mpuchstein/tutortool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(attendance): propagate cookie header errors, guard missing room in checkin

Browse Source
This commit is contained in:
Matthias Puchstein
2026-04-28 03:55:54 +02:00
parent 116de5aead
commit e3561b731d
1 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
backend/src/routes/checkin.rs
View File

@@ -1,6 +1,6 @@
use axum::{
extract::{Path, State},
http::{HeaderMap, HeaderValue, StatusCode},
http::{HeaderMap, StatusCode},
response::{IntoResponse, Response},
routing::{get, post},
Json, Router,
@@ -197,15 +197,14 @@ async fn post_checkin(
.fetch_optional(&pool)
.await?;
if let Some(r) = room {
let elements: Vec<LayoutElement> = serde_json::from_str(&r.layout_json)
.unwrap_or_default();
let valid = elements
.iter()
.any(|e| &e.id == seat_id && e.kind == "seat");
if !valid {
return Err(AppError::BadRequest("invalid seat".into()));
}
let room_row = room.ok_or(AppError::NotFound)?;
let elements: Vec<LayoutElement> = serde_json::from_str(&room_row.layout_json)
.unwrap_or_default();
let valid = elements
.iter()
.any(|e| &e.id == seat_id && e.kind == "seat");
if !valid {
return Err(AppError::BadRequest("invalid seat".into()));
}
}
(None, None) => {}
@@ -265,7 +264,7 @@ async fn post_checkin(
"code": req.code,
"student_id": req.student_id,
}))
.unwrap()
.expect("serializing static json shape is infallible")
.replace('"', "%22");
let cookie_val = format!(
@@ -273,11 +272,10 @@ async fn post_checkin(
identity_json
);
let header_val = axum::http::HeaderValue::from_str(&cookie_val)
.map_err(|_| AppError::BadRequest("invalid cookie value".into()))?;
let mut response = Json(json!({"ok": true})).into_response();
response.headers_mut().insert(
axum::http::header::SET_COOKIE,
HeaderValue::from_str(&cookie_val).unwrap(),
);
response.headers_mut().insert(axum::http::header::SET_COOKIE, header_val);
Ok(response)
}