zerox80
diff --git a/‎1_backend-test.txt‎
Lines changed: 3251 additions & 0 deletions b/‎1_backend-test.txt‎
Lines changed: 3251 additions & 0 deletions
diff --git a/‎2_frontend-test.txt‎
Lines changed: 342 additions & 0 deletions b/‎2_frontend-test.txt‎
Lines changed: 342 additions & 0 deletions
diff --git a/‎backend/src/auth.rs‎
Lines changed: 33 additions & 27 deletions b/‎backend/src/auth.rs‎
Lines changed: 33 additions & 27 deletions
diff --git a/‎backend/src/bin/export_content.rs‎
Lines changed: 0 additions & 4 deletions b/‎backend/src/bin/export_content.rs‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎backend/src/bin/import_content.rs‎
Lines changed: 0 additions & 14 deletions b/‎backend/src/bin/import_content.rs‎
Lines changed: 0 additions & 14 deletions
diff --git a/‎backend/src/db.rs‎
Lines changed: 18 additions & 37 deletions b/‎backend/src/db.rs‎
Lines changed: 18 additions & 37 deletions
diff --git a/‎backend/src/handlers/auth.rs‎
Lines changed: 7 additions & 3 deletions b/‎backend/src/handlers/auth.rs‎
Lines changed: 7 additions & 3 deletions
@@ -19,23 +19,23 @@
 //! ```
 
 use axum::{
+    extract::FromRef,
     extract::FromRequestParts,
     http::{
         header::{AUTHORIZATION, SET_COOKIE},
         request::Parts,
         HeaderMap, HeaderValue, StatusCode,
     },
     Json,
-    extract::FromRef,
 };
 use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
 use chrono::{Duration, Utc};
 use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation};
-use std::sync::LazyLock;
 use serde::{Deserialize, Serialize};
-use std::sync::OnceLock;
 use std::collections::HashSet;
 use std::env;
+use std::sync::LazyLock;
+use std::sync::OnceLock;
 use time::{Duration as TimeDuration, OffsetDateTime};
 
 use crate::db::{self, DbPool};
@@ -46,9 +46,8 @@ pub static JWT_SECRET: OnceLock<String> = OnceLock::new();
 
 /// Global storage for the JWT decoding key.
 /// Derived from JWT_SECRET once it's initialized.
-pub static DECODING_KEY: LazyLock<DecodingKey> = LazyLock::new(|| {
-    DecodingKey::from_secret(get_jwt_secret().as_bytes())
-});
+pub static DECODING_KEY: LazyLock<DecodingKey> =
+    LazyLock::new(|| DecodingKey::from_secret(get_jwt_secret().as_bytes()));
 
 /// List of known placeholder secrets that must not be used in production.
 /// These are common defaults found in example configurations.
@@ -391,18 +390,22 @@ where
 
         // Check if token is blacklisted
         let pool = DbPool::from_ref(state);
-        let is_blacklisted = crate::repositories::token_blacklist::is_token_blacklisted(&pool, &token)
-            .await
-            .map_err(|e| {
-                tracing::error!("Database error checking token blacklist: {}", e);
-                (
-                    StatusCode::INTERNAL_SERVER_ERROR,
-                    "Internal server error".to_string(),
-                )
-            })?;
+        let is_blacklisted =
+            crate::repositories::token_blacklist::is_token_blacklisted(&pool, &token)
+                .await
+                .map_err(|e| {
+                    tracing::error!("Database error checking token blacklist: {}", e);
+                    (
+                        StatusCode::INTERNAL_SERVER_ERROR,
+                        "Internal server error".to_string(),
+                    )
+                })?;
 
         if is_blacklisted {
-            return Err((StatusCode::UNAUTHORIZED, "Token has been revoked".to_string()));
+            return Err((
+                StatusCode::UNAUTHORIZED,
+                "Token has been revoked".to_string(),
+            ));
         }
 
