From 0d859d78a2f56936a59bbcd8beced2c056d2625a Mon Sep 17 00:00:00 2001
From: Lim Shi Song <limshisong123@gmail.com>
Date: Tue, 14 Jan 2025 00:30:21 +0800
Subject: [PATCH] Release: v1.0.6

---
 .github/workflows/releases.yml |  29 +++++++++
 package.json                   |   2 +-
 src-tauri/Cargo.lock           | 107 ++++++++++++++++++++++++++++++++-
 src-tauri/Cargo.toml           |   4 +-
 src-tauri/build.rs             |   8 ++-
 src-tauri/src/main.rs          |  10 ++-
 src-tauri/tauri.conf.json      |   5 +-
 src/lib/auth.js                |   7 +--
 src/lib/db.js                  |   2 +-
 src/lib/helper.js              |  33 ++++++++++
 src/routes/(admin)/+layout.js  |   4 +-
 src/routes/(authed)/+layout.js |  10 ++-
 src/routes/+layout.svelte      |  16 ++++-
 13 files changed, 212 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml
index b06d343..ee4a5a8 100644
--- a/.github/workflows/releases.yml
+++ b/.github/workflows/releases.yml
@@ -23,6 +23,9 @@ jobs:
             args: ''
 
     runs-on: ${{ matrix.settings.platform }}
+    env:
+      DB_USER: ${{ secrets.DB_USER }}
+      DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
     steps:
       - uses: actions/checkout@v4
 
@@ -71,6 +74,32 @@ jobs:
         # If you don't have `beforeBuildCommand` configured you may want to build your frontend here too.
         run: pnpm install # change this to npm or pnpm depending on which one you use.
 
+      - name: replace .env file (macos and linux only)  
+        if: matrix.settings.platform != 'windows-latest'
+        run: |
+          if [[ -n "${{ secrets.DB_USER }}" ]] && [[ -n "${{ secrets.DB_PASSWORD }}" ]]; then
+            sed -i 's/DATABASE_URL=mysql:\/\/root:@127.0.0.1:3306\/libraryroom/DATABASE_URL=mysql:\/\/${{ secrets.DB_USER }}:${{ secrets.DB_PASSWORD }}@127.0.0.1:3306\/libraryroom/g' "src-tauri/.env"
+          elif [[ -n "${{ secrets.DB_USER }}" ]]; then
+            sed -i 's/DATABASE_URL=mysql:\/\/root:@127.0.0.1:3306\/libraryroom/DATABASE_URL=mysql:\/\/${{ secrets.DB_USER }}:@127.0.0.1:3306\/libraryroom/g' "src-tauri/.env"
+          elif [[ -n "${{ secrets.DB_PASSWORD }}" ]]; then
+            sed -i 's/DATABASE_URL=mysql:\/\/root:@127.0.0.1:3306\/libraryroom/DATABASE_URL=mysql:\/\/root:${{ secrets.DB_PASSWORD }}@127.0.0.1:3306\/libraryroom/g' "src-tauri/.env"
+          fi
+
+      - name: replace .env file (windows only)
+        if: matrix.settings.platform == 'windows-latest'
+        run: |
+          $envContent = Get-Content src-tauri/.env
+          if ($env:DB_USER) {
+            if ($env:DB_PASSWORD) {
+              $envContent = $envContent -replace 'DATABASE_URL=mysql://root:@127.0.0.1:3306/libraryroom', "DATABASE_URL=mysql://$env:DB_USER:$env:DB_PASSWORD@127.0.0.1:3306/libraryroom"
+            } else {
+              $envContent = $envContent -replace 'DATABASE_URL=mysql://root:@127.0.0.1:3306/libraryroom', "DATABASE_URL=mysql://$env:DB_USER:@127.0.0.1:3306/libraryroom"
+            }
+          } elseif ($env:DB_PASSWORD) {
+            $envContent = $envContent -replace 'DATABASE_URL=mysql://root:@127.0.0.1:3306/libraryroom', "DATABASE_URL=mysql://root:$env:DB_PASSWORD@127.0.0.1:3306/libraryroom"
+          }
+          $envContent | Set-Content src-tauri/.env
+          
       - uses: tauri-apps/tauri-action@v0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/package.json b/package.json
index aefe8ee..72691c9 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "libraryroombookingsystem",
   "private": true,
-  "version": "1.0.5",
+  "version": "1.0.6",
   "type": "module",
   "scripts": {
     "dev": "vite",
diff --git a/src-tauri/Cargo.lock b/src-tauri/Cargo.lock
index d362c8c..18f9536 100644
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@@ -4,10 +4,11 @@ version = 3
 
