BLOG-86 Checking authentication before uploading image #101
@ -1,3 +1,4 @@
|
|||||||
|
pub mod auth_middleware;
|
||||||
pub mod auth_web_routes;
|
pub mod auth_web_routes;
|
||||||
|
|
||||||
mod constants;
|
mod constants;
|
||||||
|
|||||||
49
backend/feature/auth/src/framework/web/auth_middleware.rs
Normal file
49
backend/feature/auth/src/framework/web/auth_middleware.rs
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
use std::future::{self, Ready};
|
||||||
|
|
||||||
|
use actix_session::SessionExt;
|
||||||
|
use actix_web::{
|
||||||
|
Error, FromRequest, HttpMessage, HttpRequest,
|
||||||
|
body::MessageBody,
|
||||||
|
dev::{Payload, ServiceRequest, ServiceResponse},
|
||||||
|
error::ErrorUnauthorized,
|
||||||
|
middleware::Next,
|
||||||
|
};
|
||||||
|
|
||||||
|
use crate::framework::web::constants::SESSION_KEY_USER_ID;
|
||||||
|
|
||||||
|
pub async fn auth_middleware(
|
||||||
|
req: ServiceRequest,
|
||||||
|
next: Next<impl MessageBody>,
|
||||||
|
) -> Result<ServiceResponse<impl MessageBody>, Error> {
|
||||||
|
let session = req.get_session();
|
||||||
|
let user_id = session.get::<i32>(SESSION_KEY_USER_ID);
|
||||||
|
|
||||||
|
if user_id.is_err() {
|
||||||
|
return next.call(req).await;
|
||||||
|
}
|
||||||
|
|
||||||
|
let user_id = user_id.unwrap();
|
||||||
|
if user_id.is_none() {
|
||||||
|
return next.call(req).await;
|
||||||
|
}
|
||||||
|
|
||||||
|
let user_id = user_id.unwrap();
|
||||||
|
req.extensions_mut().insert(user_id);
|
||||||
|
next.call(req).await
|
||||||
|
}
|
||||||
|
|
||||||
|
pub struct UserId(pub i32);
|
||||||
|
|
||||||
|
impl FromRequest for UserId {
|
||||||
|
type Error = Error;
|
||||||
|
type Future = Ready<Result<Self, Self::Error>>;
|
||||||
|
|
||||||
|
fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
|
||||||
|
let user_id = req.extensions().get::<i32>().cloned();
|
||||||
|
|
||||||
|
match user_id {
|
||||||
|
Some(id) => future::ready(Ok(UserId(id))),
|
||||||
|
None => future::ready(Err(ErrorUnauthorized(""))),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -6,8 +6,9 @@ use crate::{
|
|||||||
auth_controller::AuthController, oidc_callback_query_dto::OidcCallbackQueryDto,
|
auth_controller::AuthController, oidc_callback_query_dto::OidcCallbackQueryDto,
|
||||||
},
|
},
|
||||||
application::error::auth_error::AuthError,
|
application::error::auth_error::AuthError,
|
||||||
framework::web::constants::{
|
framework::web::{
|
||||||
SESSION_KEY_AUTH_NONCE, SESSION_KEY_AUTH_STATE, SESSION_KEY_USER_ID,
|
auth_middleware::UserId,
|
||||||
|
constants::{SESSION_KEY_AUTH_NONCE, SESSION_KEY_AUTH_STATE, SESSION_KEY_USER_ID},
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -18,6 +19,8 @@ pub fn configure_auth_routes(cfg: &mut web::ServiceConfig) {
|
|||||||
.route("/callback", web::get().to(oidc_callback_handler))
|
.route("/callback", web::get().to(oidc_callback_handler))
|
||||||
.route("/logout", web::get().to(logout_handler)),
|
.route("/logout", web::get().to(logout_handler)),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
cfg.service(web::resource("/me").route(web::get().to(get_logged_in_user_handler)));
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn oidc_login_handler(
|
async fn oidc_login_handler(
|
||||||
@ -92,10 +95,12 @@ async fn oidc_callback_handler(
|
|||||||
}
|
}
|
||||||
|
|
||||||
async fn logout_handler(session: Session) -> impl Responder {
|
async fn logout_handler(session: Session) -> impl Responder {
|
||||||
session.remove(SESSION_KEY_AUTH_STATE);
|
session.clear();
|
||||||
session.remove(SESSION_KEY_AUTH_NONCE);
|
|
||||||
session.remove(SESSION_KEY_USER_ID);
|
|
||||||
HttpResponse::Found()
|
HttpResponse::Found()
|
||||||
.append_header((header::LOCATION, "/"))
|
.append_header((header::LOCATION, "/"))
|
||||||
.finish()
|
.finish()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async fn get_logged_in_user_handler(user_id: UserId) -> impl Responder {
|
||||||
|
HttpResponse::Ok().body(format!("Logged in user ID: {}", user_id.0))
|
||||||
|
}
|
||||||
|
|||||||
@ -5,9 +5,12 @@ use actix_web::{
|
|||||||
App, Error, HttpServer,
|
App, Error, HttpServer,
|
||||||
body::MessageBody,
|
body::MessageBody,
|
||||||
dev::{ServiceFactory, ServiceRequest, ServiceResponse},
|
dev::{ServiceFactory, ServiceRequest, ServiceResponse},
|
||||||
|
middleware::from_fn,
|
||||||
web,
|
web,
|
||||||
};
|
};
|
||||||
use auth::framework::web::auth_web_routes::configure_auth_routes;
|
use auth::framework::web::{
|
||||||
|
auth_middleware::auth_middleware, auth_web_routes::configure_auth_routes,
|
||||||
|
};
|
||||||
use image::framework::web::image_web_routes::configure_image_routes;
|
use image::framework::web::image_web_routes::configure_image_routes;
|
||||||
use openidconnect::reqwest;
|
use openidconnect::reqwest;
|
||||||
use post::framework::web::post_web_routes::configure_post_routes;
|
use post::framework::web::post_web_routes::configure_post_routes;
|
||||||
@ -63,6 +66,8 @@ fn create_app(
|
|||||||
let container = Container::new(db_pool, http_client, configuration);
|
let container = Container::new(db_pool, http_client, configuration);
|
||||||
|
|
||||||
App::new()
|
App::new()
|
||||||
|
// The middlewares are executed in opposite order as registration.
|
||||||
|
.wrap(from_fn(auth_middleware))
|
||||||
.wrap(session_middleware_builder.build())
|
.wrap(session_middleware_builder.build())
|
||||||
.app_data(web::Data::from(container.auth_controller))
|
.app_data(web::Data::from(container.auth_controller))
|
||||||
.app_data(web::Data::from(container.image_controller))
|
.app_data(web::Data::from(container.image_controller))
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user