<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>users_controller.sl - Coverage</title>
<link rel="stylesheet" href="../assets/style.css">
</head>
<body>
<div class="container">
<header>
<h1>users_controller.sl</h1>
<a href="../index.html" class="back-link">← Back to Dashboard</a>
</header>
<section class="source-view">
<table>
<tbody>
<tr class="code-line">
<td class="line-num">1</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Users Controller - Authentication, Sessions, and Validation Demo</pre></td>
</tr><tr class="code-line">
<td class="line-num">2</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">3</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Login form</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">4</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn login(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">5</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return render("users/login.html", {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">6</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "title": "Login"</pre></td>
</tr><tr class="code-line">
<td class="line-num">7</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> });</pre></td>
</tr><tr class="code-line">
<td class="line-num">8</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">9</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">10</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Login handler with session management</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">11</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn login_post(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">12</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">13</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">14</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Demo validation - in real app, check database</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">15</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let email = data["email"];</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">16</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let password = data["password"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">17</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">18</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (email == "admin" + "@" + "example.com" && password == "secret123") {</pre></td>
</tr><tr class="code-line">
<td class="line-num">19</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Regenerate session for security (prevents session fixation)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">20</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_regenerate();</pre></td>
</tr><tr class="code-line">
<td class="line-num">21</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">22</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Set session values</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">23</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_set("user", "admin");</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">24</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_set("email", email);</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">25</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_set("user_id", "user_001");</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">26</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_set("role", "admin");</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">27</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_set("authenticated", true);</pre></td>
</tr><tr class="code-line">
<td class="line-num">28</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">29</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">30</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 200,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">31</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">32</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "success": true,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">33</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "user": "admin",</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">34</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "message": "Login successful"</pre></td>
</tr><tr class="code-line">
<td class="line-num">35</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">36</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">37</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">38</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">39</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">40</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 401,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">41</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">42</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "success": false,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">43</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "error": "Invalid email or password"</pre></td>
</tr><tr class="code-line">
<td class="line-num">44</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">45</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">46</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">47</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">48</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Registration form</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">49</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn register(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">50</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return render("users/register.html", {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">51</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "title": "Register"</pre></td>
</tr><tr class="code-line">
<td class="line-num">52</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> });</pre></td>
</tr><tr class="code-line">
<td class="line-num">53</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">54</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">55</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Registration handler with input validation</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">56</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn register_post(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">57</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">58</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">59</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Define validation schema</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">60</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let schema = {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">61</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "username": V.string().required()</pre></td>
</tr><tr class="code-line">
<td class="line-num">62</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> .min_length(3)</pre></td>
</tr><tr class="code-line">
<td class="line-num">63</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> .max_length(20)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">64</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> .pattern("^[a-zA-Z0-9_]+$"),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">65</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "email": V.string().required().email(),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">66</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "password": V.string().required().min_length(8),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">67</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "confirm_password": V.string().required(),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">68</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "age": V.int().optional().min(13).max(150)</pre></td>
</tr><tr class="code-line">
<td class="line-num">69</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">70</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">71</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Validate input</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">72</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let result = validate(data, schema);</pre></td>
</tr><tr class="code-line">
<td class="line-num">73</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">74</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (!result["valid"]) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">75</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">76</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 422,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">77</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">78</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "success": false,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">79</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "errors": result["errors"]</pre></td>
</tr><tr class="code-line">
<td class="line-num">80</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">81</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">82</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">83</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">84</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let validated = result["data"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">85</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">86</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Check password confirmation</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">87</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (validated["password"] != validated["confirm_password"]) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">88</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">89</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 422,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">90</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">91</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "success": false,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">92</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "errors": [{</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">93</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "field": "confirm_password",</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">94</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "message": "passwords do not match",</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">95</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "code": "mismatch"</pre></td>
</tr><tr class="code-line">
<td class="line-num">96</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }]</pre></td>
</tr><tr class="code-line">
<td class="line-num">97</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">98</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">99</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">100</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">101</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // In real app: save to database</pre></td>
</tr><tr class="code-line">
<td class="line-num">102</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // For demo, just show success</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">103</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">104</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 201,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">105</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">106</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "success": true,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">107</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "message": "Account created successfully",</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">108</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "data": {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">109</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "username": validated["username"],</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">110</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "email": validated["email"],</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">111</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "age": validated["age"]</pre></td>
</tr><tr class="code-line">
<td class="line-num">112</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">113</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">114</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">115</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">116</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">117</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Profile page (requires authentication)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">118</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn profile(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">119</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (session_get("authenticated") != true) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">120</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">121</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 302,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">122</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "headers": {"Location": "/users/login"}</pre></td>
</tr><tr class="code-line">
<td class="line-num">123</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">124</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">125</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">126</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return render("users/profile.html", {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">127</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "title": "Profile"</pre></td>
</tr><tr class="code-line">
<td class="line-num">128</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> });</pre></td>
</tr><tr class="code-line">
<td class="line-num">129</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">130</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">131</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Logout - destroy session</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">132</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn logout(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">133</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> session_destroy();</pre></td>
</tr><tr class="code-line">
<td class="line-num">134</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">135</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">136</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 302,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">137</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "headers": {"Location": "/"}</pre></td>
</tr><tr class="code-line">
<td class="line-num">138</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">139</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">140</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">141</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Regenerate session ID</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">142</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn regenerate_session(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">143</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (session_get("authenticated") != true) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">144</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">145</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 302,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">146</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "headers": {"Location": "/users/login"}</pre></td>
