106 lines
3.1 KiB
Rust
106 lines
3.1 KiB
Rust
use authdb::{AuthDB, AuthError, AuthToken, SessionToken, Username};
|
|
use std::{
|
|
convert::Infallible,
|
|
net::{IpAddr, Ipv4Addr, SocketAddr},
|
|
path::PathBuf,
|
|
sync::Arc,
|
|
};
|
|
use warp::{
|
|
header,
|
|
http::StatusCode,
|
|
reply::{Json, Reply},
|
|
Filter,
|
|
};
|
|
|
|
mod handlers;
|
|
use handlers::handle_auth;
|
|
|
|
#[derive(Debug)]
|
|
struct Unauthorized;
|
|
impl warp::reject::Reject for Unauthorized {}
|
|
|
|
#[derive(Debug)]
|
|
struct AuthDBError(AuthError);
|
|
impl warp::reject::Reject for AuthDBError {}
|
|
|
|
fn with_session(
|
|
auth_ctx: Arc<AuthDB>,
|
|
) -> impl Filter<Extract = (Username,), Error = warp::Rejection> + Clone {
|
|
header("authentication").and_then({
|
|
move |value: String| {
|
|
let auth_ctx = auth_ctx.clone();
|
|
async move {
|
|
match auth_ctx.validate_session(SessionToken::from(value)).await {
|
|
Ok(Some(username)) => Ok(username),
|
|
Ok(None) => Err(warp::reject::custom(Unauthorized)),
|
|
Err(err) => Err(warp::reject::custom(AuthDBError(err))),
|
|
}
|
|
}
|
|
}
|
|
})
|
|
}
|
|
|
|
fn route_echo_unauthenticated() -> impl Filter<Extract = (Json,), Error = warp::Rejection> + Clone {
|
|
warp::path!("api" / "v1" / "echo" / String).map(|param: String| {
|
|
println!("param: {}", param);
|
|
warp::reply::json(&vec!["unauthenticated", param.as_str()])
|
|
})
|
|
}
|
|
|
|
fn route_authenticate(
|
|
auth_ctx: Arc<AuthDB>,
|
|
) -> impl Filter<Extract = (Json,), Error = warp::Rejection> + Clone {
|
|
let auth_ctx = auth_ctx.clone();
|
|
warp::path!("api" / "v1" / "auth")
|
|
.and(warp::post())
|
|
.and(warp::body::json())
|
|
.map(move |param: AuthToken| {
|
|
let res = handle_auth(&auth_ctx, param.clone());
|
|
warp::reply::json(¶m)
|
|
})
|
|
}
|
|
|
|
fn route_echo_authenticated(
|
|
auth_ctx: Arc<AuthDB>,
|
|
) -> impl Filter<Extract = (Json,), Error = warp::Rejection> + Clone {
|
|
warp::path!("api" / "v1" / "echo" / String)
|
|
.and(with_session(auth_ctx.clone()))
|
|
.map(move |param: String, username: Username| {
|
|
println!("param: {:?}", username);
|
|
println!("param: {}", param);
|
|
warp::reply::json(&vec!["authenticated", username.as_str(), param.as_str()])
|
|
})
|
|
}
|
|
|
|
async fn handle_rejection(err: warp::Rejection) -> Result<impl Reply, Infallible> {
|
|
if let Some(Unauthorized) = err.find() {
|
|
Ok(warp::reply::with_status(
|
|
"".to_owned(),
|
|
StatusCode::UNAUTHORIZED,
|
|
))
|
|
} else {
|
|
Ok(warp::reply::with_status(
|
|
"".to_owned(),
|
|
StatusCode::INTERNAL_SERVER_ERROR,
|
|
))
|
|
}
|
|
}
|
|
|
|
#[tokio::main]
|
|
pub async fn main() {
|
|
let auth_db = AuthDB::new(PathBuf::from("./auth_db.sqlite"))
|
|
.await
|
|
.expect("AuthDB should initialize");
|
|
let auth_ctx: Arc<AuthDB> = Arc::new(auth_db);
|
|
|
|
let filter = route_echo_authenticated(auth_ctx.clone())
|
|
.or(route_authenticate(auth_ctx.clone()))
|
|
.or(route_echo_unauthenticated())
|
|
.recover(handle_rejection);
|
|
|
|
let server = warp::serve(filter);
|
|
server
|
|
.run(SocketAddr::new(IpAddr::V4(Ipv4Addr::new(0, 0, 0, 0)), 8001))
|
|
.await;
|
|
}
|