Add 403 page

2025-05-05 20:23:20 +00:00 · 2025-04-20 12:56:14 -05:00 · 2025-04-20 12:56:14 -05:00 · 2f6c729dc3
commit 2f6c729dc3
parent 4693a6c599
4 changed files with 49 additions and 2 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -152,11 +152,14 @@ async fn rocket() -> _ {
            ui::help::about,
            ui::help::test_get
        ])
+        .mount("/admin", routes![
+            ui::admin::index
+        ])
        .register("/api", catchers![
            not_found_api,
        ])
        .register("/", catchers![
-            not_found, not_authorized
+            not_found, not_authorized, forbidden
        ])
 }

@ -166,6 +169,13 @@ pub fn not_authorized(req: &Request) -> Redirect {
    Redirect::to(format!("/auth/login?return_to={}", req.uri().path().percent_encode()))
 }

+#[catch(403)]
+pub fn forbidden(req: &Request) -> Template {
+   Template::render("errors/403", context! {
+
+   })
+}
+
 #[catch(404)]
 fn not_found(req: &Request) -> Template {
    Template::render("errors/404", context! {
--- a/src/routes/ui.rs
+++ b/src/routes/ui.rs
@ -1,3 +1,4 @@
 pub mod user;
 pub mod help;
 pub(crate) mod auth;
+pub mod admin;
--- a/src/routes/ui/admin.rs
+++ b/src/routes/ui/admin.rs
@ -0,0 +1,10 @@
+use rocket::{get, Route};
+use rocket::http::Status;
+use rocket::response::status;
+use rocket_dyn_templates::{context, Template};
+use crate::guards::AuthUser;
+
+#[get("/")]
+pub async fn index(user: AuthUser, route: &Route) -> Status {
+    Status::Forbidden
+}
--- a/templates/errors/403.html.hbs
+++ b/templates/errors/403.html.hbs
@ -0,0 +1,26 @@
+{{#> layouts/default body-class="has-background-white-ter login-bg" }}
+    <br><br>
+    <div class="container py-6" style="width:20%"> <!-- TODO: fix width on mobile -->
+        <h1 class="title is-1 has-text-centered">storage-app</h1>
+        <div class="box is-radiusless">
+            <h4 class="title is-4 has-text-centered">403 Forbidden</h4>
+            <p>You do not have permission to view the resource at <code></code></p>
+
+            <br>
+            <!-- Hide go back unless javascript enabled -->
+            <p><span id="backlink" style="display:none"><a href="">Go Back</a> | </span><a href="/">Return home</a></p>
+        </div>
+    </div>
+{{/layouts/default}}
+
+<script>
+// Enable 'go back' link:
+const element = document.querySelector('#backlink');
+element.style.display = "inline"
+const elementLink = document.querySelector('#backlink a');
+elementLink.setAttribute('href', document.referrer);
+elementLink.onclick = function() {
+    history.back();
+    return false;
+}
+</script>