diff options
| author | Kjetil Orbekk <kj@orbekk.com> | 2022-10-13 08:12:59 -0400 |
|---|---|---|
| committer | Kjetil Orbekk <kj@orbekk.com> | 2022-10-13 08:12:59 -0400 |
| commit | accb9032b9abe595020a27dd2f7b666cb7028f67 (patch) | |
| tree | 4c92937ad368e93e9bb9ddf9a0ebb31e8288c04b /server/src/auth.rs | |
| parent | 8b5d16152ffb7d55811a7a558f67620a94e4cbf0 (diff) | |
Add AuthenticatedSession request extractor
Diffstat (limited to 'server/src/auth.rs')
| -rw-r--r-- | server/src/auth.rs | 51 |
1 files changed, 36 insertions, 15 deletions
diff --git a/server/src/auth.rs b/server/src/auth.rs index 0be1b85..98a0000 100644 --- a/server/src/auth.rs +++ b/server/src/auth.rs @@ -6,9 +6,13 @@ use std::{ sync::{Arc, Mutex}, }; -use crate::error::BridgeError; +use crate::{error::BridgeError, server::ContextExtension}; use async_trait::async_trait; -use axum::{extract::FromRequest, http}; +use axum::{ + extract::FromRequest, + response::{IntoResponse, Response}, + Json, +}; use chrono::{DateTime, Utc}; use lru::LruCache; use openidconnect::{ @@ -22,7 +26,7 @@ use openidconnect::{ use protocol::UserInfo; use serde::{Deserialize, Serialize}; use sqlx::PgPool; -use tower_cookies::Cookies; +use tower_cookies::{Cookie, Cookies}; use tracing::{debug, error, info}; use uuid::Uuid; @@ -335,25 +339,42 @@ pub async fn fetch_authenticated_session( } } -#[derive(Clone, Debug, Default)] -pub struct LoggedInUser { - _priv: (), -} - #[async_trait] -impl<B> FromRequest<B> for LoggedInUser +impl<B> FromRequest<B> for AuthenticatedSession where B: Send, { - type Rejection = (http::StatusCode, &'static str); + type Rejection = Response; async fn from_request( req: &mut axum::extract::RequestParts<B>, ) -> Result<Self, Self::Rejection> { - info!( - "Creating LoggedInUser; found cookies: {:?}", - req.extensions().get::<Cookies>().cloned() - ); - Ok(LoggedInUser { _priv: () }) + let cookies = Cookies::from_request(req) + .await + .map_err(|e| e.into_response())?; + let extension = ContextExtension::from_request(req) + .await + .map_err(|e| e.into_response())?; + let cookie = match cookies.get("user-id") { + None => return Err(BridgeError::NotLoggedIn.into_response()), + Some(v) => v, + }; + + let session_id: SessionId = match SessionId::from_str(cookie.value()) { + Err(e) => { + info!("Clearing cookie that failed to parse {cookie:?}: {e}"); + cookies.remove(cookie.into_owned()); + return Err(BridgeError::NotLoggedIn.into_response()); + } + Ok(s) => s, + }; + let session = match crate::auth::fetch_authenticated_session(&extension.db, &session_id) + .await + .map_err(|e| e.into_response())? + { + None => return Err(BridgeError::NotLoggedIn.into_response()), + Some(v) => v, + }; + Ok(session) } } |