chore: bump version to 0.1.0

- Add toml crate dependency for TOML file parsing
- Create config module with Config struct to deserialize config.toml
- Support OIDC URLs (auth_url, token_url, redirect_url), credentials (client_id, client_secret)
- Make server host/port, database URL, and session secret configurable
- Create config.example.toml with all configuration options documented
- Update main.rs to load config.toml with fallback to environment variables
- Maintain backward compatibility with environment variable configuration

.gitea/workflows/ci.yaml

@@ -3,7 +3,7 @@ name: Release
 on:
   push:
     tags:
-      - 'v*.*.*'
+      - "v*.*.*"
 
 jobs:
   build_release:
@@ -22,6 +22,11 @@ jobs:
       - name: Build release
         run: |
           cargo build --release
+
+      - name: Package frontend
+        run: |
+          zip -r static.zip static
+
       - name: Generate a changelog
         uses: orhun/git-cliff-action@v4
         id: git-cliff
@@ -31,8 +36,10 @@ jobs:
           github_token: ""
         env:
           OUTPUT: CHANGELOG.md
+
       - uses: akkuman/gitea-release-action@v1
         with:
           files: |-
             target/release/weight_tracker
-          body: Release build for weight_tracker
+            static.zip
+          body: ${{ steps.git-cliff.outputs.content }}

Cargo.toml

@@ -5,11 +5,16 @@ edition = "2024"
 
 [dependencies]
 axum = "0.8"
-askama = "0.12"
+askama = "0.15"
+axum_session = "0.19"
+axum_session_sqlx = { version = "0.8", features = ["sqlite"]}
+oauth2 = "5.0"
+reqwest = { version = "0.13", features = ["json"] }
 
-sqlx = { version = "0.7", features = ["runtime-tokio", "sqlite", "macros"] }
+sqlx = { version = "0.8", features = ["runtime-tokio", "sqlite", "macros"] }
 tokio = { version = "1.0", features = ["full"] }
-thiserror = "1.0"
+thiserror = "2.0"
 anyhow = "1.0"
 serde = { version = "1.0", features = ["derive"] }
-tower-http = { version = "0.5", features = ["fs", "cors"] }
+config = { version = "0.13", features = ["toml"] }
+tower-http = { version = "0.6", features = ["fs", "cors"] }

config.example.toml

@@ -0,0 +1,20 @@
+# OIDC Configuration
+[oidc]
+client_id = "your_client_id"
+client_secret = "your_client_secret"
+auth_url = "https://your-provider.com/auth"
+token_url = "https://your-provider.com/token"
+redirect_url = "http://localhost:3000/auth/callback"
+
+# Server Configuration
+[server]
+host = "127.0.0.1"
+port = 3000
+
+# Database Configuration
+[database]
+url = "sqlite:weight_tracker.db"
+
+# Session Configuration
+[session]
+secret = "your_secret_key_that_is_long_enough_so_the_library_does_not_complain"

scripts/bump.sh

@@ -14,7 +14,7 @@ if [ "${CONFIRM}" != "Y" ]; then
     exit 1
 fi
 
-git commit -am "chore: bump version to ${VERSION}"
+git commit --allow-empty -am "chore: bump version to ${VERSION}"
 git tag -am "Version ${VERSION}" "${VERSION}"
 
