unauthorized!"))?;
|
||||
let dest = if guard::is_admin(&ctx, user) {
|
||||
"/admin/dashboard"
|
||||
} else {
|
||||
"/"
|
||||
};
|
||||
format::render()
|
||||
.cookies(&[auth_controller::auth_cookie(&token, jwt_secret.expiration)])?
|
||||
.redirect(dest)
|
||||
}
|
||||
|
||||
pub fn routes() -> Routes {
|
||||
Routes::new()
|
||||
.prefix("api/oauth2")
|
||||
// Redirects the browser to Google's consent screen.
|
||||
.add("/google", get(google_authorization_url))
|
||||
// Google redirects back here; loco-oauth2 exchanges the code, upserts
|
||||
// the user, and redirects to `protected_url` (/api/oauth2/protected).
|
||||
.add(
|
||||
"/google/callback/cookie",
|
||||
get(google_callback_cookie::<OAuth2UserProfile, users::Model, o_auth2_sessions::Model>),
|
||||
)
|
||||
.add("/protected", get(complete))
|
||||
}
|
||||
@@ -69,12 +69,16 @@ async fn index(
|
||||
.all(&ctx.db)
|
||||
.await?;
|
||||
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
format::view(
|
||||
&v,
|
||||
"shop/index.html",
|
||||
json!({
|
||||
"products": product_rows(&ctx, list).await?,
|
||||
"logged_in_admin": guard::logged_in(&ctx, &jar).await,
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
@@ -108,6 +112,7 @@ async fn show(
|
||||
None => None,
|
||||
};
|
||||
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
format::view(
|
||||
&v,
|
||||
"shop/show.html",
|
||||
@@ -115,7 +120,10 @@ async fn show(
|
||||
"product": view::product_card(&product, None, category.as_ref().map(|c| c.name.clone())),
|
||||
"images": images.iter().map(|i| i.image_id.clone()).collect::<Vec<_>>(),
|
||||
"category": category,
|
||||
"logged_in_admin": guard::logged_in(&ctx, &jar).await,
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
@@ -151,6 +159,7 @@ async fn category(
|
||||
.all(&ctx.db)
|
||||
.await?;
|
||||
|
||||
let c = guard::chrome(&ctx, &jar).await;
|
||||
format::view(
|
||||
&v,
|
||||
"shop/category.html",
|
||||
@@ -159,7 +168,10 @@ async fn category(
|
||||
"breadcrumbs": breadcrumbs,
|
||||
"children": children,
|
||||
"products": product_rows(&ctx, list).await?,
|
||||
"logged_in_admin": guard::logged_in(&ctx, &jar).await,
|
||||
"logged_in_admin": c.logged_in_admin,
|
||||
"logged_in_customer": c.logged_in_customer,
|
||||
"customer_name": c.customer_name,
|
||||
"customer_account_type": c.customer_account_type,
|
||||
"lang": current_lang(&jar),
|
||||
}),
|
||||
)
|
||||
|
||||
@@ -43,6 +43,7 @@ impl Initializer for AdminSeeder {
|
||||
email: email.clone(),
|
||||
password,
|
||||
name,
|
||||
account_type: None,
|
||||
},
|
||||
)
|
||||
.await?;
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
pub mod admin_seeder;
|
||||
pub mod oauth2;
|
||||
pub mod oauth2_session;
|
||||
pub mod shipping_seeder;
|
||||
pub mod view_engine;
|
||||
|
||||
36
src/initializers/oauth2.rs
Normal file
36
src/initializers/oauth2.rs
Normal file
@@ -0,0 +1,36 @@
|
||||
//! Builds the loco-oauth2 client store from `initializers.oauth2` config and
|
||||
//! injects it as an Axum extension so the oauth2 controllers can reach it.
|
||||
|
||||
use axum::{Extension, Router as AxumRouter};
|
||||
use loco_oauth2::{config::Config as OAuth2Config, OAuth2ClientStore};
|
||||
use loco_rs::prelude::*;
|
||||
|
||||
pub struct OAuth2StoreInitializer;
|
||||
|
||||
#[async_trait]
|
||||
impl Initializer for OAuth2StoreInitializer {
|
||||
fn name(&self) -> String {
|
||||
"oauth2-store".to_string()
|
||||
}
|
||||
|
||||
async fn after_routes(&self, router: AxumRouter, ctx: &AppContext) -> Result<AxumRouter> {
|
||||
let settings = ctx.config.initializers.clone().ok_or_else(|| {
|
||||
Error::Message("Initializers config not configured for OAuth2".to_string())
|
||||
})?;
|
||||
let oauth2_config_value = settings
|
||||
.get("oauth2")
|
||||
.ok_or_else(|| {
|
||||
Error::Message("oauth2 config not found in initializers configuration".to_string())
|
||||
})?
|
||||
.clone();
|
||||
let oauth2_config: OAuth2Config = oauth2_config_value.try_into().map_err(|e| {
|
||||
tracing::error!(error = ?e, "could not convert oauth2 config from yaml");
|
||||
Error::Message("could not convert oauth2 config from yaml".to_string())
|
||||
})?;
|
||||
let oauth2_store = OAuth2ClientStore::new(oauth2_config).map_err(|e| {
|
||||
tracing::error!(error = ?e, "could not create oauth2 store from config");
|
||||
Error::Message("could not create oauth2 store from config".to_string())
|
||||
})?;
|
||||
Ok(router.layer(Extension(oauth2_store)))
|
||||
}
|
||||
}
|
||||
25
src/initializers/oauth2_session.rs
Normal file
25
src/initializers/oauth2_session.rs
Normal file
@@ -0,0 +1,25 @@
|
||||
//! tower-sessions layer that loco-oauth2 uses to hold the short-lived CSRF /
|
||||
//! PKCE state between the authorize redirect and the provider callback. An
|
||||
//! in-memory store is sufficient since the state only needs to survive the
|
||||
//! round-trip to the provider.