         Ok(claims)
@@ -563,7 +566,6 @@ fn parse_bearer_token(value: &str) -> Option<String> {
     None
 }
 
-
 /// Optional Claims extractor for endpoints that support both authenticated and anonymous access.
 ///
 /// If a valid token is provided, it extracts the claims.
@@ -596,18 +598,22 @@ where
 
         // Check if token is blacklisted
         let pool = DbPool::from_ref(state);
-        let is_blacklisted = crate::repositories::token_blacklist::is_token_blacklisted(&pool, &token)
-            .await
-            .map_err(|e| {
-                tracing::error!("Database error checking token blacklist: {}", e);
-                (
-                    StatusCode::INTERNAL_SERVER_ERROR,
-                    "Internal server error".to_string(),
-                )
-            })?;
+        let is_blacklisted =
+            crate::repositories::token_blacklist::is_token_blacklisted(&pool, &token)
+                .await
+                .map_err(|e| {
+                    tracing::error!("Database error checking token blacklist: {}", e);
+                    (
+                        StatusCode::INTERNAL_SERVER_ERROR,
+                        "Internal server error".to_string(),
+                    )
+                })?;
 
         if is_blacklisted {
-            return Err((StatusCode::UNAUTHORIZED, "Token has been revoked".to_string()));
+            return Err((
+                StatusCode::UNAUTHORIZED,
+                "Token has been revoked".to_string(),
+            ));
         }
 
         Ok(OptionalClaims(Some(claims)))
 
@@ -1,5 +1,3 @@
-
-
 /**
  * Content Export Utility
  *
@@ -32,7 +30,6 @@
  * - Handles database errors safely
  * - Uses proper error handling for file operations
  */
-
 use std::{env, fs, path::Path};
 
 use anyhow::{Context, Result};
@@ -169,7 +166,6 @@ struct ExportBundle {
 
 #[tokio::main]
 async fn main() -> Result<()> {
-
     dotenv::dotenv().ok();
 
     let args: Vec<String> = env::args().collect();
 
@@ -1,5 +1,3 @@
-
-
 /**
  * Content Import Utility
  *
@@ -39,7 +37,6 @@
  * - Database connection or transaction errors
  * - Data validation failures
  */
-
 use std::{env, fs, path::Path};
 
 use anyhow::{anyhow, Context, Result};
@@ -51,7 +48,6 @@ use linux_tutorial_backend::db;
 
 #[derive(Debug, Deserialize)]
 struct SiteContentImport {
-
     section: String,
 
     content: Value,
@@ -62,7 +58,6 @@ struct SiteContentImport {
 
 #[derive(Debug, Deserialize)]
 struct SitePageImport {
-
     id: String,
 
     slug: String,
@@ -92,7 +87,6 @@ struct SitePageImport {
 
 #[derive(Debug, Deserialize)]
 struct SitePostImport {
-
     id: String,
 
     page_id: String,
@@ -120,7 +114,6 @@ struct SitePostImport {
 
 #[derive(Debug, Deserialize)]
 struct ImportBundle {
-
     site_content: Vec<SiteContentImport>,
 
     pages: Vec<SitePageImport>,
@@ -130,7 +123,6 @@ struct ImportBundle {
 
 #[tokio::main]
 async fn main() -> Result<()> {
-
     dotenv::dotenv().ok();
 
     let args: Vec<String> = env::args().collect();
@@ -178,9 +170,7 @@ async fn import_site_content(
     tx: &mut Transaction<'_, Sqlite>,
     items: &[SiteContentImport],
 ) -> Result<()> {
-
     for item in items {
-
         let serialized = serde_json::to_string(&item.content)
             .context("Failed to serialize site_content entry")?;
 