 echo Press Y to push commit and tag

src/config.rs

@@ -0,0 +1,113 @@
+use oauth2::{AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl, basic::BasicClient};
+use serde::{Deserialize, Serialize};
+use std::path::Path;
+
+use crate::OidcClient;
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct Config {
+    pub oidc: OidcConfig,
+    pub server: ServerConfig,
+    pub database: DatabaseConfig,
+    pub session: SessionConfig,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct OidcConfig {
+    pub client_id: String,
+    pub client_secret: String,
+    pub auth_url: String,
+    pub token_url: String,
+    pub redirect_url: String,
+}
+
+impl OidcConfig {
+    pub fn to_client(
+        &self,
+    ) -> OidcClient {
+        let client_id = ClientId::new(self.client_id.clone());
+        let client_secret = ClientSecret::new(self.client_secret.clone());
+        let auth_url = AuthUrl::new(self.auth_url.clone()).unwrap();
+        let token_url = TokenUrl::new(self.token_url.clone()).unwrap();
+        let redirect_url = RedirectUrl::new(self.redirect_url.clone()).unwrap();
+
+        BasicClient::new(client_id)
+            .set_client_secret(client_secret)
+            .set_auth_uri(auth_url)
+            .set_token_uri(token_url)
+            .set_redirect_uri(redirect_url)
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct ServerConfig {
+    pub host: String,
+    pub port: u16,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct DatabaseConfig {
+    pub url: String,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize)]
+pub struct SessionConfig {
+    pub secret: String,
+}
+
+impl Config {
+    /// Load configuration from a TOML file and environment variables
+    /// config-rs merges file config with environment variables automatically
+    pub fn load(path: &str) -> Result<Self, Box<dyn std::error::Error>> {
+        let mut builder = config::Config::builder();
+
+        // Add default values first
+        let defaults = Self::defaults();
+        builder = builder.add_source(
+            config::Config::try_from(&defaults)
+                .map_err(|e| Box::new(e) as Box<dyn std::error::Error>)?,
+        );
+
+        // Load from file if it exists
+        if Path::new(path).exists() {
+            builder = builder.add_source(config::File::with_name(path).required(false));
+        }
+
+        // Override with environment variables
+        // Environment variables should be prefixed with the app name and use __ for nesting
+        // e.g., WEIGHT_TRACKER_OIDC__CLIENT_ID for oidc.client_id
+        builder = builder.add_source(
+            config::Environment::with_prefix("WEIGHT_TRACKER")
+                .try_parsing(true)
+                .separator("__"),
+        );
+
+        let config = builder.build()?;
+        let result: Config = config.try_deserialize()?;
+        Ok(result)
+    }
+
+    /// Get default configuration values
+    fn defaults() -> Self {
+        Config {
+            oidc: OidcConfig {
+                client_id: "your_client_id".to_string(),
+                client_secret: "your_client_secret".to_string(),
+                auth_url: "https://your-provider.com/auth".to_string(),
+                token_url: "https://your-provider.com/token".to_string(),
+                redirect_url: "http://localhost:3000/auth/callback".to_string(),
+            },
+            server: ServerConfig {
+                host: "127.0.0.1".to_string(),
+                port: 3000,
+            },
+            database: DatabaseConfig {
+                url: "sqlite:weight_tracker.db".to_string(),
+            },
+            session: SessionConfig {
+                secret: "your_secret_key_that_is_long_enough_so_the_library_does_not_complain"
+                    .to_string(),
+            },
+        }
+    }
+}

src/handlers.rs

@@ -1,7 +1,14 @@
-use axum::response::Html;
 use askama::Template;
-use sqlx::SqlitePool;
-use axum::{extract::State, Form};
+use axum::response::{Html, Redirect};
+use axum::{Form, extract::Query, extract::State};
+use axum_session::Session;
+use axum_session_sqlx::SessionSqlitePool;
+use oauth2::http;
+use oauth2::{
+    AuthorizationCode, CsrfToken, HttpRequest, HttpResponse, PkceCodeChallenge, PkceCodeVerifier,
+    Scope, TokenResponse,
+};
+use reqwest::Client;
 use serde::Deserialize;
 
 #[derive(Template)]
@@ -10,32 +17,157 @@ pub struct IndexTemplate {
     pub weights: Vec<super::models::Weight>,
 }
 
-#[derive(Template)]
-#[template(path = "input.html")]
-pub struct InputTemplate;
-
 #[derive(Deserialize)]
 pub struct WeightForm {
     date: String,
+    time: String,
     weight: f64,
 }
 
-pub async fn index(State(pool): State<SqlitePool>) -> Html<String> {
-    let weights = super::models::get_all_weights(&pool).await.unwrap_or_default();
+pub async fn index(State(state): State<crate::AppState>) -> Html<String> {
+    let weights = super::models::get_all_weights(&state.pool)
+        .await
+        .unwrap_or_default();
     let template = IndexTemplate { weights };
     Html(template.render().unwrap())
 }
 
