6 files changed, 57 insertions, 9 deletions

diff --git a/src/context.zig b/src/context.zig
index 54ece18..6e73b5d 100644
--- a/src/context.zig
+++ b/src/context.zig
@@ -9,7 +9,6 @@ allocator: std.mem.Allocator,
 request: *std.http.Server.Request,
 storage: *Storage,
 fingerprint: []const u8,
-user: ?[]const u8 = null,
 response: struct {
     headers: struct {
         content_type: []const u8 = "application/json",
diff --git a/src/routes/api/auth/login.zig b/src/routes/api/auth/login.zig
index d7ee5cb..8a33082 100644
--- a/src/routes/api/auth/login.zig
+++ b/src/routes/api/auth/login.zig
@@ -16,7 +16,7 @@ const Result = struct {
 pub const access = .everyone;
 
 pub fn post(ctx: *Context, body: Body) anyerror!Result {
-    var user = Storage.User.open(ctx.storage, body.user, ctx.allocator) catch return .{
+    var user = Storage.User.open(ctx.storage, body.user) catch return .{
         .success = false
     };
     defer user.deinit();
diff --git a/src/routes/api/profile/root.zig b/src/routes/api/profile/root.zig
index 632c09c..04bf042 100644
--- a/src/routes/api/profile/root.zig
+++ b/src/routes/api/profile/root.zig
@@ -1 +1,5 @@
+const memora = @import("memora");
+const HandlerInfo = memora.routes.HandlerInfo;
+
 pub const image = @import("image/root.zig");
+pub const set: HandlerInfo = .from_type(@import("set.zig"));
diff --git a/src/routes/api/profile/set.zig b/src/routes/api/profile/set.zig
new file mode 100644
index 0000000..a007b23
--- /dev/null
+++ b/src/routes/api/profile/set.zig
@@ -0,0 +1,26 @@
+const std = @import("std");
+
+const memora = @import("memora");
+const Context = memora.Context;
+const Storage = memora.Storage;
+
+pub const access = .users;
+
+const Body = struct {
+    full_name: []const u8,
+    birthday: []const u8,
+};
+
+pub fn post(ctx: *Context, body: Body) !void {
+    if (ctx.storage.sessions.get(ctx.storage, ctx.fingerprint)) |session| {
+        var user = try Storage.User.open(ctx.storage, session.info.name);
+        defer user.deinit();
+
+        user.info.full_name = body.full_name;
+        user.info.birthday = body.birthday;
+
+        try user.sync();
+    } else {
+        return error.UnknownSession;
+    }
+}
diff --git a/src/routes/handler-info.zig b/src/routes/handler-info.zig
index 97eb9bd..5183628 100644
--- a/src/routes/handler-info.zig
+++ b/src/routes/handler-info.zig
@@ -51,6 +51,9 @@ pub fn handle(
     storage: *Storage,
     allocator: std.mem.Allocator,
 ) !void {
+    const target = try allocator.dupe(u8, request.head.target);
+    defer allocator.free(target);
+
     const handler = self.handler_from_method(request.head.method) orelse return request.respond(
         "{ \"error\": \"Bad Request\" }",
         .{ .status = .bad_request }
@@ -102,7 +105,7 @@ pub fn handle(
             error.Forbidden => .{ "{ \"error\": \"Forbidden\" }", .forbidden },
             error.NotFound => .{ "{ \"error\": \"Not Found\" }", .not_found },
             else => blk: {
-                log.err("handler for '{s}' returned {}", .{request.head.target, err});
+                log.err("handler for '{s}' returned {}", .{target, err});
                 break :blk .{ "{ \"error\": \"Internal Server Error\" }", .internal_server_error };
             },
         };
@@ -122,7 +125,7 @@ pub fn handle(
     if (context.response.headers.fingerprint) |auth_token| {
         var value = std.Io.Writer.Allocating.init(arena.allocator());
 
-        try value.writer.print("fingerprint={s}; Secure; Path=/", .{auth_token});
+        try value.writer.print("fingerprint={s}; Path=/", .{auth_token});
 
         try headers.append(allocator, .{
             .name = "Set-Cookie",
@@ -184,7 +187,7 @@ fn HandlerWrapper(T: type, name: []const u8) type {
                 return @call(.auto, @field(T, name), args);
             } else if (payload_type == void) {
                 try @call(.auto, @field(T, name), args);
-                return memora.Stream.from_buffer("");
+                return memora.Stream.from_buffer("{}");
             } else {
                 var writer = std.Io.Writer.Allocating.init(ctx.allocator);
                 var stringify = std.json.Stringify { .writer = &writer.writer };
diff --git a/src/storage/user.zig b/src/storage/user.zig
index 09f7716..86d82ff 100644
--- a/src/storage/user.zig
+++ b/src/storage/user.zig
@@ -48,9 +48,8 @@ arena: std.heap.ArenaAllocator,
 pub fn open(
     storage: *Storage,
     name: []const u8,
-    inner_allocator: std.mem.Allocator
 ) !Self {
-    var arena: std.heap.ArenaAllocator = .init(inner_allocator);
+    var arena: std.heap.ArenaAllocator = .init(storage.allocator);
     errdefer arena.deinit();
     const allocator = arena.allocator();
 
@@ -125,9 +124,26 @@ pub fn new(
     };
 }
 
+pub fn set_password(self: *Self, password: []const u8) !void {
+    const allocator = self.area.allocator();
+    const hash_buf = try allocator.alloc(u8, 256);
+    const hash = try std.crypto.pwhash.bcrypt.strHash(
+        password,
+        .{
+            .params = .{
+                .rounds_log = 3,
+                .silently_truncate_password = false,
+            },
+            .encoding = .phc,
+        },
+        hash_buf
+    );
+
+    self.info.hash = hash;
+}
+
 pub fn sync(self: *Self) !void {
-    const file = try self.dir.openFile("info.json", .{
-        .mode = .write_only,
+    const file = try self.dir.createFile("info.json", .{
         .lock = .exclusive,
     });
     defer file.close();