mirror of
https://github.com/danbulant/Portfolio
synced 2026-06-18 22:11:14 +00:00
feat: session auth guard
This commit is contained in:
Sebastian Pravda
parent
e2844a3866
commit
4d97173176
2 changed files with 23 additions and 19 deletions
|
|
@ -1,27 +1,39 @@
|
|||
use entity::candidate::Model;
|
||||
use portfolio_core::sea_orm::prelude::Uuid;
|
||||
use portfolio_core::services::candidate_service::CandidateService;
|
||||
use rocket::http::Status;
|
||||
use rocket::outcome::Outcome;
|
||||
use rocket::request::{FromRequest, Request};
|
||||
|
||||
use crate::pool::Db;
|
||||
|
||||
pub struct UUIDCookie(Uuid);
|
||||
|
||||
impl Into<Uuid> for UUIDCookie {
|
||||
fn into(self) -> Uuid {
|
||||
pub struct SessionAuth(Model);
|
||||
|
||||
impl SessionAuth {
|
||||
pub fn model(self) -> Model { // TODO: use into_inner instead?
|
||||
self.0
|
||||
}
|
||||
}
|
||||
|
||||
#[rocket::async_trait]
|
||||
impl<'r> FromRequest<'r> for UUIDCookie {
|
||||
impl<'r> FromRequest<'r> for SessionAuth {
|
||||
type Error = Option<String>;
|
||||
async fn from_request(req: &'r Request<'_>) -> Outcome<UUIDCookie, (Status, Self::Error), ()> {
|
||||
async fn from_request(req: &'r Request<'_>) -> Outcome<SessionAuth, (Status, Self::Error), ()> {
|
||||
let session_id = req.cookies().get("id").unwrap().name_value().1;
|
||||
println!("session_id: {}", session_id);
|
||||
let conn = &req.rocket().state::<Db>().unwrap().conn;
|
||||
|
||||
match Uuid::parse_str(&session_id) {
|
||||
Ok(uuid) => Outcome::Success(UUIDCookie(uuid)),
|
||||
let uuid = match Uuid::parse_str(&session_id) {
|
||||
Ok(uuid) => uuid,
|
||||
Err(_) => return Outcome::Failure((Status::BadRequest, None)),
|
||||
};
|
||||
|
||||
let session = CandidateService::auth_user_session(conn, uuid).await;
|
||||
|
||||
match session {
|
||||
Ok(model) => Outcome::Success(SessionAuth(model)),
|
||||
Err(_) => Outcome::Failure((Status::Unauthorized, None)),
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ extern crate rocket;
|
|||
|
||||
use std::net::SocketAddr;
|
||||
|
||||
use guards::request::candidate_refresh_token::SessionAuth;
|
||||
use portfolio_core::error::ServiceError;
|
||||
use portfolio_core::services::candidate_service::CandidateService;
|
||||
use requests::{LoginRequest, RegisterRequest};
|
||||
|
|
@ -29,8 +30,6 @@ pub use entity::candidate::Entity as Candidate;
|
|||
|
||||
use portfolio_core::crypto::random_8_char_string;
|
||||
|
||||
use crate::guards::request::candidate_refresh_token::UUIDCookie;
|
||||
|
||||
fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
|
||||
Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
|
||||
}
|
||||
|
|
@ -50,15 +49,8 @@ async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> R
|
|||
}
|
||||
|
||||
#[get("/whoami")]
|
||||
async fn validate(conn: Connection<'_, Db>, uuid_cookie: Result<UUIDCookie, Option<String>>) -> Result<String, Custom<String>> {
|
||||
let db = conn.into_inner();
|
||||
let user = CandidateService::auth_user_session(db, uuid_cookie.ok().unwrap().into()).await;
|
||||
|
||||
|
||||
match user {
|
||||
Ok(user) => Ok(user.application.to_string()),
|
||||
Err(err) => Err(custom_err_from_service_err(err))
|
||||
}
|
||||
async fn validate(session: SessionAuth) -> Result<String, Custom<String>> {
|
||||
Ok(session.model().application.to_string())
|
||||
}
|
||||
|
||||
#[post("/login", data = "<login_form>")]
|
||||
|
|
|
|||
Loading…
Reference in a new issue