|
||||
|
||||
use axum::Router as AxumRouter;
|
||||
use loco_rs::prelude::*;
|
||||
use tower_sessions::{cookie::time::Duration, Expiry, MemoryStore, SessionManagerLayer};
|
||||
|
||||
pub struct OAuth2SessionInitializer;
|
||||
|
||||
#[async_trait]
|
||||
impl Initializer for OAuth2SessionInitializer {
|
||||
fn name(&self) -> String {
|
||||
"oauth2-session".to_string()
|
||||
}
|
||||
|
||||
async fn after_routes(&self, router: AxumRouter, _ctx: &AppContext) -> Result<AxumRouter> {
|
||||
let session_store = MemoryStore::default();
|
||||
let session_layer = SessionManagerLayer::new(session_store)
|
||||
.with_secure(false)
|
||||
.with_expiry(Expiry::OnInactivity(Duration::minutes(10)));
|
||||
Ok(router.layer(session_layer))
|
||||
}
|
||||
}
|
||||
@@ -9,10 +9,21 @@ use crate::models::users;
|
||||
static welcome: Dir<'_> = include_dir!("src/mailers/auth/welcome");
|
||||
static forgot: Dir<'_> = include_dir!("src/mailers/auth/forgot");
|
||||
static magic_link: Dir<'_> = include_dir!("src/mailers/auth/magic_link");
|
||||
static set_password: Dir<'_> = include_dir!("src/mailers/auth/set_password");
|
||||
|
||||
#[allow(clippy::module_name_repetitions)]
|
||||
pub struct AuthMailer {}
|
||||
impl Mailer for AuthMailer {}
|
||||
impl Mailer for AuthMailer {
|
||||
/// Override the framework default (`System <system@example.com>`), which any
|
||||
/// real MX rejects (`example.com` is nullMX). Must be a sender the SMTP
|
||||
/// account is allowed to send as.
|
||||
fn opts() -> mailer::MailerOpts {
|
||||
mailer::MailerOpts {
|
||||
from: "Kompress <info@kompress.sk>".to_string(),
|
||||
..Default::default()
|
||||
}
|
||||
}
|
||||
}
|
||||
impl AuthMailer {
|
||||
/// Sending welcome email the the given user
|
||||
///
|
||||
@@ -62,6 +73,31 @@ impl AuthMailer {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Sends a "set your password" email to a checkout-created account. Reuses
|
||||
/// the reset token; the link lands on the HTML `/set-password/{token}` page.
|
||||
///
|
||||
/// # Errors
|
||||
///
|
||||
/// When email sending is failed
|
||||
pub async fn send_set_password(ctx: &AppContext, user: &users::Model) -> Result<()> {
|
||||
Self::mail_template(
|
||||
ctx,
|
||||
&set_password,
|
||||
mailer::Args {
|
||||
to: user.email.to_string(),
|
||||
locals: json!({
|
||||
"name": user.name,
|
||||
"resetToken": user.reset_token,
|
||||
"domain": ctx.config.server.full_url()
|
||||
}),
|
||||
..Default::default()
|
||||
},
|
||||
)
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Sends a magic link authentication email to the user.
|
||||
///
|
||||
/// # Errors
|
||||
|
||||
10
src/mailers/auth/set_password/html.t
Normal file
10
src/mailers/auth/set_password/html.t
Normal file
@@ -0,0 +1,10 @@
|
||||
<html>
|
||||
|
||||
<body>
|
||||
Hey {{name}},
|
||||
Thanks for your order! We created an account for you. Set your password to finish, then you can track your orders:
|
||||
<a href="{{domain}}/set-password/{{resetToken}}">Set your password</a>
|
||||
If you didn't place this order, you can ignore this email.
|
||||
</body>
|
||||
|
||||
</html>
|
||||
1
src/mailers/auth/set_password/subject.t
Normal file
1
src/mailers/auth/set_password/subject.t
Normal file
@@ -0,0 +1 @@
|
||||
Set your password
|
||||
7
src/mailers/auth/set_password/text.t
Normal file
7
src/mailers/auth/set_password/text.t
Normal file
@@ -0,0 +1,7 @@
|
||||
Hey {{name}},
|
||||
|
||||
Thanks for your order! We created an account for you. Set your password to finish, then you can track your orders:
|
||||
|
||||
{{domain}}/set-password/{{resetToken}}
|
||||
|
||||
If you didn't place this order, you can ignore this email.
|
||||
44
src/models/_entities/customer_profiles.rs
Normal file
44
src/models/_entities/customer_profiles.rs
Normal file
@@ -0,0 +1,44 @@
|
||||
//! `SeaORM` Entity for customer shipping/contact profiles. Hand-written to match
|
||||
//! the `customer_profiles` migration (1:1 with `users` via a unique `user_id`).
