squid/blog
squid/blog
1
2
Fork 0
Code Issues 10 Pull Requests Actions Projects 1 Releases 7 Wiki Activity

BLOG-86 Checking authentication before uploading image #101

Merged
squid merged 5 commits from BLOG-86_image_can_only_be_uploaded_by_logged_in_user into main 2025-08-01 18:26:39 +08:00
Conversation 3 Commits 5 Files Changed 8 +8 -34
2 changed files with 8 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 04c9d4dcf0 - Show all commits

36
backend/feature/auth/src/framework/web/auth_middleware.rs
View File

@ -1,37 +1,10 @@
use std::future::{self, Ready};
use actix_session::SessionExt;
use actix_web::{
Error, FromRequest, HttpMessage, HttpRequest,
body::MessageBody,
dev::{Payload, ServiceRequest, ServiceResponse},
error::ErrorUnauthorized,
middleware::Next,
};
use actix_web::{Error, FromRequest, HttpRequest, dev::Payload, error::ErrorUnauthorized};
use crate::framework::web::constants::SESSION_KEY_USER_ID;
pub async fn auth_middleware(
req: ServiceRequest,
next: Next<impl MessageBody>,
) -> Result<ServiceResponse<impl MessageBody>, Error> {
let session = req.get_session();
let user_id = session.get::<i32>(SESSION_KEY_USER_ID);
if user_id.is_err() {
return next.call(req).await;
}
let user_id = user_id.unwrap();
if user_id.is_none() {
return next.call(req).await;
}
let user_id = user_id.unwrap();
req.extensions_mut().insert(user_id);
next.call(req).await
}
pub struct UserId(i32);
impl UserId {
@ -45,7 +18,12 @@ impl FromRequest for UserId {
type Future = Ready<Result<Self, Self::Error>>;
fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
let user_id = req.extensions().get::<i32>().cloned();
let user_id_result = req.get_session().get::<i32>(SESSION_KEY_USER_ID);
let user_id = match user_id_result {
Ok(id) => id,
_ => return future::ready(Err(ErrorUnauthorized(""))),
};
match user_id {
Some(id) => future::ready(Ok(UserId(id))),

6
backend/server/src/main.rs
View File

@ -5,12 +5,9 @@ use actix_web::{
App, Error, HttpServer,
body::MessageBody,
dev::{ServiceFactory, ServiceRequest, ServiceResponse},
middleware::from_fn,
web,
};
use auth::framework::web::{
auth_middleware::auth_middleware, auth_web_routes::configure_auth_routes,
};
use auth::framework::web::auth_web_routes::configure_auth_routes;
use image::framework::web::image_web_routes::configure_image_routes;
use openidconnect::reqwest;
use post::framework::web::post_web_routes::configure_post_routes;
@ -67,7 +64,6 @@ fn create_app(
App::new()
// The middlewares are executed in opposite order as registration.
.wrap(from_fn(auth_middleware))
.wrap(session_middleware_builder.build())
.app_data(web::Data::from(container.auth_controller))
.app_data(web::Data::from(container.image_controller))