diff --git a/src/middleware/authentication.rs b/src/middleware/authentication.rs index b5516b36e3a6c719d2cb0b4b21b3db690f4bb596..278eb2c0d20855db8d9a8ae36b0c91a7ddf21825 100644 --- a/src/middleware/authentication.rs +++ b/src/middleware/authentication.rs @@ -28,25 +28,50 @@ pub struct AuthenticatedMiddleware<S> { service: S, } +#[derive(serde::Deserialize)] +struct Credentials { + id: String, + password: String, +} + +async fn auth(req: &mut ServiceRequest) -> Result<(), Box<dyn actix_web::ResponseError>> { + let cookie = req.cookie("auth"); + match cookie { + Some(cookie) => Ok(()), + None => match req.extract::<actix_web::web::Form<Credentials>>().await { + Ok(credentials) => Ok(()), + Err(_) => Err(Box::new(actix_web::ResponseError::status_code( + actix_web::http::StatusCode::UNAUTHORIZED, + ))), + }, + } +} + impl<S, B> Service<ServiceRequest> for AuthenticatedMiddleware<S> where S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>, S::Future: 'static, B: 'static, { - type Response = ServiceResponse<B>; + type Response = ServiceResponse<actix_web::body::EitherBody<B>>; type Error = Error; type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>; forward_ready!(service); fn call(&self, req: ServiceRequest) -> Self::Future { - println!("AUTH MW"); - let fut = self.service.call(req); Box::pin(async move { - let res = fut.await?; - println!("RESP"); - Ok(res) + let credentials = req.extract::<actix_web::web::Form<Credentials>>().await; + let authenticated = auth(&mut req).await; + + if let Err(msg) = authenticated { + return Ok(req.error_response(Error::from(msg)).map_into_right_body()); + } + + self.service + .call(req) + .await + .map(|res| res.map_into_left_body()) }) } }