🐛 Fixes CORS and creating triggers

2025-10-30 10:45:24 +01:00
parent 0717f1694f
commit 7f03d83f72
4 changed files with 67 additions and 11 deletions
--- a/src/api/image.rs
+++ b/src/api/image.rs
@@ -52,8 +52,8 @@ pub async fn get(id: &str, meta: ReqMeta, state: &State<AppState>) -> Result<Nam
        None => return Err(Status::BadRequest),
    };

-    let mut tracker: Option<Tracker> = None;
-    let mut result: Option<QueryResult<usize>> = None;
+    let tracker: Option<Tracker>;
+    let result: Option<QueryResult<usize>>;
    let now = Utc::now().naive_utc();

    {
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -1,6 +1,7 @@
-use rocket::Request;
-use rocket::http::Status;
+use rocket::fairing::{Fairing, Info, Kind};
+use rocket::http::{Header, Status};
 use rocket::request::{FromRequest, Outcome};
+use rocket::{Request, Response};
 use std::env;

 pub struct Authenticated;
@@ -22,3 +23,25 @@ impl<'r> FromRequest<'r> for Authenticated {
        }
    }
 }
+
+pub struct CORS;
+
+#[rocket::async_trait]
+impl Fairing for CORS {
+    fn info(&self) -> Info {
+        Info {
+            name: "Add CORS headers to responses",
+            kind: Kind::Response,
+        }
+    }
+
+    async fn on_response<'r>(&self, _request: &'r Request<'_>, response: &mut Response<'r>) {
+        response.set_header(Header::new("Access-Control-Allow-Origin", "*"));
+        response.set_header(Header::new(
+            "Access-Control-Allow-Methods",
+            "GET, POST, DELETE, OPTIONS",
+        ));
+        response.set_header(Header::new("Access-Control-Allow-Headers", "*"));
+        response.set_header(Header::new("Access-Control-Allow-Credentials", "true"));
+    }
+}
--- a/src/main.rs
+++ b/src/main.rs
@@ -7,6 +7,7 @@ mod schema;
 use crate::api::hit;
 use crate::api::image;
 use crate::api::tracker;
+use crate::auth::CORS;
 use crate::models::{AppState, GotifyState};
 use chrono::Local;
 use diesel::{Connection, PgConnection};
@@ -68,13 +69,18 @@ fn rocket() -> _ {
        .expect(&format!("Error connecting to {}", database_url));

    let gotify_data = GotifyState {
-        url: gotify_url,
+        url: gotify_url.clone(),
        token: gotify_token,
-        enabled: gotify_enabled
+        enabled: gotify_enabled,
    };
+    if gotify_enabled {
+        info!("Gotify alerts enabled with url {}", gotify_url);
+    }
+
    let app_data = AppState::new(db, static_dir, gotify_data);
    rocket::build()
        .manage(app_data)
+        .attach(CORS {})
        .mount("/", routes![index])
        .mount(
            "/tracker",
--- a/static/index.html
+++ b/static/index.html
@@ -162,7 +162,7 @@
 <div class="container">
    <h1>Setra</h1>

-    <form class="create-form">
+    <form onsubmit="createTrigger(event)" class="create-form">
        <label for="name-input">Name:</label>
        <input id="name-input" type="text">

@@ -174,7 +174,6 @@
            <th>ID</th>
            <th>Name</th>
            <th>Created at</th>
-            <th></th>
        </tr>
    </table>

@@ -190,7 +189,7 @@
    </table>

    <div class="dialog" id="dialog">
-        <form onsubmit="saveAPIKey(Event)">
+        <form onsubmit="saveAPIKey(event)">
            <label for="api-key-input">API key:</label>
            <input id="api-key-input" type="password">

@@ -221,13 +220,20 @@
            return;
        }

-        fetch("http://localhost:8000/tracker", {
+        fetch(`${window.location.origin}/tracker`, {
            method: "GET",
            headers: {
                Authorization: apiKey,
            }
        }).then((res) => {
            res.json().then((trackers) => {
+                document.getElementById("tracker-table").innerHTML = `
+                <tr>
+                    <th>ID</th>
+                    <th>Name</th>
+                    <th>Created at</th>
+                </tr>`;
+
                trackers.forEach((tracker) => {
                    document.getElementById("tracker-table").innerHTML += `
                    <tr>
@@ -255,7 +261,7 @@
            return;
        }

-        fetch(`http://localhost:8000/tracker/${id}/hits`, {
+        fetch(`${window.location.origin}/tracker/${id}/hits`, {
            method: "GET",
            headers: {
                Authorization: apiKey,
@@ -286,6 +292,27 @@
        }).catch((err) => alert(`Couldn't fetch hits: ${err}`));
    }

+    function createTrigger(event) {
+        event.preventDefault();
+        const apiKey = localStorage.getItem("api-key");
+        if (!apiKey) {
+            return;
+        }
+
+        const name = document.getElementById("name-input").value;
+        fetch(`${window.location.origin}/tracker`, {
+            method: "POST",
+            body: JSON.stringify({name: name}),
+            headers: {
+                Authorization: apiKey,
+                "Content-Type": "application/json",
+            }
+        }).then(async (res) => {
+            console.log(await res.text());
+            loadTriggers();
+        }).catch((err) => alert(`Couldn't create trigger: ${err}`));
+    }
+
    function copyLink(id) {
        navigator.clipboard.writeText(`http://localhost:8000/image/${id}`).catch((err) => alert(`Couldn't copy: ${err}`));
    }