|
||||
|
||||
use sea_orm::entity::prelude::*;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
|
||||
#[sea_orm(table_name = "customer_profiles")]
|
||||
pub struct Model {
|
||||
pub created_at: DateTimeWithTimeZone,
|
||||
pub updated_at: DateTimeWithTimeZone,
|
||||
#[sea_orm(primary_key)]
|
||||
pub id: i32,
|
||||
#[sea_orm(unique)]
|
||||
pub user_id: i32,
|
||||
pub company_name: Option<String>,
|
||||
pub company_id: Option<String>,
|
||||
pub tax_id: Option<String>,
|
||||
pub vat_id: Option<String>,
|
||||
pub phone_prefix: Option<String>,
|
||||
pub phone: Option<String>,
|
||||
pub address: Option<String>,
|
||||
pub city: Option<String>,
|
||||
pub zip: Option<String>,
|
||||
pub country: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
|
||||
pub enum Relation {
|
||||
#[sea_orm(
|
||||
belongs_to = "super::users::Entity",
|
||||
from = "Column::UserId",
|
||||
to = "super::users::Column::Id",
|
||||
on_update = "Cascade",
|
||||
on_delete = "Cascade"
|
||||
)]
|
||||
Users,
|
||||
}
|
||||
|
||||
impl Related<super::users::Entity> for Entity {
|
||||
fn to() -> RelationDef {
|
||||
Relation::Users.def()
|
||||
}
|
||||
}
|
||||
@@ -4,6 +4,8 @@ pub mod prelude;
|
||||
|
||||
pub mod audit_logs;
|
||||
pub mod categories;
|
||||
pub mod customer_profiles;
|
||||
pub mod o_auth2_sessions;
|
||||
pub mod order_items;
|
||||
pub mod orders;
|
||||
pub mod product_images;
|
||||
|
||||
36
src/models/_entities/o_auth2_sessions.rs
Normal file
36
src/models/_entities/o_auth2_sessions.rs
Normal file
@@ -0,0 +1,36 @@
|
||||
//! `SeaORM` Entity for loco-oauth2 sessions. Hand-written to match the
|
||||
//! `o_auth2_sessions` migration (the rest of `_entities/` is codegen; this table
|
||||
//! is owned by the loco-oauth2 integration).
|
||||
|
||||
use sea_orm::entity::prelude::*;
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
#[derive(Clone, Debug, PartialEq, DeriveEntityModel, Eq, Serialize, Deserialize)]
|
||||
#[sea_orm(table_name = "o_auth2_sessions")]
|
||||
pub struct Model {
|
||||
pub created_at: DateTimeUtc,
|
||||
pub updated_at: DateTimeUtc,
|
||||
#[sea_orm(primary_key)]
|
||||
pub id: i32,
|
||||
pub session_id: String,
|
||||
pub expires_at: DateTimeUtc,
|
||||
pub user_id: i32,
|
||||
}
|
||||
|
||||
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
|
||||
pub enum Relation {
|
||||
#[sea_orm(
|
||||
belongs_to = "super::users::Entity",
|
||||
from = "Column::UserId",
|
||||
to = "super::users::Column::Id",
|
||||
on_update = "Cascade",
|
||||
on_delete = "Cascade"
|
||||
)]
|
||||
Users,
|
||||
}
|
||||
|
||||
impl Related<super::users::Entity> for Entity {
|
||||
fn to() -> RelationDef {
|
||||
Relation::Users.def()
|
||||
}
|
||||
}
|
||||
@@ -18,6 +18,12 @@ pub struct Model {
|
||||
pub status: String,
|
||||
pub total_cents: i64,
|
||||
pub currency: String,
|
||||
pub user_id: Option<i32>,
|
||||
pub account_type: String,
|
||||
pub company_name: Option<String>,
|
||||
pub company_id: Option<String>,
|
||||
pub tax_id: Option<String>,
|
||||
pub vat_id: Option<String>,
|
||||
pub address: Option<String>,
|
||||
pub city: Option<String>,
|
||||
pub zip: Option<String>,
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
pub use super::audit_logs::Entity as AuditLogs;
|
||||
pub use super::categories::Entity as Categories;
|
||||
pub use super::customer_profiles::Entity as CustomerProfiles;
|
||||
pub use super::o_auth2_sessions::Entity as OAuth2Sessions;
|
||||
pub use super::order_items::Entity as OrderItems;
|
||||
pub use super::orders::Entity as Orders;
|
||||
pub use super::product_images::Entity as ProductImages;
|
||||
|
||||
@@ -25,6 +25,7 @@ pub struct Model {
|
||||
pub magic_link_token: Option<String>,
|
||||
pub magic_link_expiration: Option<DateTimeWithTimeZone>,
|
||||
pub theme: String,
|
||||
pub account_type: String,
|
||||
}
|
||||
|
||||
#[derive(Copy, Clone, Debug, EnumIter, DeriveRelation)]
|
||||
|
||||
73
src/models/customer_profiles.rs
Normal file
73
src/models/customer_profiles.rs
Normal file
@@ -0,0 +1,73 @@
|
||||
//! Per-customer shipping/contact profile: the address + phone fields used to
|
||||
//! prefill checkout. One row per user (unique `user_id`); `name`/`email` are
|
||||
//! read from `users`, never duplicated here.