 [[package]]
 name = "LibraryRoomBookingSystem"
-version = "1.0.5"
+version = "1.0.6"
 dependencies = [
  "chrono",
  "dotenvy",
+ "envcrypt",
  "jsonwebtoken",
  "serde",
  "serde_json",
@@ -31,6 +32,16 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"
 
+[[package]]
+name = "aead"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d122413f284cf2d62fb1b7db97e02edb8cda96d769b16e443a4f6195e35662b0"
+dependencies = [
+ "crypto-common",
+ "generic-array",
+]
+
 [[package]]
 name = "ahash"
 version = "0.8.11"
@@ -340,6 +351,30 @@ version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
+[[package]]
+name = "chacha20"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3613f74bd2eac03dad61bd53dbe620703d4371614fe0bc3b9f04dd36fe4e818"
+dependencies = [
+ "cfg-if",
+ "cipher",
+ "cpufeatures",
+]
+
+[[package]]
+name = "chacha20poly1305"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "10cd79432192d1c0f4e1a0fef9527696cc039165d729fb41b3f4f4f354c2dc35"
+dependencies = [
+ "aead",
+ "chacha20",
+ "cipher",
+ "poly1305",
+ "zeroize",
+]
+
 [[package]]
 name = "chrono"
 version = "0.4.38"
@@ -355,6 +390,17 @@ dependencies = [
  "windows-targets 0.52.5",
 ]
 
+[[package]]
+name = "cipher"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
+dependencies = [
+ "crypto-common",
+ "inout",
+ "zeroize",
+]
+
 [[package]]
 name = "cocoa"
 version = "0.24.1"
@@ -536,6 +582,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
 dependencies = [
  "generic-array",
+ "rand_core 0.6.4",
  "typenum",
 ]
 
@@ -749,6 +796,28 @@ dependencies = [
  "cfg-if",
 ]
 
+[[package]]
+name = "envcrypt"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6e5cd13693829e7659d44b8ed8e00d57fe069139b7e403e0b221bd60004857e"
+dependencies = [
+ "chacha20poly1305",
+ "envcrypt-macro",
+]
+
+[[package]]
+name = "envcrypt-macro"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4133614f4dd40b8d48777a810b199d545005df184204d6c9a574e5ccd3d442df"
+dependencies = [
+ "chacha20poly1305",
+ "proc-macro-error",
+ "proc-macro2",
+ "quote",
+]
+
 [[package]]
 name = "equivalent"
 version = "1.0.1"
@@ -1499,6 +1568,15 @@ dependencies = [
  "cfb",
 ]
 
+[[package]]
+name = "inout"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "instant"
 version = "0.1.12"
@@ -1999,6 +2077,12 @@ version = "1.19.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
 
+[[package]]
+name = "opaque-debug"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
+
 [[package]]
 name = "open"
 version = "3.2.0"
@@ -2300,6 +2384,17 @@ dependencies = [
  "miniz_oxide",
 ]
 
+[[package]]
+name = "poly1305"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8159bd90725d2df49889a078b54f4f79e87f1f8a8444194cdca81d38f5393abf"
+dependencies = [
+ "cpufeatures",
+ "opaque-debug",
+ "universal-hash",
+]
+
 [[package]]
 name = "powerfmt"
 version = "0.2.0"
@@ -3886,6 +3981,16 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "39ec24b3121d976906ece63c9daad25b85969647682eee313cb5779fdd69e14e"
 
+[[package]]
+name = "universal-hash"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fc1de2c688dc15305988b563c3854064043356019f97a4b46276fe734c4f07ea"
+dependencies = [
+ "crypto-common",
+ "subtle",
+]
+
 [[package]]
 name = "untrusted"
 version = "0.9.0"
diff --git a/src-tauri/Cargo.toml b/src-tauri/Cargo.toml
index 70f412b..922d7d9 100644
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "LibraryRoomBookingSystem"
-version = "1.0.5"
+version = "1.0.6"
 description = "A Library Room Booking System built with Tauri and Rust"
 authors = ["Lim Shi Song limshisong123@gmail.com"]
 edition = "2021"
@@ -9,6 +9,7 @@ edition = "2021"
 
