mirror of
https://github.com/danbulant/Portfolio
synced 2026-07-07 20:10:44 +00:00
Merge pull request #27 from EETagent/guard_session_auth
Guard session auth
This commit is contained in:
commit
89c66958bc
4 changed files with 43 additions and 39 deletions
|
|
@ -1,27 +0,0 @@
|
||||||
use portfolio_core::sea_orm::prelude::Uuid;
|
|
||||||
use rocket::http::Status;
|
|
||||||
use rocket::outcome::Outcome;
|
|
||||||
use rocket::request::{FromRequest, Request};
|
|
||||||
|
|
||||||
|
|
||||||
pub struct UUIDCookie(Uuid);
|
|
||||||
|
|
||||||
impl Into<Uuid> for UUIDCookie {
|
|
||||||
fn into(self) -> Uuid {
|
|
||||||
self.0
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[rocket::async_trait]
|
|
||||||
impl<'r> FromRequest<'r> for UUIDCookie {
|
|
||||||
type Error = Option<String>;
|
|
||||||
async fn from_request(req: &'r Request<'_>) -> Outcome<UUIDCookie, (Status, Self::Error), ()> {
|
|
||||||
let session_id = req.cookies().get("id").unwrap().name_value().1;
|
|
||||||
println!("session_id: {}", session_id);
|
|
||||||
|
|
||||||
match Uuid::parse_str(&session_id) {
|
|
||||||
Ok(uuid) => Outcome::Success(UUIDCookie(uuid)),
|
|
||||||
Err(_) => return Outcome::Failure((Status::BadRequest, None)),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
pub mod candidate_refresh_token;
|
pub mod session_auth;
|
||||||
38
api/src/guards/request/session_auth.rs
Normal file
38
api/src/guards/request/session_auth.rs
Normal file
|
|
@ -0,0 +1,38 @@
|
||||||
|
use entity::candidate::Model as Candidate;
|
||||||
|
use portfolio_core::sea_orm::prelude::Uuid;
|
||||||
|
use portfolio_core::services::candidate_service::CandidateService;
|
||||||
|
use rocket::http::Status;
|
||||||
|
use rocket::outcome::Outcome;
|
||||||
|
use rocket::request::{FromRequest, Request};
|
||||||
|
|
||||||
|
use crate::pool::Db;
|
||||||
|
|
||||||
|
pub struct SessionAuth(Candidate);
|
||||||
|
|
||||||
|
impl Into<Candidate> for SessionAuth {
|
||||||
|
fn into(self) -> Candidate {
|
||||||
|
self.0
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[rocket::async_trait]
|
||||||
|
impl<'r> FromRequest<'r> for SessionAuth {
|
||||||
|
type Error = Option<String>;
|
||||||
|
async fn from_request(req: &'r Request<'_>) -> Outcome<SessionAuth, (Status, Self::Error), ()> {
|
||||||
|
let session_id = req.cookies().get("id").unwrap().name_value().1;
|
||||||
|
let conn = &req.rocket().state::<Db>().unwrap().conn;
|
||||||
|
|
||||||
|
let uuid = match Uuid::parse_str(&session_id) {
|
||||||
|
Ok(uuid) => uuid,
|
||||||
|
Err(_) => return Outcome::Failure((Status::BadRequest, None)),
|
||||||
|
};
|
||||||
|
|
||||||
|
let session = CandidateService::auth_user_session(conn, uuid).await;
|
||||||
|
|
||||||
|
match session {
|
||||||
|
Ok(model) => Outcome::Success(SessionAuth(model)),
|
||||||
|
Err(_) => Outcome::Failure((Status::Unauthorized, None)),
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -3,6 +3,7 @@ extern crate rocket;
|
||||||
|
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
|
|
||||||
|
use guards::request::session_auth::SessionAuth;
|
||||||
use portfolio_core::error::ServiceError;
|
use portfolio_core::error::ServiceError;
|
||||||
use portfolio_core::services::candidate_service::CandidateService;
|
use portfolio_core::services::candidate_service::CandidateService;
|
||||||
use requests::{LoginRequest, RegisterRequest};
|
use requests::{LoginRequest, RegisterRequest};
|
||||||
|
|
@ -29,8 +30,6 @@ pub use entity::candidate::Entity as Candidate;
|
||||||
|
|
||||||
use portfolio_core::crypto::random_8_char_string;
|
use portfolio_core::crypto::random_8_char_string;
|
||||||
|
|
||||||
use crate::guards::request::candidate_refresh_token::UUIDCookie;
|
|
||||||
|
|
||||||
fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
|
fn custom_err_from_service_err(service_err: ServiceError) -> Custom<String> {
|
||||||
Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
|
Custom(Status::from_code(service_err.0.code).unwrap_or_default(), service_err.1.to_string())
|
||||||
}
|
}
|
||||||
|
|
@ -50,15 +49,9 @@ async fn create(conn: Connection<'_, Db>, post_form: Json<RegisterRequest>) -> R
|
||||||
}
|
}
|
||||||
|
|
||||||
#[get("/whoami")]
|
#[get("/whoami")]
|
||||||
async fn validate(conn: Connection<'_, Db>, uuid_cookie: Result<UUIDCookie, Option<String>>) -> Result<String, Custom<String>> {
|
async fn validate(session: SessionAuth) -> Result<String, Custom<String>> {
|
||||||
let db = conn.into_inner();
|
let candidate: entity::candidate::Model = session.into();
|
||||||
let user = CandidateService::auth_user_session(db, uuid_cookie.ok().unwrap().into()).await;
|
Ok(candidate.application.to_string())
|
||||||
|
|
||||||
|
|
||||||
match user {
|
|
||||||
Ok(user) => Ok(user.application.to_string()),
|
|
||||||
Err(err) => Err(custom_err_from_service_err(err))
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[post("/login", data = "<login_form>")]
|
#[post("/login", data = "<login_form>")]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue