From d7c8f99049b7121831f2292f624f45cc33fb160d Mon Sep 17 00:00:00 2001
From: Erin Nova <erin@the-system.eu.org>
Date: Sat, 17 Jul 2021 07:57:40 -0400
Subject: [PATCH] Fix CORS & only return user if they exist (credit to
 Charlotte_

---
 src/main.rs | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index 6d8c766..11500ff 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,5 +1,6 @@
 #[macro_use] extern crate rocket;
 extern crate sha1;
+use rocket::fairing::AdHoc;
 use serde::{Deserialize, Serialize};
 use serde_json::Result;
 use std::fs::{File, OpenOptions};
@@ -191,10 +192,27 @@ fn change(name: &str, pin: i32, new_name: &str, new_pin: i32) -> String {
 
 #[get("/api/users/<name>")]
 fn get_user(name: &str) -> String {
-    return format!("User {}", name);
+    let users: Vec<User> = read_json();
+    let found_user = users.iter().filter(|u| u.name == name).next();
+
+    match found_user {
+        Some(user) => format!("User {}", &user.name),
+        None => "User does not exist".to_string(),
+    }
 }
 
 #[launch]
 fn rocket() -> _ {
-    rocket::build().mount("/", routes![index,get_user,register_user, check_pin, change])
+    let cors_fairing = AdHoc::on_response("CORS", |_, res| {
+        Box::pin(async move {
+            res.set_raw_header("Access-Control-Allow-Origin", "*");
+        })
+    });
+
+    rocket::build()
+        .mount(
+            "/",
+            routes![index, get_user, register_user, check_pin, change],
+        )
+        .attach(cors_fairing)
 }