-pub async fn input_get() -> Html<String> {
-    let template = InputTemplate;
-    Html(template.render().unwrap())
+pub async fn login(
+    State(state): State<crate::AppState>,
+    session: Session<SessionSqlitePool>,
+) -> Redirect {
+    // Generate PKCE challenge
+    let (pkce_challenge, pkce_verifier) = PkceCodeChallenge::new_random_sha256();
+
+    // Generate the authorization URL
+    let (auth_url, csrf_token) = state
+        .oidc_client
+        .authorize_url(CsrfToken::new_random)
+        .add_scope(Scope::new("openid".to_string()))
+        .add_scope(Scope::new("profile".to_string()))
+        .set_pkce_challenge(pkce_challenge)
+        .url();
+
+    // Store the CSRF token and PKCE verifier in the session
+    session.set("csrf_token", csrf_token.secret().clone());
+    session.set("pkce_verifier", pkce_verifier.secret().clone());
+
+    Redirect::to(auth_url.as_str())
+}
+
+#[cfg(test)]
+pub async fn test_login(session: Session<SessionSqlitePool>) -> Redirect {
+    session.set("user_id", "test-user");
+    Redirect::to("/")
+}
+
+#[derive(Deserialize)]
+pub struct AuthCallbackQuery {
+    code: String,
+    state: String,
+}
+
+pub async fn callback(
+    State(state): State<crate::AppState>,
+    Query(query): Query<AuthCallbackQuery>,
+    session: Session<SessionSqlitePool>,
+) -> Redirect {
+    // Verify CSRF token
+    if let Some(stored_csrf) = session.get::<String>("csrf_token") {
+        if stored_csrf != query.state {
+            return Redirect::to("/?error=invalid_state");
+        }
+    } else {
+        return Redirect::to("/?error=no_state");
+    }
+
+    // Get PKCE verifier
+    let pkce_verifier = if let Some(verifier) = session.get::<String>("pkce_verifier") {
+        PkceCodeVerifier::new(verifier)
+    } else {
+        return Redirect::to("/?error=no_verifier");
+    };
+
+    // Exchange code for token
+    let token_result = state
+        .oidc_client
+        .exchange_code(AuthorizationCode::new(query.code))
+        .set_pkce_verifier(pkce_verifier)
+        .request_async(&async_http_client)
+        .await;
+
+    match token_result {
+        Ok(token) => {
+            // For OIDC, extract user info from token
+            // Using the access token as a simple user identifier
+            let user_id = token.access_token().secret().clone();
+            session.set("user_id", user_id);
+            Redirect::to("/")
+        }
+        Err(_) => Redirect::to("/?error=token_exchange_failed"),
+    }
+}
+
+// Async HTTP client for oauth2
+async fn async_http_client(req: HttpRequest) -> Result<HttpResponse, reqwest::Error> {
+    let client = Client::new();
+
+    // Convert http::Method to reqwest::Method
+    let method_str = format!("{}", req.method());
+    let method = reqwest::Method::from_bytes(method_str.as_bytes()).unwrap();
+
+    // Clone the URI before consuming the request
+    let uri = req.uri().clone();
+
+    let mut req_builder = client.request(method, uri.to_string());
+
+    for (name, value) in req.headers() {
+        let header_name =
+            reqwest::header::HeaderName::from_bytes(name.as_str().as_bytes()).unwrap();
+        let header_value = reqwest::header::HeaderValue::from_bytes(value.as_bytes()).unwrap();
+        req_builder = req_builder.header(header_name, header_value);
+    }
+
+    let body = req.into_body();
+    let response = req_builder.body(body).send().await?;
+    let status_code = response.status();
+    let headers = response.headers().clone();
+    let body = response.bytes().await?;
+
+    // Construct an http::Response
+    let mut http_response = http::Response::builder().status(status_code);
+
+    for (k, v) in headers.iter() {
+        http_response = http_response.header(k, v);
+    }
+
+    Ok(http_response.body(body.to_vec()).unwrap())
 }
 
