mirror of
https://github.com/danbulant/Portfolio
synced 2026-07-07 03:50:36 +00:00
feat: session auth guard
This commit is contained in:
parent
e2844a3866
commit
4d97173176
2 changed files with 23 additions and 19 deletions
|
|
@ -1,27 +1,39 @@
|
||||||
|
use entity::candidate::Model;
|
||||||
use portfolio_core::sea_orm::prelude::Uuid;
|
use portfolio_core::sea_orm::prelude::Uuid;
|
||||||
|
use portfolio_core::services::candidate_service::CandidateService;
|
||||||
use rocket::http::Status;
|
use rocket::http::Status;
|
||||||
use rocket::outcome::Outcome;
|
use rocket::outcome::Outcome;
|
||||||
use rocket::request::{FromRequest, Request};
|
use rocket::request::{FromRequest, Request};
|
||||||
|
|
||||||
|
use crate::pool::Db;
|
||||||
|
|
||||||
pub struct UUIDCookie(Uuid);
|
|
||||||
|
|
||||||
impl Into<Uuid> for UUIDCookie {
|
pub struct SessionAuth(Model);
|
||||||
fn into(self) -> Uuid {
|
|
||||||
|
impl SessionAuth {
|
||||||
|
pub fn model(self) -> Model { // TODO: use into_inner instead?
|
||||||
self.0
|
self.0
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[rocket::async_trait]
|
#[rocket::async_trait]
|
||||||
impl<'r> FromRequest<'r> for UUIDCookie {
|
impl<'r> FromRequest<'r> for SessionAuth {
|
||||||
type Error = Option<String>;
|
type Error = Option<String>;
|
||||||
async fn from_request(req: &'r Request<'_>) -> Outcome<UUIDCookie, (Status, Self::Error), ()> {
|
async fn from_request(req: &'r Request<'_>) -> Outcome<SessionAuth, (Status, Self::Error), ()> {
|
||||||
let session_id = req.cookies().get("id").unwrap().name_value().1;
|
let session_id = req.cookies().get("id").unwrap().name_value().1;
|
||||||
println!("session_id: {}", session_id);
|
let conn = &req.rocket().state::<Db>().unwrap().conn;
|
||||||
|
|
||||||
match Uuid::parse_str(&session_id) {
|
let uuid = match Uuid::parse_str(&session_id) {
|
||||||
Ok(uuid) => Outcome::Success(UUIDCookie(uuid)),
|
Ok(uuid) => uuid,
|
||||||
Err(_) => return Outcome::Failure((Status::BadRequest, None)),
|
Err(_) => return Outcome::Failure((Status::BadRequest, None)),
|
||||||
|
};
|
||||||
|
|
||||||
|
let session = CandidateService::auth_user_session(conn, uuid).await;
|
||||||
|
|
||||||
|
match session {
|
||||||
|
Ok(model) => Outcome::Success(SessionAuth(model)),
|
||||||
|
Err(_) => Outcome::Failure((Status::Unauthorized, None)),
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ extern crate rocket;
|
||||||
|
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
|
|
||||||
|
use guards::request::candidate_refresh_token::SessionAuth;
|
||||||
use portfolio_core::error::ServiceError;
|
use portfolio_core::error::ServiceError;
|
||||||
use portfolio_core::services::candidate_service::CandidateService;
|
use portfolio_core::services::candidate_service::CandidateService;
|
||||||
use requests::{LoginRequest, RegisterRequest};
|
use requests::{LoginRequest, RegisterRequest};
|
||||||
|
|
@ -29,8 +30,6 @@ pub use entity::candidate::Entity as Candidate;
|
||||||
|
|
||||||
use portfolio_core::crypto::random_8_char_string;
|
use portfolio_core::crypto::random_8_char_string;
|
||||||
|
|
||||||
use crate::guards::request::candidate_refresh_token::UUIDCookie;
|
|
||||||
|
|
||||||
fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
|
fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
|
||||||
Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
|
Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
|
||||||
}
|
}
|
||||||
|
|
@ -50,15 +49,8 @@ async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> R
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/whoami")]
|
#[get("/whoami")]
|
||||||
async fn validate(conn: Connection<'_, Db>, uuid_cookie: Result<UUIDCookie, Option<String>>) -> Result<String, Custom<String>> {
|
async fn validate(session: SessionAuth) -> Result<String, Custom<String>> {
|
||||||
let db = conn.into_inner();
|
Ok(session.model().application.to_string())
|
||||||
let user = CandidateService::auth_user_session(db, uuid_cookie.ok().unwrap().into()).await;
|
|
||||||
|
|
||||||
|
|
||||||
match user {
|
|
||||||
Ok(user) => Ok(user.application.to_string()),
|
|
||||||
Err(err) => Err(custom_err_from_service_err(err))
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/login", data = "<login_form>")]
|
#[post("/login", data = "<login_form>")]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue