From 721b1963a1cdfb7fd3495c7e7a512bfe127c3b57 Mon Sep 17 00:00:00 2001
From: L-Nafaryus <l.nafaryus@gmail.com>
Date: Fri, 15 Mar 2024 19:21:13 +0500
Subject: [PATCH] partially correct cors, cookies works

---
 crates/frontend/build.rs                 | 13 +++++++++++++
 crates/frontend/src/components/Login.vue | 10 +++++-----
 crates/frontend/src/main.ts              |  1 +
 src/api/v1/mod.rs                        |  6 ++++--
 src/main.rs                              |  8 ++++----
 5 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/crates/frontend/build.rs b/crates/frontend/build.rs
index 12910f1..cacb5ef 100644
--- a/crates/frontend/build.rs
+++ b/crates/frontend/build.rs
@@ -1,8 +1,21 @@
 use npm_rs::*;
+use std::{fs, io};
 
 fn main() {
     // TODO: add cargo:rerun-if-changed for important files
 
+    let paths = fs::read_dir(".")
+        .unwrap()
+        .filter(|entry| entry.is_ok())
+        .map(|file| file.map(|e| e.path()))
+        .collect::<Result<Vec<_>, io::Error>>()
+        .unwrap();
+
+    /*for path in paths {
+        println!("cargo:rerun-if-changed={}", path.to_str().unwrap());
+    }*/
+    //println!("cargo:rerun-if-changed=src/main.ts");
+
     NpmEnv::default()
         .with_node_env(&NodeEnv::from_cargo_profile().unwrap_or_default())
         .with_env("FOO", "bar")
diff --git a/crates/frontend/src/components/Login.vue b/crates/frontend/src/components/Login.vue
index 75af912..5ad0ae3 100644
--- a/crates/frontend/src/components/Login.vue
+++ b/crates/frontend/src/components/Login.vue
@@ -4,22 +4,22 @@ const password = defineModel("password")
 
 async function login() {
     const response = await fetch(
-        "http://localhost:54600/api/v1/login_user",
+        "http://0.0.0.0:54600/api/v1/login_user",
         {
             method: "POST",
             headers: {
                 //Accept: 'application/json',
                 "Content-Type": "application/json",
+                //"Access-Control-Allow-Origin": "http://0.0.0.0"
             },
-            credentials: "same-origin",
+            credentials: "include",
             mode: "cors",
             body: JSON.stringify({ email: email.value, password: password.value })
         }
     );
 
-    console.log(response.headers.getSetCookie());
-    const data = await response.json();
-    console.log(data);
+    let { status, token } = await response.json();
+    console.log(status);
 }
 </script>
 
diff --git a/crates/frontend/src/main.ts b/crates/frontend/src/main.ts
index d340a9d..0b7c95f 100644
--- a/crates/frontend/src/main.ts
+++ b/crates/frontend/src/main.ts
@@ -2,5 +2,6 @@ import { createApp } from 'vue'
 import App from './App.vue'
 import './assets/style.css'
 
+
 const app = createApp(App)
 app.mount('#app')
diff --git a/src/api/v1/mod.rs b/src/api/v1/mod.rs
index b9a7663..82bcf27 100644
--- a/src/api/v1/mod.rs
+++ b/src/api/v1/mod.rs
@@ -173,7 +173,8 @@ pub async fn login_user(
     let cookie = Cookie::build(("token", token.to_owned()))
         .path("/")
         .max_age(time::Duration::hours(1))
-        .same_site(SameSite::Lax)
+        .same_site(SameSite::None)
+        .secure(true)
         .http_only(true);
 
     let mut response =
@@ -189,7 +190,8 @@ pub async fn logout_user() -> Result<impl IntoResponse, (StatusCode, Json<serde_
     let cookie = Cookie::build(("token", ""))
         .path("/")
         .max_age(time::Duration::hours(-1))
-        .same_site(SameSite::Lax)
+        .same_site(SameSite::None)
+        .secure(true)
         .http_only(true);
 
     let mut response = Response::new(serde_json::json!({"status": "success"}).to_string());
diff --git a/src/main.rs b/src/main.rs
index 4d2ea16..6c20a1a 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -64,10 +64,10 @@ async fn main() {
     let lister = tokio::net::TcpListener::bind(&address).await.unwrap();
 
     let cors = CorsLayer::new()
-        .allow_methods([Method::GET, Method::POST])
-        .allow_headers(Any) //vec![ORIGIN, AUTHORIZATION, ACCEPT])
-        .allow_origin(Any);
-    //.allow_credentials(true); //"http://localhost:5173".parse::<HeaderValue>().unwrap());
+        .allow_methods([Method::GET, Method::POST, Method::OPTIONS])
+        .allow_headers(vec![ORIGIN, AUTHORIZATION, ACCEPT, CONTENT_TYPE])
+        .allow_origin("http://0.0.0.0:54600".parse::<HeaderValue>().unwrap()) //Any)
+        .allow_credentials(true); //"http://localhost:5173".parse::<HeaderValue>().unwrap());
 
     let app = Router::new()
         .route("/", get(home))