 pub async fn input_post(
-    State(pool): State<SqlitePool>,
+    State(state): State<crate::AppState>,
+    session: Session<SessionSqlitePool>,
     Form(form): Form<WeightForm>,
-) -> Html<String> {
-    let user_id = "test_user"; // TODO: Implement OIDC to get real user_id
-    super::models::insert_weight(&pool, user_id, &form.date, form.weight).await.unwrap();
-    Html("<p>Weight added successfully!</p>".to_string())
-}
+) -> Result<Html<String>, Redirect> {
+    // Check if user is authenticated
+    if let Some(user_id) = session.get::<String>("user_id") {
+        let datetime = format!("{}T{}", form.date, form.time);
+        super::models::insert_weight(&state.pool, &user_id, &datetime, form.weight)
+            .await
+            .unwrap();
+        let weights = super::models::get_all_weights(&state.pool)
+            .await
+            .unwrap_or_default();
+        let mut html = String::new();
+        for weight in weights {
+            html.push_str(&format!(
+                "<p>{}: {} kg by {}</p>\n",
+                weight.date, weight.weight, &user_id
+            ));
+        }
+        Ok(Html(html))
+    } else {
+        // Redirect to login if not authenticated
+        Err(Redirect::to("/auth/login"))
+    }
+}

src/lib.rs

@@ -1,2 +1,62 @@
 pub mod handlers;
-pub mod models;
+pub mod models;
+pub mod config;
+
+use axum::{
+    Router,
+    routing::{get, post},
+};
+use axum_session::{SessionConfig, SessionLayer, SessionStore};
+use axum_session_sqlx::SessionSqlitePool;
+use sqlx::SqlitePool;
+use tower_http::services::ServeDir;
+
+pub type OidcClient = oauth2::Client<
+        oauth2::StandardErrorResponse<oauth2::basic::BasicErrorResponseType>,
+        oauth2::StandardTokenResponse<oauth2::EmptyExtraTokenFields, oauth2::basic::BasicTokenType>,
+        oauth2::StandardTokenIntrospectionResponse<
+            oauth2::EmptyExtraTokenFields,
+            oauth2::basic::BasicTokenType,
+        >,
+        oauth2::StandardRevocableToken,
+        oauth2::StandardErrorResponse<oauth2::RevocationErrorResponseType>,
+        oauth2::EndpointSet,
+        oauth2::EndpointNotSet,
+        oauth2::EndpointNotSet,
+        oauth2::EndpointNotSet,
+        oauth2::EndpointSet,
+    >;
+
+#[derive(Clone)]
+pub struct AppState {
+    pub pool: SqlitePool,
+    pub oidc_client: OidcClient,
+}
+
+pub async fn create_app(state: AppState, session_secret: Vec<u8>, pool: SqlitePool) -> Router {
+    //This Defaults as normal Cookies.
+    //To enable Private cookies for integrity, and authenticity please check the next Example.
+    let session_config = SessionConfig::default()
+        .with_table_name("sessions_table")
+        .with_key(axum_session::Key::from(&session_secret));
+
+    // create SessionStore and initiate the database tables
+    let session_store =
+        SessionStore::<SessionSqlitePool>::new(Some(pool.clone().into()), session_config)
+            .await
+            .unwrap();
+
+    let app = Router::new()
+        .route("/", get(handlers::index))
+        .route("/auth/login", get(handlers::login))
+        .route("/auth/callback", get(handlers::callback))
+        .route("/input", post(handlers::input_post))
+        .with_state(state)
+        .layer(SessionLayer::new(session_store))
+        .nest_service("/static", ServeDir::new("static"));
+
+    #[cfg(test)]
+    let app = app.route("/test/login", get(handlers::test_login));
+
+    app
+}

src/main.rs

@@ -1,27 +1,43 @@
-use axum::{
-    routing::get,
-    Router,
-};
-use tower_http::services::ServeDir;
+use std::str::FromStr;
+
 use sqlx::SqlitePool;
+use weight_tracker::{AppState, config::Config, create_app};
 