|
||||
|
||||
pub use crate::models::_entities::customer_profiles::{ActiveModel, Column, Entity, Model};
|
||||
use sea_orm::entity::prelude::*;
|
||||
use sea_orm::{ActiveValue, IntoActiveModel, QueryFilter, TryIntoModel};
|
||||
|
||||
pub type CustomerProfiles = Entity;
|
||||
|
||||
/// The editable profile fields, shared by the profile page and the checkout
|
||||
/// "save my address" path. The `company_*` fields are only meaningful for
|
||||
/// company accounts (account type now lives on `users`, fixed at registration).
|
||||
#[derive(Debug, Default, Clone)]
|
||||
pub struct ProfileFields {
|
||||
pub company_name: Option<String>,
|
||||
pub company_id: Option<String>,
|
||||
pub tax_id: Option<String>,
|
||||
pub vat_id: Option<String>,
|
||||
pub phone_prefix: Option<String>,
|
||||
pub phone: Option<String>,
|
||||
pub address: Option<String>,
|
||||
pub city: Option<String>,
|
||||
pub zip: Option<String>,
|
||||
pub country: Option<String>,
|
||||
}
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl ActiveModelBehavior for ActiveModel {
|
||||
async fn before_save<C>(self, _db: &C, _insert: bool) -> std::result::Result<Self, DbErr>
|
||||
where
|
||||
C: ConnectionTrait,
|
||||
{
|
||||
Ok(self)
|
||||
}
|
||||
}
|
||||
|
||||
impl Model {
|
||||
/// The profile for `user_id`, if one exists.
|
||||
pub async fn find_for_user(db: &DatabaseConnection, user_id: i32) -> Result<Option<Self>, DbErr> {
|
||||
Entity::find()
|
||||
.filter(Column::UserId.eq(user_id))
|
||||
.one(db)
|
||||
.await
|
||||
}
|
||||
|
||||
/// Insert or update the profile for `user_id` with `fields`, returning the
|
||||
/// persisted row. The unique `user_id` index keeps this 1:1.
|
||||
pub async fn upsert(
|
||||
db: &DatabaseConnection,
|
||||
user_id: i32,
|
||||
fields: ProfileFields,
|
||||
) -> Result<Self, DbErr> {
|
||||
let mut active = match Self::find_for_user(db, user_id).await? {
|
||||
Some(existing) => existing.into_active_model(),
|
||||
None => ActiveModel {
|
||||
user_id: ActiveValue::set(user_id),
|
||||
..Default::default()
|
||||
},
|
||||
};
|
||||
active.company_name = ActiveValue::set(fields.company_name);
|
||||
active.company_id = ActiveValue::set(fields.company_id);
|
||||
active.tax_id = ActiveValue::set(fields.tax_id);
|
||||
active.vat_id = ActiveValue::set(fields.vat_id);
|
||||
active.phone_prefix = ActiveValue::set(fields.phone_prefix);
|
||||
active.phone = ActiveValue::set(fields.phone);
|
||||
active.address = ActiveValue::set(fields.address);
|
||||
active.city = ActiveValue::set(fields.city);
|
||||
active.zip = ActiveValue::set(fields.zip);
|
||||
active.country = ActiveValue::set(fields.country);
|
||||
active.save(db).await?.try_into_model()
|
||||
}
|
||||
}
|
||||
@@ -8,6 +8,8 @@ pub mod _entities;
|
||||
|
||||
pub mod audit_logs;
|
||||
pub mod categories;
|
||||
pub mod customer_profiles;
|
||||
pub mod o_auth2_sessions;
|
||||
pub mod order_items;
|
||||
pub mod orders;
|
||||
pub mod product_images;
|
||||
|
||||
79
src/models/o_auth2_sessions.rs
Normal file
79
src/models/o_auth2_sessions.rs
Normal file
@@ -0,0 +1,79 @@
|
||||
pub use super::_entities::o_auth2_sessions::{ActiveModel, Column, Entity, Model};
|
||||
use crate::models::{o_auth2_sessions, users};
|
||||
use async_trait::async_trait;
|
||||
use chrono::Utc;
|
||||
use loco_oauth2::base_oauth2::{basic::BasicTokenResponse, TokenResponse};
|
||||
use loco_oauth2::models::oauth2_sessions::OAuth2SessionsTrait;
|
||||
use loco_rs::prelude::*;
|
||||
use sea_orm::entity::prelude::*;
|
||||
|
||||
pub type OAuth2Sessions = Entity;
|
||||
|
||||
#[async_trait::async_trait]
|
||||
impl ActiveModelBehavior for ActiveModel {
|
||||
async fn before_save<C>(self, _db: &C, insert: bool) -> std::result::Result<Self, DbErr>
|
||||
where
|
||||
C: ConnectionTrait,
|
||||
{
|
||||
if !insert && self.updated_at.is_unchanged() {
|
||||
let mut this = self;
|
||||
this.updated_at = sea_orm::ActiveValue::Set(Utc::now());
|
||||
Ok(this)
|
||||
} else {
|
||||
Ok(self)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl OAuth2SessionsTrait<users::Model> for Model {
|
||||
/// Whether the session identified by `session_id` has expired.
|
||||
async fn is_expired(db: &DatabaseConnection, session_id: &str) -> ModelResult<bool> {
|
||||
let session = o_auth2_sessions::Entity::find()
|
||||
.filter(o_auth2_sessions::Column::SessionId.eq(session_id))
|
||||
.one(db)
|
||||
.await?
|
||||
.ok_or_else(|| ModelError::EntityNotFound)?;
|
||||
Ok(session.expires_at < Utc::now())
|
||||
}
|
||||
|
||||
/// Create or refresh the session row for `user` from the provider token.
