diff --git a/api/src/guards/request/candidate_refresh_token.rs b/api/src/guards/request/candidate_refresh_token.rs deleted file mode 100644 index cf91f1a..0000000 --- a/api/src/guards/request/candidate_refresh_token.rs +++ /dev/null @@ -1,27 +0,0 @@ -use portfolio_core::sea_orm::prelude::Uuid; -use rocket::http::Status; -use rocket::outcome::Outcome; -use rocket::request::{FromRequest, Request}; - - -pub struct UUIDCookie(Uuid); - -impl Into for UUIDCookie { - fn into(self) -> Uuid { - self.0 - } -} - -#[rocket::async_trait] -impl<'r> FromRequest<'r> for UUIDCookie { - type Error = Option; - async fn from_request(req: &'r Request<'_>) -> Outcome { - let session_id = req.cookies().get("id").unwrap().name_value().1; - println!("session_id: {}", session_id); - - match Uuid::parse_str(&session_id) { - Ok(uuid) => Outcome::Success(UUIDCookie(uuid)), - Err(_) => return Outcome::Failure((Status::BadRequest, None)), - } - } -} diff --git a/api/src/guards/request/mod.rs b/api/src/guards/request/mod.rs index bdf6937..066d9a7 100644 --- a/api/src/guards/request/mod.rs +++ b/api/src/guards/request/mod.rs @@ -1 +1 @@ -pub mod candidate_refresh_token; \ No newline at end of file +pub mod session_auth; \ No newline at end of file diff --git a/api/src/guards/request/session_auth.rs b/api/src/guards/request/session_auth.rs new file mode 100644 index 0000000..273c360 --- /dev/null +++ b/api/src/guards/request/session_auth.rs @@ -0,0 +1,38 @@ +use entity::candidate::Model as Candidate; +use portfolio_core::sea_orm::prelude::Uuid; +use portfolio_core::services::candidate_service::CandidateService; +use rocket::http::Status; +use rocket::outcome::Outcome; +use rocket::request::{FromRequest, Request}; + +use crate::pool::Db; + +pub struct SessionAuth(Candidate); + +impl Into for SessionAuth { + fn into(self) -> Candidate { + self.0 + } +} + +#[rocket::async_trait] +impl<'r> FromRequest<'r> for SessionAuth { + type Error = Option; + async fn from_request(req: &'r Request<'_>) -> Outcome { + let session_id = req.cookies().get("id").unwrap().name_value().1; + let conn = &req.rocket().state::().unwrap().conn; + + let uuid = match Uuid::parse_str(&session_id) { + Ok(uuid) => uuid, + Err(_) => return Outcome::Failure((Status::BadRequest, None)), + }; + + let session = CandidateService::auth_user_session(conn, uuid).await; + + match session { + Ok(model) => Outcome::Success(SessionAuth(model)), + Err(_) => Outcome::Failure((Status::Unauthorized, None)), + } + + } +} diff --git a/api/src/lib.rs b/api/src/lib.rs index 63e9dc3..47e615a 100644 --- a/api/src/lib.rs +++ b/api/src/lib.rs @@ -3,6 +3,7 @@ extern crate rocket; use std::net::SocketAddr; +use guards::request::session_auth::SessionAuth; use portfolio_core::error::ServiceError; use portfolio_core::services::candidate_service::CandidateService; use requests::{LoginRequest, RegisterRequest}; @@ -29,8 +30,6 @@ pub use entity::candidate::Entity as Candidate; use portfolio_core::crypto::random_8_char_string; -use crate::guards::request::candidate_refresh_token::UUIDCookie; - fn custom_err_from_service_err(service_err: ServiceError) -> Custom { Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string()) } @@ -50,15 +49,9 @@ async fn create(conn: Connection<'_, Db>, post_form: Json) -> R } #[get("/whoami")] -async fn validate(conn: Connection<'_, Db>, uuid_cookie: Result>) -> Result> { - let db = conn.into_inner(); - let user = CandidateService::auth_user_session(db, uuid_cookie.ok().unwrap().into()).await; - - - match user { - Ok(user) => Ok(user.application.to_string()), - Err(err) => Err(custom_err_from_service_err(err)) - } +async fn validate(session: SessionAuth) -> Result> { + let candidate: entity::candidate::Model = session.into(); + Ok(candidate.application.to_string()) } #[post("/login", data = "")]