Newer
Older
use crate::{app::AdminAuthToken, AppState};
dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
Error,
};
use futures::prelude::future::LocalBoxFuture;
use std::future::{ready, Ready};
impl<S, B> Transform<S, ServiceRequest> for AuthService
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
B: MessageBody + 'static,
type Error = Error;
type InitError = ();
type Transform = AuthenticatedMiddleware<S>;
type Future = Ready<Result<Self::Transform, Self::InitError>>;
fn new_transform(&self, service: S) -> Self::Future {
ready(Ok(AuthenticatedMiddleware {
service: std::rc::Rc::new(service),
}))
}
}
pub struct AuthenticatedMiddleware<S> {
async fn authenticate(req: &mut ServiceRequest, token: &AdminAuthToken) -> bool {
match req.cookie(&token.cookie_name) {
Some(cookie) => token.match_value(cookie.value().to_string()),
impl<S, B> Service<ServiceRequest> for AuthenticatedMiddleware<S>
where
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
B: MessageBody + 'static,
type Error = Error;
type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
forward_ready!(service);
fn call(&self, req: ServiceRequest) -> Self::Future {
let token = {
let app_state = req
.app_data::<actix_web::web::Data<std::sync::Mutex<AppState>>>()
.expect("Failed to extract AppState from ServiceRequest")
.lock()
.expect("Failed to lock AppState Mutex");
app_state.admin_auth_token.clone()
};
if let false = authenticate(&mut req, &token).await {
return Ok(req.into_response(
actix_web::HttpResponse::Unauthorized()
.body("<html><body>Error 401 - Unauthorized - Please go to <a href='/admin/login'>login page</a>.</body></html>") // TODO a proper 401 view ?