 [build-dependencies]
 tauri-build = { version = "1", features = [] }
+dotenvy = "0.15.7"
 
 [dependencies]
 tauri = { version = "1", features = ["shell-open"] }
@@ -17,6 +18,7 @@ jsonwebtoken = "9"
 serde_json = "1"
 dotenvy = "0.15.7"
 chrono = "0.4.38"
+envcrypt = "0.5.0"
 
 [dependencies.tauri-plugin-sql]
 git = "https://github.com/tauri-apps/plugins-workspace"
diff --git a/src-tauri/build.rs b/src-tauri/build.rs
index d860e1e..036223a 100644
--- a/src-tauri/build.rs
+++ b/src-tauri/build.rs
@@ -1,3 +1,9 @@
 fn main() {
-    tauri_build::build()
+    println!("cargo:rerun-if-changed=.env");
+
+    for item in dotenvy::dotenv_iter().unwrap() {
+      let (key, value) = item.unwrap();
+      println!("cargo:rustc-env={key}={value}");
+    }
+    tauri_build::build();
 }
diff --git a/src-tauri/src/main.rs b/src-tauri/src/main.rs
index e56d616..f4dc489 100644
--- a/src-tauri/src/main.rs
+++ b/src-tauri/src/main.rs
@@ -3,6 +3,7 @@
 
 mod models;
 
+use envcrypt::envc;
 use jsonwebtoken::{
     decode, encode, get_current_timestamp, Algorithm, DecodingKey, EncodingKey, Header, Validation,
 };
@@ -12,7 +13,7 @@ use models::{User, UserForm, UserToken};
 #[tauri::command]
 fn login(user: UserForm) -> UserToken {
     let iat = get_current_timestamp() as usize;
-    let exp = iat + 2 * 60 * 60;
+    let exp = iat + 5;
     let user_data = User {
         id: user.user_id,
         username: user.username.clone(),
@@ -60,10 +61,15 @@ fn get_env(key: &str) -> Result<String, String> {
     }
 }
 
+#[tauri::command]
+fn get_db_url() -> Result<String, String> {
+    Ok(envc!("DATABASE_URL").to_string())
+}
+
 fn main() {
     tauri::Builder::default()
         .plugin(tauri_plugin_sql::Builder::default().build())
-        .invoke_handler(tauri::generate_handler![login, get_env, check_auth])
+        .invoke_handler(tauri::generate_handler![login, get_env, check_auth, get_db_url])
         .run(tauri::generate_context!())
         .expect("error while running tauri application");
 }
diff --git a/src-tauri/tauri.conf.json b/src-tauri/tauri.conf.json
index 742c020..69ab86a 100644
--- a/src-tauri/tauri.conf.json
+++ b/src-tauri/tauri.conf.json
@@ -7,7 +7,7 @@
   },
   "package": {
     "productName": "LibraryRoomBookingSystem",
-    "version": "1.0.5"
+    "version": "1.0.6"
   },
   "tauri": {
     "allowlist": {
@@ -31,9 +31,6 @@
       "active": true,
       "targets": "all",
       "identifier": "com.library-room-booking-system.app",
-      "resources": [
-        ".env"
-      ],
       "icon": [
         "icons/32x32.png",
         "icons/128x128.png",
diff --git a/src/lib/auth.js b/src/lib/auth.js
index f600171..0560118 100644
--- a/src/lib/auth.js
+++ b/src/lib/auth.js
@@ -1,9 +1,9 @@
 import { invoke } from "@tauri-apps/api/tauri";
 import { goto } from "$app/navigation";
 import { hashPassword, verify } from "./crypto/hashing";
-import Cookies from "js-cookie";
 import { getDB } from "./db";
 import { getUserByEmail } from "./models/user";
+import { setItem } from "./helper";
 
 export async function login(email, password, usertype, link) {
     let user = await getUserByEmail(email, usertype);
@@ -17,9 +17,8 @@ export async function login(email, password, usertype, link) {
     let token = await invoke("login", {
         user,
     });
-
-    let expiredDate = new Date(token.exp * 1000);
-    Cookies.set("token", token.token, { expires: expiredDate });
+    console.log(token);
+    setItem("token", token.token, token.exp);
     goto(link);
 };
 
