nikdoof/rustical
1
1
Fork 0
mirror of https://github.com/lennart-k/rustical.git synced 2025-12-14 04:42:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix that auth middleware should not actually throw an error when unauthorized

Browse Source
This commit is contained in:
Lennart
2024-10-03 20:24:14 +02:00
parent 4872d67a36
commit 9c8c05eaca
1 changed files with 9 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
crates/store/src/auth/middleware.rs
View File

@@ -1,3 +1,4 @@
use super::AuthenticationProvider;
use actix_web::{ use actix_web::{
dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform}, dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
error::ErrorUnauthorized, error::ErrorUnauthorized,
@@ -11,8 +12,6 @@ use std::{
sync::Arc, sync::Arc,
}; };
use super::AuthenticationProvider;
pub struct AuthenticationMiddleware<AP: AuthenticationProvider> { pub struct AuthenticationMiddleware<AP: AuthenticationProvider> {
auth_provider: Arc<AP>, auth_provider: Arc<AP>,
} }
@@ -68,22 +67,15 @@ where
Box::pin(async move { Box::pin(async move {
if let Ok(auth) = Authorization::<Basic>::parse(req.request()) { if let Ok(auth) = Authorization::<Basic>::parse(req.request()) {
let user_id = auth.as_ref().user_id(); let user_id = auth.as_ref().user_id();
let password = auth if let Some(password) = auth.as_ref().password() {
.as_ref() if let Ok(Some(user)) =
.password() auth_provider.validate_user_token(user_id, password).await
.ok_or(ErrorUnauthorized("no password"))?; {
req.extensions_mut().insert(user);
let user = auth_provider }
.validate_user_token(user_id, password) }
.await
.map_err(|_| ErrorUnauthorized(""))?
.ok_or(ErrorUnauthorized(""))?;
req.extensions_mut().insert(user);
service.call(req).await
} else {
Err(ErrorUnauthorized(""))
} }
service.call(req).await
}) })
} }
} }