@@ -203,9 +193,7 @@ async fn import_site_pages(
     tx: &mut Transaction<'_, Sqlite>,
     items: &[SitePageImport],
 ) -> Result<()> {
-
     for item in items {
-
         let hero_serialized =
             serde_json::to_string(&item.hero).context("Failed to serialize page hero JSON")?;
         let layout_serialized =
@@ -241,9 +229,7 @@ async fn import_site_posts(
     tx: &mut Transaction<'_, Sqlite>,
     items: &[SitePostImport],
 ) -> Result<()> {
-
     for item in items {
-
         sqlx::query(
             "INSERT INTO site_posts (id, page_id, title, slug, excerpt, content_markdown, is_published, published_at, order_index, created_at, updated_at) \
              VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, COALESCE(?, CURRENT_TIMESTAMP), COALESCE(?, CURRENT_TIMESTAMP)) \
 
@@ -125,14 +125,6 @@ pub async fn create_pool() -> Result<DbPool, sqlx::Error> {
     Ok(pool)
 }
 
-
-
-
-
-
-
-
-
 async fn ensure_site_page_schema(pool: &DbPool) -> Result<(), sqlx::Error> {
     let mut tx = pool.begin().await?;
 
@@ -210,7 +202,6 @@ async fn ensure_site_page_schema(pool: &DbPool) -> Result<(), sqlx::Error> {
 async fn apply_core_migrations(
     tx: &mut sqlx::Transaction<'_, sqlx::Sqlite>,
 ) -> Result<(), sqlx::Error> {
-
     sqlx::query(
         r#"
         CREATE TABLE IF NOT EXISTS users (
@@ -398,8 +389,6 @@ async fn apply_core_migrations(
     Ok(())
 }
 
-
-
 async fn seed_site_content_tx(
     tx: &mut sqlx::Transaction<'_, sqlx::Sqlite>,
 ) -> Result<(), sqlx::Error> {
@@ -482,14 +471,14 @@ fn default_site_content() -> Vec<(&'static str, serde_json::Value)> {
                     "target": { "type": "section", "value": "home" }
                 },
                 "tutorialCardButton": "Zum Tutorial"
-            })
+            }),
         ),
         (
             "site_meta",
             json!({
                 "title": "Linux Tutorial - Lerne Linux Schritt für Schritt",
                 "description": "Lerne Linux von Grund auf - Interaktiv, modern und praxisnah."
-            })
+            }),
         ),
         (
             "header",
@@ -744,7 +733,6 @@ pub async fn run_migrations(pool: &DbPool) -> Result<(), sqlx::Error> {
 
     match (admin_username, admin_password) {
         (Some(username), Some(password)) if !username.is_empty() && !password.is_empty() => {
-
             if password.len() < 12 {
                 tracing::error!(
                     "ADMIN_PASSWORD must be at least 12 characters long (NIST recommendation)!"
@@ -775,7 +763,6 @@ pub async fn run_migrations(pool: &DbPool) -> Result<(), sqlx::Error> {
                     }
                 },
                 None => {
-
                     let password_hash =
                         bcrypt::hash(&password, bcrypt::DEFAULT_COST).map_err(|e| {
                             tracing::error!("Failed to hash admin password: {}", e);
@@ -809,7 +796,6 @@ pub async fn run_migrations(pool: &DbPool) -> Result<(), sqlx::Error> {
     let mut tx = pool.begin().await?;
 
     if seed_enabled {
-
         let already_seeded: Option<(String,)> =
             sqlx::query_as("SELECT value FROM app_metadata WHERE key = 'default_tutorials_seeded'")
                 .fetch_optional(&mut *tx)
@@ -1004,10 +990,6 @@ async fn insert_default_tutorials_tx(
     Ok(())
 }
 