</tr><tr class="code-line">
<td class="line-num">147</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">148</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">149</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">150</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let old_id = session_id();</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">151</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let new_id = session_regenerate();</pre></td>
</tr><tr class="code-line">
<td class="line-num">152</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">153</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> print("Session regenerated: ", old_id, " -> ", new_id);</pre></td>
</tr><tr class="code-line">
<td class="line-num">154</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">155</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">156</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 302,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">157</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "headers": {"Location": "/users/profile"}</pre></td>
</tr><tr class="code-line">
<td class="line-num">158</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">159</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">160</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">161</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Validation demo page</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">162</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn validation_demo(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">163</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return render("users/validation-demo.html", {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">164</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "title": "Validation Demo"</pre></td>
</tr><tr class="code-line">
<td class="line-num">165</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> });</pre></td>
</tr><tr class="code-line">
<td class="line-num">166</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">167</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">168</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// Validation API endpoint</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">169</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn validate_registration(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">170</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">171</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">172</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let schema = {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">173</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "username": V.string().required()</pre></td>
</tr><tr class="code-line">
<td class="line-num">174</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> .min_length(3)</pre></td>
</tr><tr class="code-line">
<td class="line-num">175</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> .max_length(20)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">176</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> .pattern("^[a-zA-Z0-9_]+$"),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">177</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "email": V.string().required().email(),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">178</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "password": V.string().required().min_length(8),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">179</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "age": V.int().optional().min(13).max(150),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">180</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "website": V.string().optional().url(),</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">181</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "role": V.string().optional().one_of(["admin", "user", "guest"])</pre></td>
</tr><tr class="code-line">
<td class="line-num">182</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">183</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">184</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let result = validate(data, schema);</pre></td>
</tr><tr class="code-line">
<td class="line-num">185</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">186</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">187</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": result["valid"] ? 200 : 422,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">188</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify(result)</pre></td>
</tr><tr class="code-line">
<td class="line-num">189</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">190</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">191</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">192</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// JWT Demo: Create token</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">193</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn create_token(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">194</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">195</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">196</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // In real app: verify user credentials first</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">197</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let payload = {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">198</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "sub": data["user_id"],</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">199</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "name": data["name"],</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">200</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "role": data["role"],</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">201</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "iat": clock()</pre></td>
</tr><tr class="code-line">
<td class="line-num">202</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">203</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">204</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Handle null values with defaults</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">205</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (payload["sub"] == null) { payload["sub"] = "user_001"; }</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">206</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (payload["name"] == null) { payload["name"] = "Demo User"; }</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">207</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (payload["role"] == null) { payload["role"] = "user"; }</pre></td>
</tr><tr class="code-line">
<td class="line-num">208</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">209</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> // Sign JWT with secret (in real app, use environment variable)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">210</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let secret = "demo-secret-key-change-in-production";</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">211</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let options = {};</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">212</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (data["expires_in"]) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">213</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> options["expires_in"] = data["expires_in"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">214</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">215</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">216</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let token = jwt_sign(payload, secret, options);</pre></td>
</tr><tr class="code-line">
<td class="line-num">217</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">218</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let expires = 3600;</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">219</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (data["expires_in"] != null) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">220</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> expires = data["expires_in"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">221</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">222</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">223</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">224</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 200,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">225</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">226</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "token": token,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">227</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "type": "Bearer",</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">228</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "expires_in": expires</pre></td>
</tr><tr class="code-line">
<td class="line-num">229</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">230</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">231</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">232</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">233</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// JWT Demo: Verify token</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">234</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn verify_token(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">235</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">236</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let token = data["token"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">237</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">238</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (!token) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">239</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">240</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 400,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">241</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">242</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "error": "token is required"</pre></td>
</tr><tr class="code-line">
<td class="line-num">243</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">244</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">245</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">246</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">247</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let secret = "demo-secret-key-change-in-production";</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">248</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let result = jwt_verify(token, secret);</pre></td>
</tr><tr class="code-line">
<td class="line-num">249</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">250</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (result["error"] == true) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">251</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">252</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 401,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">253</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">254</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "valid": false,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">255</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "error": result["message"]</pre></td>
</tr><tr class="code-line">
<td class="line-num">256</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">257</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">258</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">259</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">260</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">261</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 200,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">262</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">263</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "valid": true,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">264</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "claims": result</pre></td>
</tr><tr class="code-line">
<td class="line-num">265</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">266</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">267</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr><tr class="code-line">
<td class="line-num">268</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line">
<td class="line-num">269</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>// JWT Demo: Decode token (without verification)</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">270</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre>fn decode_token(req: Any) -> Any {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">271</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let data = req["json"];</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">272</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let token = data["token"];</pre></td>
</tr><tr class="code-line">
<td class="line-num">273</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">274</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> if (!token) {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">275</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">276</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 400,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">277</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">278</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "error": "token is required"</pre></td>
</tr><tr class="code-line">
<td class="line-num">279</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">280</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">281</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> }</pre></td>
</tr><tr class="code-line">
<td class="line-num">282</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">283</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> let claims = jwt_decode(token);</pre></td>
</tr><tr class="code-line">
<td class="line-num">284</td>
<td class="line-indicator"></td>
<td class="code-content"><pre></pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">285</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> return {</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">286</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "status": 200,</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">287</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "body": json_stringify({</pre></td>
</tr><tr class="code-line uncovered">
<td class="line-num">288</td>
<td class="line-indicator">✗</td>
<td class="code-content"><pre> "claims": claims</pre></td>
</tr><tr class="code-line">
<td class="line-num">289</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> })</pre></td>
</tr><tr class="code-line">
<td class="line-num">290</td>
<td class="line-indicator"></td>
<td class="code-content"><pre> };</pre></td>
</tr><tr class="code-line">
<td class="line-num">291</td>
<td class="line-indicator"></td>
<td class="code-content"><pre>}</pre></td>
</tr>
</tbody>
</table>
</section>
</div>
</body>
</html>