|
||||
async fn upsert_with_oauth2(
|
||||
db: &DatabaseConnection,
|
||||
token: &BasicTokenResponse,
|
||||
user: &users::Model,
|
||||
) -> ModelResult<Self> {
|
||||
let txn = db.begin().await?;
|
||||
let session_id = token.access_token().secret().clone();
|
||||
let expires_at = Utc::now()
|
||||
+ token
|
||||
.expires_in()
|
||||
.unwrap_or(std::time::Duration::from_secs(3600));
|
||||
|
||||
let session = match o_auth2_sessions::Entity::find()
|
||||
.filter(o_auth2_sessions::Column::UserId.eq(user.id))
|
||||
.one(&txn)
|
||||
.await?
|
||||
{
|
||||
Some(session) => {
|
||||
let mut session: o_auth2_sessions::ActiveModel = session.into();
|
||||
session.session_id = ActiveValue::set(session_id);
|
||||
session.expires_at = ActiveValue::set(expires_at);
|
||||
session.updated_at = ActiveValue::set(Utc::now());
|
||||
session.update(&txn).await?
|
||||
}
|
||||
None => {
|
||||
o_auth2_sessions::ActiveModel {
|
||||
session_id: ActiveValue::set(session_id),
|
||||
expires_at: ActiveValue::set(expires_at),
|
||||
user_id: ActiveValue::set(user.id),
|
||||
..Default::default()
|
||||
}
|
||||
.insert(&txn)
|
||||
.await?
|
||||
}
|
||||
};
|
||||
txn.commit().await?;
|
||||
Ok(session)
|
||||
}
|
||||
}
|
||||
@@ -14,6 +14,14 @@ pub struct Checkout {
|
||||
pub email: String,
|
||||
pub phone: String,
|
||||
pub customer_name: Option<String>,
|
||||
/// The account that owns this order, if any (a logged-in buyer or a guest
|
||||
/// who created an account during checkout). `None` for pure guest orders.
|
||||
pub user_id: Option<i32>,
|
||||
pub account_type: String,
|
||||
pub company_name: Option<String>,
|
||||
pub company_id: Option<String>,
|
||||
pub tax_id: Option<String>,
|
||||
pub vat_id: Option<String>,
|
||||
pub address: Option<String>,
|
||||
pub city: Option<String>,
|
||||
pub zip: Option<String>,
|
||||
@@ -70,6 +78,12 @@ pub async fn place(ctx: &AppContext, items: &[(i32, i32)], details: Checkout) ->
|
||||
status: Set("pending".to_string()),
|
||||
total_cents: Set(subtotal + details.method.price_cents),
|
||||
currency: Set(currency),
|
||||
user_id: Set(details.user_id),
|
||||
account_type: Set(details.account_type),
|
||||
company_name: Set(details.company_name),
|
||||
company_id: Set(details.company_id),
|
||||
tax_id: Set(details.tax_id),
|
||||
vat_id: Set(details.vat_id),
|
||||
address: Set(details.address),
|
||||
city: Set(details.city),
|
||||
zip: Set(details.zip),
|
||||
|
||||
@@ -1,15 +1,21 @@
|
||||
use async_trait::async_trait;
|
||||
use chrono::{offset::Local, Duration};
|
||||
use loco_oauth2::models::users::OAuth2UserTrait;
|
||||
use loco_rs::{auth::jwt, hash, prelude::*};
|
||||
use passwords::PasswordGenerator;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json::Map;
|
||||
use uuid::Uuid;
|
||||
|
||||
use crate::models::_entities::o_auth2_sessions;
|
||||
pub use crate::models::_entities::users::{self, ActiveModel, Entity, Model};
|
||||
|
||||
pub const MAGIC_LINK_LENGTH: i8 = 32;
|
||||
pub const MAGIC_LINK_EXPIRATION_MIN: i8 = 5;
|
||||
|
||||
/// Minimum gap between verification-email resends for one account, in seconds.
|
||||
pub const VERIFICATION_RESEND_COOLDOWN_SECS: i64 = 60;
|
||||
|
||||
#[derive(Debug, Deserialize, Serialize)]
|
||||
pub struct LoginParams {
|
||||
pub email: String,
|
||||
@@ -21,6 +27,21 @@ pub struct RegisterParams {
|
||||
pub email: String,
|
||||
pub password: String,
|
||||
pub name: String,
|
||||
/// "personal" or "company"; permanent for the account. Optional on the wire
|
||||
/// (older/JSON callers omit it) and normalized via [`normalize_account_type`].
|
||||
#[serde(default)]
|
||||
pub account_type: Option<String>,
|
||||
}
|
||||
|
||||
/// Normalize an account type to one of the two permanent values, defaulting to
|
||||
/// "personal" for anything missing or unexpected. An account's type is chosen
|
||||
/// once at registration and never changes.
|
||||
#[must_use]
|
||||
pub fn normalize_account_type(value: Option<&str>) -> String {
|
||||
match value.map(str::trim) {
|
||||
Some("company") => "company".to_string(),
|
||||
_ => "personal".to_string(),
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(Debug, Validate, Deserialize)]
|
||||
@@ -213,6 +234,29 @@ impl Model {
|
||||
hash::verify_password(password, &self.password)
|
||||
}
|
||||
|
||||
/// Whether this is a company account (vs a personal one). Fixed at
|
||||
/// registration.
