import Fluent import Leaf import Vapor struct ViewController: RouteCollection { private let api = ApiController() func boot(routes: any RoutesBuilder) throws { let protected = routes.grouped(User.credentialsAuthenticator(), User.redirectMiddleware(path: "login")) let login = routes.grouped("login") let employees = protected.grouped("employees") // MARK: - Non-protected routes. routes.get(use: index(req:)) login.get(use: getLogin(req:)) login.post(use: postLogin(req:)) routes.post("logout", use: logout(req:)) // MARK: Protected routes. protected.get("home", use: home(req:)) protected.get("users", use: users(req:)) employees.get(use: employees(req:)) employees.post(use: postEmployeeForm(req:)) employees.group(":employeeID") { $0.delete(use: deleteEmployee(req:)) $0.post("toggle-active", use: toggleActiveEmployee(req:)) } } @Sendable func index(req: Request) async throws -> View { try await req.view.render("index") } @Sendable func getLogin(req: Request) async throws -> View { try await req.view.render("login") } @Sendable func postLogin(req: Request) async throws -> View { let content = try req.content.decode(UserForm.self) guard let user = try await User.query(on: req.db) .filter(\.$username == content.username) .first() else { throw Abort(.badRequest, reason: "User not found.") } guard try user.verify(password: content.password) else { throw Abort(.unauthorized, reason: "Invalid password.") } req.auth.login(user) req.logger.debug("User logged in: \(user.toDTO())") return try await req.view.render("home") } @Sendable func logout(req: Request) async throws -> View { req.auth.logout(User.self) return try await req.view.render("login") } @Sendable func home(req: Request) async throws -> View { try await req.view.render("home") } @Sendable func users(req: Request) async throws -> View { let users = try await api.usersIndex(req: req) return try await req.view.render("users", ["users": users]) } @Sendable func employees(req: Request) async throws -> View { let employees = try await api.getSortedEmployees(req: req) return try await req.view.render("employees", ["employees": employees]) } @Sendable func postEmployeeForm(req: Request) async throws -> View { _ = try await api.createEmployee(req: req) let employees = try await api.getSortedEmployees(req: req) return try await req.view.render("employee-table", ["employees": employees]) } @Sendable func toggleActiveEmployee(req: Request) async throws -> View { guard let employee = try await Employee.find(req.parameters.get("employeeID"), on: req.db) else { throw Abort(.notFound) } employee.active.toggle() try await employee.save(on: req.db) let employees = try await api.getSortedEmployees(req: req) return try await req.view.render("employee-table", ["employees": employees]) } @Sendable func deleteEmployee(req: Request) async throws -> View { _ = try await api.deleteEmployee(req: req) let employees = try await api.getSortedEmployees(req: req) return try await req.view.render("employee-table", ["employees": employees]) } } private struct UserForm: Content { let username: String let password: String } private extension ApiController { func getSortedEmployees(req: Request) async throws -> [Employee.DTO] { var employees = try await employeesIndex(req: req) employees.sort { ($0.active ?? false) && !($1.active ?? false) } employees.sort { ($0.lastName ?? "") < ($1.lastName ?? "") } return employees } }