starred/minne
1
0
Fork 0
mirror of https://github.com/perstarkse/minne.git synced 2026-05-10 09:50:10 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
c3ec25cc448499774b02005b6ff52e78b9190d68
minne/src/server/middleware_api_auth.rs
Per Stark cf6078eceb user restricted to own objects
2024-12-15 22:52:34 +01:00

40 lines
1.0 KiB
Rust
Raw Blame History

use axum::{
extract::{Request, State},
middleware::Next,
response::Response,
};
use crate::{error::ApiError, storage::types::user::User};
use super::AppState;
pub async fn api_auth(
State(state): State<AppState>,
mut request: Request,
next: Next,
) -> Result<Response, ApiError> {
let api_key = extract_api_key(&request).ok_or(ApiError::AuthRequired)?;
let user = User::find_by_api_key(&api_key, &state.surreal_db_client).await?;
let user = user.ok_or(ApiError::UserNotFound)?;
request.extensions_mut().insert(user);
Ok(next.run(request).await)
}
fn extract_api_key(request: &Request) -> Option<String> {
request
.headers()
.get("X-API-Key")
.and_then(|v| v.to_str().ok())
.or_else(|| {
request
.headers()
.get("Authorization")
.and_then(|v| v.to_str().ok())
.and_then(|auth| auth.strip_prefix("Bearer ").map(|s| s.trim()))
})
.map(String::from)
}
Reference in New Issue View Git Blame Copy Permalink