|
||||
#[must_use]
|
||||
pub fn is_company(&self) -> bool {
|
||||
self.account_type == "company"
|
||||
}
|
||||
|
||||
/// Seconds the user must still wait before another verification email may be
|
||||
/// sent — 0 means a resend is allowed now. Throttling resends off the last
|
||||
/// `email_verification_sent_at` keeps the endpoint from being an easy way to
|
||||
/// spam someone's inbox.
|
||||
#[must_use]
|
||||
pub fn verification_resend_wait_secs(&self) -> i64 {
|
||||
match self.email_verification_sent_at {
|
||||
Some(sent) => {
|
||||
let elapsed =
|
||||
(chrono::Utc::now() - sent.with_timezone(&chrono::Utc)).num_seconds();
|
||||
(VERIFICATION_RESEND_COOLDOWN_SECS - elapsed).max(0)
|
||||
}
|
||||
None => 0,
|
||||
}
|
||||
}
|
||||
|
||||
/// Asynchronously creates a user with a password and saves it to the
|
||||
/// database.
|
||||
///
|
||||
@@ -244,6 +288,7 @@ impl Model {
|
||||
email: ActiveValue::set(params.email.to_string()),
|
||||
password: ActiveValue::set(password_hash),
|
||||
name: ActiveValue::set(params.name.to_string()),
|
||||
account_type: ActiveValue::set(normalize_account_type(params.account_type.as_deref())),
|
||||
..Default::default()
|
||||
}
|
||||
.insert(&txn)
|
||||
@@ -254,6 +299,41 @@ impl Model {
|
||||
Ok(user)
|
||||
}
|
||||
|
||||
/// Creates an account on behalf of a checkout guest. The user never picks a
|
||||
/// password here (a strong random one satisfies the NOT NULL column, as in
|
||||
/// the OAuth path); they receive a "set your password" link by email. Errors
|
||||
/// with [`ModelError::EntityAlreadyExists`] if the email is already taken.
|
||||
///
|
||||
/// # Errors
|
||||
///
|
||||
/// When the email already exists or the insert fails.
|
||||
pub async fn create_guest_account(
|
||||
db: &DatabaseConnection,
|
||||
email: &str,
|
||||
name: &str,
|
||||
account_type: &str,
|
||||
) -> ModelResult<Self> {
|
||||
let password = PasswordGenerator::new()
|
||||
.length(16)
|
||||
.numbers(true)
|
||||
.lowercase_letters(true)
|
||||
.uppercase_letters(true)
|
||||
.symbols(true)
|
||||
.strict(true)
|
||||
.generate_one()
|
||||
.map_err(|e| ModelError::Any(e.into()))?;
|
||||
Self::create_with_password(
|
||||
db,
|
||||
&RegisterParams {
|
||||
email: email.to_string(),
|
||||
password,
|
||||
name: name.to_string(),
|
||||
account_type: Some(account_type.to_string()),
|
||||
},
|
||||
)
|
||||
.await
|
||||
}
|
||||
|
||||
/// Creates a JWT
|
||||
///
|
||||
/// # Errors
|
||||
@@ -367,3 +447,93 @@ impl ActiveModel {
|
||||
self.update(db).await.map_err(ModelError::from)
|
||||
}
|
||||
}
|
||||
|
||||
/// Google OpenID Connect user profile (the fields our scopes request).
|
||||
/// <https://developers.google.com/identity/openid-connect/openid-connect#obtainuserinfo>
|
||||
#[derive(Serialize, Deserialize, Clone, Debug)]
|
||||
pub struct OAuth2UserProfile {
|
||||
pub email: String,
|
||||
pub name: String,
|
||||
pub sub: String,
|
||||
pub email_verified: bool,
|
||||
pub given_name: Option<String>,
|
||||
pub family_name: Option<String>,
|
||||
pub picture: Option<String>,
|
||||
pub locale: Option<String>,
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl OAuth2UserTrait<OAuth2UserProfile> for Model {
|
||||
/// Resolve the user behind an active OAuth2 session id.
|
||||
async fn find_by_oauth2_session_id(
|
||||
db: &DatabaseConnection,
|
||||
session_id: &str,
|
||||
) -> ModelResult<Self> {
|
||||
let session = o_auth2_sessions::Entity::find()
|
||||
.filter(o_auth2_sessions::Column::SessionId.eq(session_id))
|
||||
.one(db)
|
||||
.await?
|
||||
.ok_or_else(|| ModelError::EntityNotFound)?;
|
||||
users::Entity::find_by_id(session.user_id)
|
||||
.one(db)
|
||||
.await?
|
||||
.ok_or_else(|| ModelError::EntityNotFound)
|
||||
}
|
||||
|
||||
/// Find-or-create the local user for a verified OAuth2 profile.
|
||||
///
|
||||
/// Per security advisory LOC-2025-04, OAuth2-created accounts get a strong
|
||||
/// RANDOM password (never the provider `sub`) — they sign in via the
|
||||
/// provider, and the random secret just satisfies the NOT NULL column.
|
||||
/// Google has already verified the email, so we mark it verified.
|
||||
async fn upsert_with_oauth(
|
||||
db: &DatabaseConnection,
|
||||
profile: &OAuth2UserProfile,
|
||||
) -> ModelResult<Self> {
|
||||
let txn = db.begin().await?;
|
||||
let user = match users::Entity::find()
|
||||
.filter(users::Column::Email.eq(&profile.email))
|
||||
.one(&txn)
|
||||
.await?
