diff options
| author | metamuffin <metamuffin@disroot.org> | 2023-08-01 14:46:14 +0200 | 
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2023-08-01 14:46:14 +0200 | 
| commit | dbb8c1c2f0035ea41224dec319a996b89e13ec84 (patch) | |
| tree | b99f5c6b25e54fccb23f789ca748bd9ddeba5ed4 /server/src/routes/ui/account/session/guard.rs | |
| parent | 705fba50de94a7efdb9fe635ee683d6a615348f8 (diff) | |
| download | jellything-dbb8c1c2f0035ea41224dec319a996b89e13ec84.tar jellything-dbb8c1c2f0035ea41224dec319a996b89e13ec84.tar.bz2 jellything-dbb8c1c2f0035ea41224dec319a996b89e13ec84.tar.zst | |
new session based login
Diffstat (limited to 'server/src/routes/ui/account/session/guard.rs')
| -rw-r--r-- | server/src/routes/ui/account/session/guard.rs | 70 | 
1 files changed, 70 insertions, 0 deletions
| diff --git a/server/src/routes/ui/account/session/guard.rs b/server/src/routes/ui/account/session/guard.rs new file mode 100644 index 0000000..58dfe01 --- /dev/null +++ b/server/src/routes/ui/account/session/guard.rs @@ -0,0 +1,70 @@ +/* +    This file is part of jellything (https://codeberg.org/metamuffin/jellything) +    which is licensed under the GNU Affero General Public License (version 3); see /COPYING. +    Copyright (C) 2023 metamuffin <metamuffin.org> +*/ +use super::{token, Session}; +use crate::{database::Database, routes::ui::error::MyError}; +use anyhow::anyhow; +use log::warn; +use rocket::{ +    outcome::Outcome, +    request::{self, FromRequest}, +    Request, State, +}; + +impl Session { +    pub async fn from_request_ut(req: &Request<'_>) -> Result<Self, MyError> { +        let username; + +        #[cfg(not(feature = "bypass-auth"))] +        { +            let token = req +                .query_value("session") +                .map(|e| e.expect("str parse should not fail, right?")) +                .or(req.cookies().get("session").map(|cookie| cookie.value())) +                .ok_or(anyhow!("not logged in"))?; + +            username = token::validate(token)?; +        }; + +        #[cfg(feature = "bypass-auth")] +        { +            username = "admin".to_string(); +        } + +        let db = req.guard::<&State<Database>>().await.unwrap(); +        let user = db.users.get(&username)?.ok_or(anyhow!("user not found"))?; + +        Ok(Session { user }) +    } +} + +impl<'r> FromRequest<'r> for Session { +    type Error = MyError; + +    fn from_request<'life0, 'async_trait>( +        request: &'r Request<'life0>, +    ) -> core::pin::Pin< +        Box< +            dyn core::future::Future<Output = request::Outcome<Self, Self::Error>> +                + core::marker::Send +                + 'async_trait, +        >, +    > +    where +        'r: 'async_trait, +        'life0: 'async_trait, +        Self: 'async_trait, +    { +        Box::pin(async move { +            match Self::from_request_ut(request).await { +                Ok(x) => Outcome::Success(x), +                Err(e) => { +                    warn!("authentificated route rejected: {e:?}"); +                    Outcome::Forward(()) +                } +            } +        }) +    } +} | 
