diff options
| author | metamuffin <metamuffin@disroot.org> | 2023-08-05 22:25:25 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2023-08-05 22:45:30 +0200 |
| commit | 7b0cdc8edec53f2b084ef28a8d6a537f1ebdd9ed (patch) | |
| tree | 7dd547ece6eaa2d5e4c6f117b20db3ad5730b594 /server/src/routes/ui/account | |
| parent | 246fcc704621d7c9626c990ded29b82abab47c8b (diff) | |
| download | jellything-7b0cdc8edec53f2b084ef28a8d6a537f1ebdd9ed.tar jellything-7b0cdc8edec53f2b084ef28a8d6a537f1ebdd9ed.tar.bz2 jellything-7b0cdc8edec53f2b084ef28a8d6a537f1ebdd9ed.tar.zst | |
in-browser server log
Diffstat (limited to 'server/src/routes/ui/account')
| -rw-r--r-- | server/src/routes/ui/account/session/guard.rs | 56 | ||||
| -rw-r--r-- | server/src/routes/ui/account/session/mod.rs | 2 |
2 files changed, 37 insertions, 21 deletions
diff --git a/server/src/routes/ui/account/session/guard.rs b/server/src/routes/ui/account/session/guard.rs index e2bc093..19d68ad 100644 --- a/server/src/routes/ui/account/session/guard.rs +++ b/server/src/routes/ui/account/session/guard.rs @@ -3,11 +3,13 @@ which is licensed under the GNU Affero General Public License (version 3); see /COPYING. Copyright (C) 2023 metamuffin <metamuffin.org> */ -use super::Session; +use super::{AdminSession, Session}; use crate::{database::Database, routes::ui::error::MyError}; use anyhow::anyhow; use log::warn; use rocket::{ + async_trait, + http::Status, outcome::Outcome, request::{self, FromRequest}, Request, State, @@ -40,31 +42,43 @@ impl Session { } } +#[async_trait] impl<'r> FromRequest<'r> for Session { type Error = MyError; + async fn from_request<'life0>( + request: &'r Request<'life0>, + ) -> request::Outcome<Self, Self::Error> { + match Session::from_request_ut(request).await { + Ok(x) => Outcome::Success(x), + Err(e) => { + warn!("authentificated route rejected: {e:?}"); + Outcome::Forward(()) + } + } + } +} - fn from_request<'life0, 'async_trait>( +#[async_trait] +impl<'r> FromRequest<'r> for AdminSession { + type Error = MyError; + async fn from_request<'life0>( request: &'r Request<'life0>, - ) -> core::pin::Pin< - Box< - dyn core::future::Future<Output = request::Outcome<Self, Self::Error>> - + core::marker::Send - + 'async_trait, - >, - > - where - 'r: 'async_trait, - 'life0: 'async_trait, - Self: 'async_trait, - { - Box::pin(async move { - match Self::from_request_ut(request).await { - Ok(x) => Outcome::Success(x), - Err(e) => { - warn!("authentificated route rejected: {e:?}"); - Outcome::Forward(()) + ) -> request::Outcome<Self, Self::Error> { + match Session::from_request_ut(request).await { + Ok(x) => { + if x.user.admin { + Outcome::Success(AdminSession(x)) + } else { + Outcome::Failure(( + Status::Unauthorized, + MyError(anyhow!("you are not an admin")), + )) } } - }) + Err(e) => { + warn!("authentificated route rejected: {e:?}"); + Outcome::Forward(()) + } + } } } diff --git a/server/src/routes/ui/account/session/mod.rs b/server/src/routes/ui/account/session/mod.rs index 2a7908f..89592c3 100644 --- a/server/src/routes/ui/account/session/mod.rs +++ b/server/src/routes/ui/account/session/mod.rs @@ -15,6 +15,8 @@ pub struct Session { pub user: User, } +pub struct AdminSession(pub Session); + #[derive(Debug, Clone, Serialize, Deserialize)] pub struct SessionData { username: String, |