From 48ce94c829968cca0248a0f6be99b146250907f3 Mon Sep 17 00:00:00 2001 From: peterrabbit <pierre.jarriges@tutanota.com> Date: Sat, 10 Sep 2022 18:06:58 +0200 Subject: [PATCH] wip auth admin --- src/middleware/authentication.rs | 37 ++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/src/middleware/authentication.rs b/src/middleware/authentication.rs index b5516b3..278eb2c 100644 --- a/src/middleware/authentication.rs +++ b/src/middleware/authentication.rs @@ -28,25 +28,50 @@ pub struct AuthenticatedMiddleware<S> { service: S, } +#[derive(serde::Deserialize)] +struct Credentials { + id: String, + password: String, +} + +async fn auth(req: &mut ServiceRequest) -> Result<(), Box<dyn actix_web::ResponseError>> { + let cookie = req.cookie("auth"); + match cookie { + Some(cookie) => Ok(()), + None => match req.extract::<actix_web::web::Form<Credentials>>().await { + Ok(credentials) => Ok(()), + Err(_) => Err(Box::new(actix_web::ResponseError::status_code( + actix_web::http::StatusCode::UNAUTHORIZED, + ))), + }, + } +} + impl<S, B> Service<ServiceRequest> for AuthenticatedMiddleware<S> where S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error>, S::Future: 'static, B: 'static, { - type Response = ServiceResponse<B>; + type Response = ServiceResponse<actix_web::body::EitherBody<B>>; type Error = Error; type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>; forward_ready!(service); fn call(&self, req: ServiceRequest) -> Self::Future { - println!("AUTH MW"); - let fut = self.service.call(req); Box::pin(async move { - let res = fut.await?; - println!("RESP"); - Ok(res) + let credentials = req.extract::<actix_web::web::Form<Credentials>>().await; + let authenticated = auth(&mut req).await; + + if let Err(msg) = authenticated { + return Ok(req.error_response(Error::from(msg)).map_into_right_body()); + } + + self.service + .call(req) + .await + .map(|res| res.map_into_left_body()) }) } } -- GitLab