-
-
-
-
 async fn apply_comment_migrations(
     tx: &mut sqlx::Transaction<'_, sqlx::Sqlite>,
 ) -> Result<(), sqlx::Error> {
@@ -1024,7 +1006,7 @@ async fn apply_comment_migrations(
         sqlx::query("ALTER TABLE comments ADD COLUMN post_id TEXT")
             .execute(&mut **tx)
             .await?;
-        
+
         // Add index for post_id
         sqlx::query("CREATE INDEX IF NOT EXISTS idx_comments_post ON comments(post_id)")
             .execute(&mut **tx)
@@ -1038,17 +1020,18 @@ async fn apply_vote_migration(
     tx: &mut sqlx::Transaction<'_, sqlx::Sqlite>,
 ) -> Result<(), sqlx::Error> {
     // Create comment_votes table
-    sqlx::query(include_str!("../migrations/20241119_create_comment_votes.sql"))
-        .execute(&mut **tx)
-        .await?;
+    sqlx::query(include_str!(
+        "../migrations/20241119_create_comment_votes.sql"
+    ))
+    .execute(&mut **tx)
+    .await?;
 
     // Add votes column to comments if missing
-    let has_votes: bool = sqlx::query_scalar(
-        "SELECT COUNT(*) FROM pragma_table_info('comments') WHERE name='votes'",
-    )
-    .fetch_one(&mut **tx)
-    .await
-    .map(|count: i64| count > 0)?;
+    let has_votes: bool =
+        sqlx::query_scalar("SELECT COUNT(*) FROM pragma_table_info('comments') WHERE name='votes'")
+            .fetch_one(&mut **tx)
+            .await
+            .map(|count: i64| count > 0)?;
 
     if !has_votes {
         tracing::info!("Adding votes column to comments table");
@@ -1121,10 +1104,10 @@ async fn fix_comment_schema(
     // Actually, apply_comment_migrations adds post_id.
     // Let's check columns in comments_old to be safe, or just assume standard flow.
     // To be safe, we'll select specific columns.
-    
+
     // Note: We need to handle the case where tutorial_id was NOT NULL.
     // If we have data, it's fine.
-    
+
     sqlx::query(
         r#"
         INSERT INTO comments (id, tutorial_id, post_id, author, content, created_at, votes, is_admin)
@@ -1148,11 +1131,9 @@ async fn fix_comment_schema(
         .await?;
 
     // 6. Mark as fixed
-    sqlx::query(
-        "INSERT INTO app_metadata (key, value) VALUES ('comment_schema_fixed_v1', 'true')"
-    )
-    .execute(&mut **tx)
-    .await?;
+    sqlx::query("INSERT INTO app_metadata (key, value) VALUES ('comment_schema_fixed_v1', 'true')")
+        .execute(&mut **tx)
+        .await?;
 
     Ok(())
 }
@@ -33,7 +33,6 @@ use sha2::{Digest, Sha256};
 use sqlx::{self, FromRow};
 use std::{env, sync::OnceLock, time::Duration};
 
-
 /// Global salt for hashing login attempt identifiers.
 /// Initialized once at startup via init_login_attempt_salt().
 static LOGIN_ATTEMPT_SALT: OnceLock<String> = OnceLock::new();
@@ -61,7 +60,10 @@ pub fn init_login_attempt_salt() -> Result<(), String> {
         return Err("LOGIN_ATTEMPT_SALT must be at least 32 characters long".to_string());
     }
 
-    let unique_chars = trimmed.chars().collect::<std::collections::HashSet<_>>().len();
+    let unique_chars = trimmed
+        .chars()
+        .collect::<std::collections::HashSet<_>>()
+        .len();
     if unique_chars < 10 {
         return Err("LOGIN_ATTEMPT_SALT must contain at least 10 unique characters".to_string());
     }
@@ -479,7 +481,9 @@ pub async fn logout(
 ) -> (StatusCode, HeaderMap) {
     // Extract token to blacklist it
     if let Some(token) = auth::extract_token(&headers) {
-        if let Err(e) = repositories::token_blacklist::blacklist_token(&pool, &token, claims.exp as i64).await {
+        if let Err(e) =
+            repositories::token_blacklist::blacklist_token(&pool, &token, claims.exp as i64).await
+        {
             tracing::error!("Failed to blacklist token on logout: {}", e);
         }
     }