diff --git a/src/lib/db.js b/src/lib/db.js
index cd3af20..c65b323 100644
--- a/src/lib/db.js
+++ b/src/lib/db.js
@@ -2,6 +2,6 @@ import Database from "tauri-plugin-sql-api";
 import { invoke } from "@tauri-apps/api/tauri";
 
 export async function getDB() {
-    let dbUrl = await invoke("get_env", { key: "DATABASE_URL" });
+    let dbUrl = await invoke("get_db_url");
     return await Database.load(dbUrl);
 }
\ No newline at end of file
diff --git a/src/lib/helper.js b/src/lib/helper.js
index ff1b838..c67dc05 100644
--- a/src/lib/helper.js
+++ b/src/lib/helper.js
@@ -178,4 +178,37 @@ export function isNoRoomNumber(roomName) {
         return getRoomType().find(room => room.name === roomName).price === 0;
     }
     return false;
+}
+
+/**
+ * @param {String} key
+ * @param {String} value
+ * @param {Number} maxAge
+ */
+export function setItem(key, value, maxAge = 30 * 30 * 60) {
+    maxAge = maxAge * 1000;
+    let result = {
+        data: value
+    }
+
+    if (maxAge) {
+        result.expireTime = maxAge;
+    }
+    window.localStorage.setItem(key, JSON.stringify(result));
+}
+
+/**
+ * @param {String} key
+ * @returns
+ */
+export function getItem(key) {
+    let result = JSON.parse(window.localStorage.getItem(key));
+    if (result) {
+        if (result.expireTime <= Date.now()) {
+            window.localStorage.removeItem(key);
+            return null;
+        }
+        return result.data;
+    }
+    return null;
 }
\ No newline at end of file
diff --git a/src/routes/(admin)/+layout.js b/src/routes/(admin)/+layout.js
index 2c81329..36b3d47 100644
--- a/src/routes/(admin)/+layout.js
+++ b/src/routes/(admin)/+layout.js
@@ -1,14 +1,14 @@
 export const prerender = true
 export const ssr = false
 
-import Cookies from 'js-cookie';
 import { error } from '@sveltejs/kit';
 import { invoke } from '@tauri-apps/api/tauri';
 import { user } from '$lib/store';
 import { get } from 'svelte/store';
+import { getItem } from '$lib/helper';
 
 export async function load() {
-    let token = Cookies.get('token');
+    let token = getItem('token');
     if (!token) return error(403, 'You are not logged in or your session has expired');
     user.set(await invoke('check_auth', { token }));
     if (get(user).usertype != 'admin') {
diff --git a/src/routes/(authed)/+layout.js b/src/routes/(authed)/+layout.js
index 217dbc1..fff791a 100644
--- a/src/routes/(authed)/+layout.js
+++ b/src/routes/(authed)/+layout.js
@@ -1,15 +1,13 @@
 export const prerender = true
 export const ssr = false
 
-import Cookies from 'js-cookie';
-import { redirect } from '@sveltejs/kit';
 import { invoke } from '@tauri-apps/api/tauri';
 import { user } from '$lib/store';
+import { getItem } from '$lib/helper';
+import { error } from '@sveltejs/kit';
 
 export async function load() {
-    let token = Cookies.get('token');
-    if (!token) {
-        return redirect(301, '/');
-    }
+    let token = getItem('token');
+    if (!token) return error(403, 'You are not logged in or your session has expired');
     user.set(await invoke('check_auth', { token }));
 }
\ No newline at end of file
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 6826a45..23db705 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -1,11 +1,11 @@
 <script>
   import { theme } from "$lib/store";
   import { Styles } from "@sveltestrap/sveltestrap";
-  import { onNavigate } from "$app/navigation";
+  import { beforeNavigate, goto, invalidateAll, onNavigate } from "$app/navigation";
+    import { getItem } from "$lib/helper";
 
   onNavigate((navigation) => {
     if (!document.startViewTransition) return;
-
     return new Promise((resolve) => {
       document.startViewTransition(async () => {
         resolve();
@@ -13,6 +13,18 @@
       });
     });
   });
+  beforeNavigate((navigation) => {
+    if (
+      navigation.to.route.id.includes("(authed)") ||
+      navigation.to.route.id.includes("(admin)")
+    ) {
+      let token = getItem("token");
+      if (!token){
+        navigation.cancel();
+        return invalidateAll();
+      } 
+    }
+  });
 </script>
 
 <Styles theme={$theme} />