diff --git a/src/middleware/authentication.rs b/src/middleware/authentication.rs
index b5516b36e3a6c719d2cb0b4b21b3db690f4bb596..278eb2c0d20855db8d9a8ae36b0c91a7ddf21825 100644
--- a/src/middleware/authentication.rs
+++ b/src/middleware/authentication.rs
@@ -28,25 +28,50 @@ pub struct AuthenticatedMiddleware<S> {
service: S,
}
+#[derive(serde::Deserialize)]
+struct Credentials {
+ id: String,
+ password: String,
+}
+
+async fn auth(req: &mut ServiceRequest) -> Result<(), Box<dyn actix_web::ResponseError>> {
+ let cookie = req.cookie("auth");
+ match cookie {
+ Some(cookie) => Ok(()),
+ None => match req.extract::<actix_web::web::Form<Credentials>>().await {
+ Ok(credentials) => Ok(()),
+ Err(_) => Err(Box::new(actix_web::ResponseError::status_code(
+ actix_web::http::StatusCode::UNAUTHORIZED,
+ ))),
+ },
+ }
+}
+
impl<S, B> Service<ServiceRequest> for AuthenticatedMiddleware<S>
where
S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>,
S::Future: 'static,
B: 'static,
{
- type Response = ServiceResponse<B>;
+ type Response = ServiceResponse<actix_web::body::EitherBody<B>>;
type Error = Error;
type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;
forward_ready!(service);
fn call(&self, req: ServiceRequest) -> Self::Future {
- println!("AUTH MW");
- let fut = self.service.call(req);
Box::pin(async move {
- let res = fut.await?;
- println!("RESP");
- Ok(res)
+ let credentials = req.extract::<actix_web::web::Form<Credentials>>().await;
+ let authenticated = auth(&mut req).await;
+
+ if let Err(msg) = authenticated {
+ return Ok(req.error_response(Error::from(msg)).map_into_right_body());
+ }
+
+ self.service
+ .call(req)
+ .await
+ .map(|res| res.map_into_left_body())
})
}
}