From 4d97173176d74aa5b465e738d815df94140180be Mon Sep 17 00:00:00 2001
From: Sebastian Pravda <sebastian.pravda@gmail.com>
Date: Mon, 31 Oct 2022 09:22:23 +0100
Subject: [PATCH] feat: session auth guard

---
 .../guards/request/candidate_refresh_token.rs | 28 +++++++++++++------
 api/src/lib.rs                                | 14 ++--------
 2 files changed, 23 insertions(+), 19 deletions(-)

diff --git a/api/src/guards/request/candidate_refresh_token.rs b/api/src/guards/request/candidate_refresh_token.rs
index cf91f1a..681d33b 100644
--- a/api/src/guards/request/candidate_refresh_token.rs
+++ b/api/src/guards/request/candidate_refresh_token.rs
@@ -1,27 +1,39 @@
+use entity::candidate::Model;
 use portfolio_core::sea_orm::prelude::Uuid;
+use portfolio_core::services::candidate_service::CandidateService;
 use rocket::http::Status;
 use rocket::outcome::Outcome;
 use rocket::request::{FromRequest, Request};
 
+use crate::pool::Db;
 
-pub struct UUIDCookie(Uuid);
 
-impl Into<Uuid> for UUIDCookie {
-    fn into(self) -> Uuid {
+pub struct SessionAuth(Model);
+
+impl SessionAuth {
+    pub fn model(self) -> Model { // TODO: use into_inner instead?
         self.0
     }
 }
 
 #[rocket::async_trait]
-impl<'r> FromRequest<'r> for UUIDCookie {
+impl<'r> FromRequest<'r> for SessionAuth {
     type Error = Option<String>;
-    async fn from_request(req: &'r Request<'_>) -> Outcome<UUIDCookie, (Status, Self::Error), ()> {
+    async fn from_request(req: &'r Request<'_>) -> Outcome<SessionAuth, (Status, Self::Error), ()> {
         let session_id = req.cookies().get("id").unwrap().name_value().1;
-        println!("session_id: {}", session_id);
+        let conn = &req.rocket().state::<Db>().unwrap().conn;
 
-        match Uuid::parse_str(&session_id) {
-            Ok(uuid) => Outcome::Success(UUIDCookie(uuid)),
+        let uuid = match Uuid::parse_str(&session_id) {
+            Ok(uuid) => uuid,
             Err(_) => return Outcome::Failure((Status::BadRequest, None)),
+        };
+
+        let session = CandidateService::auth_user_session(conn, uuid).await;
+
+        match session {
+            Ok(model) => Outcome::Success(SessionAuth(model)),
+            Err(_) => Outcome::Failure((Status::Unauthorized, None)),
         }
+
     }
 }
diff --git a/api/src/lib.rs b/api/src/lib.rs
index 63e9dc3..0210675 100644
--- a/api/src/lib.rs
+++ b/api/src/lib.rs
@@ -3,6 +3,7 @@ extern crate rocket;
 
 use std::net::SocketAddr;
 
+use guards::request::candidate_refresh_token::SessionAuth;
 use portfolio_core::error::ServiceError;
 use portfolio_core::services::candidate_service::CandidateService;
 use requests::{LoginRequest, RegisterRequest};
@@ -29,8 +30,6 @@ pub use entity::candidate::Entity as Candidate;
 
 use portfolio_core::crypto::random_8_char_string;
 
-use crate::guards::request::candidate_refresh_token::UUIDCookie;
-
 fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
     Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
 }
@@ -50,15 +49,8 @@ async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> R
 }
 
 #[get("/whoami")]
-async fn validate(conn: Connection<'_, Db>, uuid_cookie: Result<UUIDCookie, Option<String>>) -> Result<String, Custom<String>> {
-    let db = conn.into_inner();
-    let user = CandidateService::auth_user_session(db, uuid_cookie.ok().unwrap().into()).await;
-
-
-    match user {
-        Ok(user) => Ok(user.application.to_string()),
-        Err(err) => Err(custom_err_from_service_err(err))
-    }
+async fn validate(session: SessionAuth) -> Result<String, Custom<String>> {
+    Ok(session.model().application.to_string())
 }
 
 #[post("/login", data = "<login_form>")]