|
||||
{
|
||||
Some(user) => user,
|
||||
None => {
|
||||
let password = PasswordGenerator::new()
|
||||
.length(16)
|
||||
.numbers(true)
|
||||
.lowercase_letters(true)
|
||||
.uppercase_letters(true)
|
||||
.symbols(true)
|
||||
.exclude_similar_characters(true)
|
||||
.strict(true)
|
||||
.generate_one()
|
||||
.map_err(|e| ModelError::Any(e.into()))?;
|
||||
let password_hash =
|
||||
hash::hash_password(&password).map_err(|e| ModelError::Any(e.into()))?;
|
||||
users::ActiveModel {
|
||||
email: ActiveValue::set(profile.email.to_string()),
|
||||
name: ActiveValue::set(profile.name.to_string()),
|
||||
email_verified_at: ActiveValue::set(Some(Local::now().into())),
|
||||
password: ActiveValue::set(password_hash),
|
||||
..Default::default()
|
||||
}
|
||||
.insert(&txn)
|
||||
.await
|
||||
.map_err(|e| {
|
||||
tracing::error!(error = %e, "failed to create OAuth2 user");
|
||||
ModelError::Any(e.into())
|
||||
})?
|
||||
}
|
||||
};
|
||||
txn.commit().await?;
|
||||
Ok(user)
|
||||
}
|
||||
|
||||
/// Required by the trait; mirrors the inherent [`Model::generate_jwt`]
|
||||
/// (inlined to avoid the inherent/trait name clash).
|
||||
fn generate_jwt(&self, secret: &str, expiration: &u64) -> ModelResult<String> {
|
||||
jwt::JWT::new(secret)
|
||||
.generate_token(*expiration, self.pid.to_string(), Map::new())
|
||||
.map_err(ModelError::from)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,3 +45,31 @@ pub async fn logged_in(ctx: &AppContext, jar: &CookieJar) -> bool {
|
||||
None => false,
|
||||
}
|
||||
}
|
||||
|
||||
/// Nav chrome for storefront pages, resolved in one DB lookup. A customer is any
|
||||
/// authenticated non-admin user; `customer_name`/`customer_account_type` are set
|
||||
/// only for such a customer (used by the navbar profile menu). Everything is the
|
||||
/// zero value for anonymous visitors and the name/type stay `None` for admins.
|
||||
#[derive(Debug, Default)]
|
||||
pub struct Chrome {
|
||||
pub logged_in_admin: bool,
|
||||
pub logged_in_customer: bool,
|
||||
pub customer_name: Option<String>,
|
||||
pub customer_account_type: Option<String>,
|
||||
}
|
||||
|
||||
pub async fn chrome(ctx: &AppContext, jar: &CookieJar) -> Chrome {
|
||||
match current_user(ctx, jar).await {
|
||||
Some(user) if is_admin(ctx, &user) => Chrome {
|
||||
logged_in_admin: true,
|
||||
..Default::default()
|
||||
},
|
||||
Some(user) => Chrome {
|
||||
logged_in_customer: true,
|
||||
customer_name: Some(user.name),
|
||||
customer_account_type: Some(user.account_type),
|
||||
..Default::default()
|
||||
},
|
||||
None => Chrome::default(),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,6 +30,11 @@ pub fn detail(order: &orders::Model, bank_iban: &str, bank_account_name: &str) -
|
||||
"email": order.email,
|
||||
"phone": order.phone,
|
||||
"customer_name": order.customer_name,
|
||||
"account_type": order.account_type,
|
||||
"company_name": order.company_name,
|
||||
"company_id": order.company_id,
|
||||
"tax_id": order.tax_id,
|
||||
"vat_id": order.vat_id,
|
||||
"status": order.status,
|
||||
"subtotal": format_price(order.total_cents - order.shipping_cents),
|
||||
"shipping": format_price(order.shipping_cents),
|
||||
|
||||
1
tests/mailer/mod.rs
Normal file
1
tests/mailer/mod.rs
Normal file
@@ -0,0 +1 @@
|
||||
mod smtp_send;
|
||||
104
tests/mailer/smtp_send.rs
Normal file
104
tests/mailer/smtp_send.rs
Normal file
@@ -0,0 +1,104 @@
|
||||
//! Real-SMTP smoke test.
|
||||
//!
|
||||
//! Sends an actual email through the live SMTP server using the real
|
||||
//! `AuthMailer` pipeline (config -> Loco mailer -> templates -> SMTP). The test
|
||||
//! PASSES when the SMTP server accepts the message (the send returns `Ok`);
|
||||
//! confirm real delivery by checking the recipient's inbox.
|
||||
//!
|
||||
//! It is `#[ignore]`d so it never runs in CI or a normal `cargo test` (it opens
|
||||
//! a real network connection, uses real credentials, and sends a real email).
|
||||
//! Run it explicitly, inside `nix develop` so `SMTP_PASSWORD` is present:
|
||||
//!
|
||||
//! ```sh
|
||||
//! nix develop -c cargo test --test mod -- --ignored mailer::smtp_send
|
||||
//! # optional: choose the recipient (defaults to the address below)
|
||||
//! MAILER_TEST_TO=you@example.com \
|
||||
//! nix develop -c cargo test --test mod -- --ignored mailer::smtp_send
|
||||
//! ```
|
||||
|
||||
use kompress_eshop::{
|
||||
app::App,
|
||||
mailers::auth::AuthMailer,
|
||||
models::users::{Model, RegisterParams},
|
||||
};
|
||||
use loco_rs::testing::prelude::*;
|
||||
use sea_orm::IntoActiveModel;
|
||||
use serial_test::serial;
|
||||
|
||||
// Non-secret production SMTP settings (mirror `.env`). The password is
|
||||
// intentionally NOT here: it is supplied at runtime via `SMTP_PASSWORD`
|
||||
// (direnv -> `pass`), and never committed.