 #[tokio::main]
 async fn main() {
+    let config = Config::load("config.toml").unwrap_or_else(|e| {
+        eprintln!("Failed to load configuration: {}", e);
+        eprintln!("Using default values. Set environment variables prefixed with WEIGHT_TRACKER_ to override.");
+        std::process::exit(1);
+    });
+
     // Set up database
-    let database_url = "sqlite:weight_tracker.db";
-    let pool = SqlitePool::connect(database_url).await.expect("Failed to connect to database");
-
-    // build our application with a route
-    let app = Router::new()
-        .route("/", get(weight_tracker::handlers::index))
-        .route("/input", get(weight_tracker::handlers::input_get).post(weight_tracker::handlers::input_post))
-        .with_state(pool)
-        .nest_service("/static", ServeDir::new("static"));
-
-    // run it
-    let listener = tokio::net::TcpListener::bind("127.0.0.1:3000")
+    let pool = SqlitePool::connect_with(
+        sqlx::sqlite::SqliteConnectOptions::from_str(&config.database.url)
+            .expect("Could not parse database URL")
+            .create_if_missing(true),
+    )
+    .await
+    .expect("Failed to connect to database");
+    sqlx::migrate!()
+        .run(&pool)
         .await
-        .unwrap();
+        .expect("Could not run database migrations");
+
+    // Set up OIDC client
+    let oidc_client = config.oidc.to_client();
+
+    let secret = config.session.secret.as_bytes().to_vec();
+
+    let app_state = AppState {
+        pool: pool.clone(),
+        oidc_client,
+    };
+
+    let app = create_app(app_state, secret, pool).await;
+
+    let addr = format!("{}:{}", config.server.host, config.server.port);
+    let listener = tokio::net::TcpListener::bind(&addr).await.unwrap();
     println!("listening on {}", listener.local_addr().unwrap());
     axum::serve(listener, app).await.unwrap();
 }

templates/index.html

@@ -1,10 +1,46 @@
 <!DOCTYPE html>
 <html>
+
 <head>
     <title>Weight Tracker</title>
     <script src="https://unpkg.com/htmx.org@1.9.10"></script>
+
+    <script>
+        function fillCurrentDateTime() {
+            // Fill date and time with current values
+            const now = new Date();
+
+            // Format date as YYYY-MM-DD
+            const year = now.getFullYear();
+            const month = String(now.getMonth() + 1).padStart(2, '0');
+            const day = String(now.getDate()).padStart(2, '0');
+            document.getElementById('date').value = `${year}-${month}-${day}`;
+
+            // Format time as HH:MM
+            const hours = String(now.getHours()).padStart(2, '0');
+            const minutes = String(now.getMinutes()).padStart(2, '0');
+            document.getElementById('time').value = `${hours}:${minutes}`;
+
+            // Fill weight with the latest weight from the list
+            const weightElements = document.querySelectorAll('#weights p');
+            if (weightElements.length > 0) {
+                const latestWeightText = weightElements[0].textContent;
+                // Extract weight value from format "YYYY-MM-DD: XX.X kg by username"
+                const match = latestWeightText.match(/(\d+\.?\d*)\s*kg/);
+                if (match) {
+                    document.getElementById('weight').value = match[1];
+                }
+            }
+        }
+
+        function showInputDialog() {
+            fillCurrentDateTime();
+            document.getElementById('inputDialog').showModal();
+        }
+    </script>
     <link rel="stylesheet" href="/static/css/style.css">
 </head>
+
 <body>
     <h1>Weight Tracker</h1>
     <div id="weights">
@@ -12,6 +48,20 @@
         <p>{{ weight.date }}: {{ weight.weight }} kg by {{ weight.user_id }}</p>
         {% endfor %}
     </div>
-    <a href="/input">Add Weight</a>
+    <button onclick="showInputDialog()">Add Weight</button>
+    <dialog id="inputDialog">
+        <h1>Add Weight</h1>
+        <form hx-post="/input" hx-target="#weights" hx-swap="innerHTML"
+            hx-on:htmx:after-request="document.getElementById('inputDialog').close()">
+            <label for="date">Date:</label>
+            <input type="date" id="date" name="date" required><br>
+            <label for="time">Time:</label>
+            <input type="time" id="time" name="time" required><br>
+            <label for="weight">Weight (kg):</label>
+            <input type="number" step="0.1" id="weight" name="weight" required><br>
+            <button type="submit">Submit</button>
+        </form>
+    </dialog>
 </body>
+
 </html>

