Implements User Authentication and Removes Failed ResourceGuard

2024-02-24 23:42:41 -03:00
parent 077f69778f
commit ff0739573d
15 changed files with 668 additions and 115 deletions
--- a/src/handler/health.rs
+++ b/src/handler/health.rs
@@ -1,8 +1,7 @@
 use crate::model::generic_response::GenericResponse;
 use axum::{http::StatusCode, response::IntoResponse, Json};
-use proc_utils::guard_resource;

-#[guard_resource(ResourceType::OPEN)]
+
 pub async fn health_check() -> impl IntoResponse {
    const MESSAGE: &str = "Server is running";
    let response = GenericResponse {
--- a/src/handler/message.rs
+++ b/src/handler/message.rs
@@ -1,8 +1,13 @@
-use crate::model::send_message::SendMessage;
-use axum::{http::StatusCode, response::IntoResponse, Json};
-use proc_utils::guard_resource;
+use crate::model::send_message::{MessageAuthor, SendMessage};
+use axum::{http::StatusCode, response::IntoResponse, Json, Extension};
+use axum::extract::State;

-#[guard_resource(ResourceType::OPEN)]
-pub async fn send_message(Json(payload): Json<SendMessage>) -> impl IntoResponse {
-    (StatusCode::OK, Json(payload))
+
+pub async fn send_message(Extension(auther): Extension<MessageAuthor>, Json(payload): Json<SendMessage>) -> impl IntoResponse {
+    let mut response = payload.clone();
+
+    response.author = Some(auther).clone();
+    println!("Received message: {:?}", response);
+
+    (StatusCode::OK, Json(response))
 }
--- a/src/interceptor/mod.rs
+++ b/src/interceptor/mod.rs
@@ -1 +0,0 @@
-
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,5 +1,5 @@
 mod handler;
-mod interceptor;
+mod middleware;
 mod model;
 mod route;

--- a/src/middleware/auth_middleware.rs
+++ b/src/middleware/auth_middleware.rs
@@ -0,0 +1,44 @@
+use axum::{
+    response::Response,
+    middleware::Next,
+    extract::Request,
+    http::StatusCode,
+};
+use reqwest::header::AUTHORIZATION;
+use crate::model::send_message::MessageAuthor;
+
+pub async fn auth_middleware(mut request: Request, next: Next) -> Result<Response, StatusCode> {
+    let token = get_token(&request).ok_or(StatusCode::UNAUTHORIZED)?;
+
+    return match validate_token(&token).await {
+        Some(author) => {
+            println!("Author: {:?}", author);
+            request.extensions_mut().insert(author);
+            Ok(next.run(request).await)
+        },
+        None => Err(StatusCode::UNAUTHORIZED)
+    }
+}
+
+fn get_token(req: &Request) -> Option<String> {
+    req.headers()
+        .get(http::header::AUTHORIZATION)
+        .and_then(|header| header.to_str().ok())
+        .map(|header| header.replace("Bearer ", ""))
+}
+
+async fn validate_token(token: &str) -> Option<MessageAuthor> {
+    println!("Received token: {}", token);
+
+    let client = reqwest::Client::new();
+    let response = client.post("http://localhost:8070/user/login/validate")
+        .header(AUTHORIZATION, format!("Bearer {}", token))
+        .send().await.unwrap();
+
+    if response.status().is_success() {
+        let text = response.text().await.unwrap();
+        return serde_json::from_str(&text).unwrap();
+    }
+
+    None
+}
--- a/src/middleware/mod.rs
+++ b/src/middleware/mod.rs
@@ -0,0 +1 @@
+pub mod auth_middleware;
--- a/src/model/mod.rs
+++ b/src/model/mod.rs
@@ -1,2 +1,2 @@
 pub mod generic_response;
-pub mod send_message;
+pub mod send_message;
--- a/src/model/send_message.rs
+++ b/src/model/send_message.rs
@@ -3,22 +3,22 @@ use chrono::NaiveDateTime;
 use serde::{Deserialize, Serialize};
 use serde_with::serde_as;

-#[derive(Deserialize, Serialize)]
+#[derive(Deserialize, Serialize, Debug, Clone)]
 pub struct MessageAuthor {
-    name: String,
-    username: String,
-    email: String,
+    pub name: String,
+    pub username: String,
+    pub email: String,
 }

 #[serde_as]
-#[derive(Deserialize, Serialize)]
+#[derive(Deserialize, Serialize, Clone, Debug)]
 pub struct SendMessage {
-    author: Option<MessageAuthor>,
+    pub author: Option<MessageAuthor>,

-    subject: String,
+    pub subject: String,

-    message: String,
+    pub message: String,

    #[serde(deserialize_with = "from_ts")]
-    timestamp: NaiveDateTime,
+    pub timestamp: NaiveDateTime,
 }
--- a/src/route.rs
+++ b/src/route.rs
@@ -1,12 +1,12 @@
 use crate::handler::health::health_check;
 use crate::handler::message::send_message;
-use axum::{
-    routing::{get, post},
-    Router,
-};
+use axum::{routing::{get, post}, Router, middleware};
+use crate::middleware::auth_middleware::auth_middleware;
+

 pub fn create_route() -> Router {
    Router::new()
-        .route("/health", get(health_check))
        .route("/message", post(send_message))
+        .layer(middleware::from_fn(auth_middleware))
+        .route("/health", get(health_check))
 }