|
||||
// Dial the name the TLS cert is actually valid for. `smtp.kompress.sk` is a
|
||||
// DNS alias for the same server (213.215.124.101) but the cert only lists
|
||||
// smtp.euronet.sk, so connecting via the alias fails certificate validation.
|
||||
const SMTP_HOST: &str = "smtp.euronet.sk";
|
||||
const SMTP_PORT: &str = "587";
|
||||
const SMTP_USER: &str = "kompres";
|
||||
const SMTP_SECURE: &str = "true";
|
||||
|
||||
// Where the test email is sent. Override with `MAILER_TEST_TO`.
|
||||
const DEFAULT_RECIPIENT: &str = "filippriec@tutanota.com";
|
||||
|
||||
#[tokio::test]
|
||||
#[serial]
|
||||
#[ignore = "sends a real email via live SMTP; run explicitly with --ignored"]
|
||||
async fn sends_real_email() {
|
||||
// The actual secret must come from the environment (direnv -> `pass`).
|
||||
// Fail loudly with guidance rather than silently sending nothing.
|
||||
let password = std::env::var("SMTP_PASSWORD").unwrap_or_default();
|
||||
assert!(
|
||||
!password.is_empty(),
|
||||
"SMTP_PASSWORD is not set. Run inside `nix develop` so direnv loads it from `pass`."
|
||||
);
|
||||
|
||||
let recipient =
|
||||
std::env::var("MAILER_TEST_TO").unwrap_or_else(|_| DEFAULT_RECIPIENT.to_string());
|
||||
|
||||
// Flip the booted context onto the real SMTP transport. `config/test.yaml`
|
||||
// reads these via `get_env` at boot. We deliberately do NOT load `.env`
|
||||
// here: it carries `DATABASE_URL`, and `test.yaml` has
|
||||
// `dangerously_recreate: true`, so loading it would recreate the real DB.
|
||||
// Leaving `DATABASE_URL` untouched keeps boot on the throwaway test DB.
|
||||
//
|
||||
// SAFETY: edition 2024 marks `set_var` as unsafe. This test is `#[serial]`,
|
||||
// so no other test mutates the process environment concurrently.
|
||||
unsafe {
|
||||
std::env::set_var("MAILER_STUB", "false");
|
||||
std::env::set_var("SMTP_ENABLE", "true");
|
||||
std::env::set_var("SMTP_HOST", SMTP_HOST);
|
||||
std::env::set_var("SMTP_PORT", SMTP_PORT);
|
||||
std::env::set_var("SMTP_USER", SMTP_USER);
|
||||
std::env::set_var("SMTP_SECURE", SMTP_SECURE);
|
||||
}
|
||||
|
||||
let boot = boot_test::<App>()
|
||||
.await
|
||||
.expect("Failed to boot test application");
|
||||
|
||||
// A real user whose address is the recipient, so `send_welcome` targets it.
|
||||
let user = Model::create_with_password(
|
||||
&boot.app_context.db,
|
||||
&RegisterParams {
|
||||
email: recipient.clone(),
|
||||
password: "smtp-smoke-test".to_string(),
|
||||
name: "SMTP smoke test".to_string(),
|
||||
account_type: Some("personal".to_string()),
|
||||
},
|
||||
)
|
||||
.await
|
||||
.expect("failed to create test user");
|
||||
|
||||
// Give the welcome email a realistic verification token/link.
|
||||
user.into_active_model()
|
||||
.set_email_verification_sent(&boot.app_context.db)
|
||||
.await
|
||||
.expect("failed to set email verification token");
|
||||
let user = Model::find_by_email(&boot.app_context.db, &recipient)
|
||||
.await
|
||||
.expect("failed to reload test user");
|
||||
|
||||
// The assertion: the live SMTP server must accept the message.
|
||||
AuthMailer::send_welcome(&boot.app_context, &user)
|
||||
.await
|
||||
.unwrap_or_else(|e| panic!("real SMTP send to {recipient} failed: {e:?}"));
|
||||
}
|
||||
@@ -1,3 +1,4 @@
|
||||
mod mailer;
|
||||
mod models;
|
||||
mod requests;
|
||||
mod tasks;
|
||||
|
||||
@@ -50,6 +50,7 @@ async fn can_create_with_password() {
|
||||
email: "test@framework.com".to_string(),
|
||||
password: "1234".to_string(),
|
||||
name: "framework".to_string(),
|
||||
account_type: Some("personal".to_string()),
|
||||
};
|
||||
|
||||
let res = Model::create_with_password(&boot.app_context.db, ¶ms).await;
|
||||
@@ -78,6 +79,7 @@ async fn handle_create_with_password_with_duplicate() {
|
||||
email: "user1@example.com".to_string(),
|
||||
password: "1234".to_string(),
|
||||
name: "framework".to_string(),
|
||||
account_type: Some("personal".to_string()),
|
||||
},
|
||||
)
|
||||
.await;
|
||||
|
||||
Reference in New Issue
Block a user