templates/input.html

@@ -1,20 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <title>Add Weight</title>
-    <script src="https://unpkg.com/htmx.org@1.9.10"></script>
-    <link rel="stylesheet" href="/static/css/style.css">
-</head>
-<body>
-    <h1>Add Weight</h1>
-    <form hx-post="/input" hx-target="#result" hx-swap="innerHTML">
-        <label for="date">Date:</label>
-        <input type="date" id="date" name="date" required><br>
-        <label for="weight">Weight (kg):</label>
-        <input type="number" step="0.1" id="weight" name="weight" required><br>
-        <button type="submit">Submit</button>
-    </form>
-    <div id="result"></div>
-    <a href="/">Back to Tracker</a>
-</body>
-</html>

tests/e2e.rs

@@ -0,0 +1,107 @@
+use axum::{body::Body, http::{header, Request, StatusCode}};
+use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, TokenUrl};
+use sqlx::SqlitePool;
+use tower::ServiceExt;
+use weight_tracker::{create_app, AppState};
+
+async fn make_app() -> axum::Router {
+    let pool = SqlitePool::connect("sqlite::memory:").await.unwrap();
+    sqlx::query(include_str!("../migrations/20260408203423_create_weights_table.sql"))
+        .execute(&pool)
+        .await
+        .unwrap();
+
+    let oidc_client = BasicClient::new(
+        ClientId::new("test-client".into()),
+        Some(ClientSecret::new("test-secret".into())),
+        AuthUrl::new("http://localhost/auth".into()).unwrap(),
+        Some(TokenUrl::new("http://localhost/token".into()).unwrap()),
+    );
+
+    let state = AppState { pool: pool.clone(), oidc_client };
+    create_app(state, b"01234567890123456789012345678901".to_vec(), pool).await
+}
+
+#[tokio::test]
+async fn index_returns_ok() {
+    let app = make_app().await;
+
+    let response = app
+        .oneshot(Request::builder().uri("/").body(Body::empty()).unwrap())
+        .await
+        .unwrap();
+
+    assert_eq!(response.status(), StatusCode::OK);
+}
+
+#[tokio::test]
+async fn auth_login_redirects_and_sets_cookie() {
+    let app = make_app().await;
+
+    let response = app
+        .oneshot(Request::builder().uri("/auth/login").body(Body::empty()).unwrap())
+        .await
+        .unwrap();
+
+    assert_eq!(response.status(), StatusCode::FOUND);
+    assert!(response.headers().get(header::LOCATION).is_some());
+    assert!(response.headers().get(header::SET_COOKIE).is_some());
+}
+
+#[tokio::test]
+async fn input_post_requires_authentication() {
+    let app = make_app().await;
+
+    let response = app
+        .oneshot(
+            Request::builder()
+                .method("POST")
+                .uri("/input")
+                .header(header::CONTENT_TYPE, "application/x-www-form-urlencoded")
+                .body(Body::from("date=2026-04-10&weight=80"))
+                .unwrap(),
+        )
+        .await
+        .unwrap();
+
+    assert_eq!(response.status(), StatusCode::FOUND);
+    assert_eq!(response.headers().get(header::LOCATION).unwrap(), "/auth/login");
+}
+
+#[tokio::test]
+async fn authenticated_input_post_stores_weight() {
+    let app = make_app().await;
+    let app_clone = app.clone();
+
+    let auth_response = app_clone
+        .oneshot(Request::builder().uri("/test/login").body(Body::empty()).unwrap())
+        .await
+        .unwrap();
+
+    assert_eq!(auth_response.status(), StatusCode::FOUND);
+    let cookie = auth_response
+        .headers()
+        .get(header::SET_COOKIE)
+        .unwrap()
+        .to_str()
+        .unwrap();
+
+    let response = app
+        .oneshot(
+            Request::builder()
+                .method("POST")
+                .uri("/input")
+                .header(header::CONTENT_TYPE, "application/x-www-form-urlencoded")
+                .header(header::COOKIE, cookie)
+                .body(Body::from("date=2026-04-10&weight=80"))
+                .unwrap(),
+        )
+        .await
+        .unwrap();
+
+    assert_eq!(response.status(), StatusCode::OK);
+    let body_bytes = hyper::body::to_bytes(response.into_body()).await.unwrap();
+    let body_text = std::str::from_utf8(&body_bytes).unwrap();
+    assert!(body_text.contains("80 kg"));
+    assert!(body_text.contains("test-user"));
+}