feat: add authenticated user

QuantGeekDev · QuantGeekDev · commit c49d6bf97b77 · 2024-10-24T01:48:12.000+02:00
diff --git a/Cargo.toml b/Cargo.toml
@@ -4,9 +4,11 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
+bcrypt = "0.15.1"
 chrono = { version = "0.4.38", features = ["serde"] }
 diesel = { version = "2.2.4", features = ["postgres", "numeric", "serde_json", "chrono"] }
 dotenv = "0.15.0"
+jsonwebtoken = "9.3.0"
 rocket = { version = "0.5.1", features = ["json"] }
 rust_decimal = { version = "1.36.0", features = ["db-diesel-postgres", "serde-with-str"] }
 serde = "1.0.213"
diff --git a/src/auth/mod.rs b/src/auth/mod.rs
@@ -1,29 +1 @@
-pub struct ApiKey(pub String);
-use rocket::{http::Status, request::{FromRequest, Outcome}, Request};
-use std::env;
-
-#[derive(Debug)]
-pub enum ApiKeyError {
-    Missing,
-    Invalid,
-}
-
-#[rocket::async_trait]
-impl<'r> FromRequest<'r> for ApiKey {
-    type Error = ApiKeyError;
-
-    async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
-        let api_key = request.headers().get_one("x-api-key");
-
-        match api_key {
-            None => Outcome::Error((Status::Unauthorized, ApiKeyError::Missing)),
-            Some(api_key) => {
-                if api_key == env::var("AUTH_API_KEY").unwrap() {
-                    Outcome::Success(ApiKey(api_key.to_string()))
-                } else {
-                    Outcome::Error((Status::Unauthorized, ApiKeyError::Invalid))
-                }
-            }
-        }
-    }
-}
+pub mod user;
diff --git a/src/auth/user.rs b/src/auth/user.rs
@@ -0,0 +1,46 @@
+use crate::models::user::User;
+use diesel::prelude::*;
+use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
+use rocket::http::Status;
+use rocket::request::{FromRequest, Outcome};
+use rocket::Request;
+use serde::{Deserialize, Serialize};
+
+pub struct AuthenticatedUser(pub User);
+
+#[derive(Debug, Serialize, Deserialize)]
+pub(crate) struct Claims {
+    pub(crate) sub: i32,
+    pub(crate) role: String,
+    pub(crate) exp: usize,
+}
+
+#[rocket::async_trait]
+impl<'r> FromRequest<'r> for AuthenticatedUser {
+    type Error = ();
+
+    async fn from_request(request: &'r Request<'_>) -> Outcome<Self, Self::Error> {
+        let token = request.headers().get_one("Authorization");
+
+        match token {
+            Some(token) if token.starts_with("Bearer ") => {
+                let token = &token[7..];
+                let decoding_key = DecodingKey::from_secret("your_secret_key".as_ref());
+                match decode::<Claims>(token, &decoding_key, &Validation::new(Algorithm::HS256)) {
+                    Ok(token_data) => {
+                        let mut conn = crate::db::establish_connection();
+                        match crate::schema::users::dsl::users
+                            .find(token_data.claims.sub)
+                            .first::<User>(&mut conn)
+                        {
+                            Ok(user) => Outcome::Success(AuthenticatedUser(user)),
+                            Err(_) => Outcome::Error((Status::Unauthorized, ())),
+                        }
+                    }
+                    Err(_) => Outcome::Error((Status::Unauthorized, ())),
+                }
+            }
+            _ => Outcome::Error((Status::Unauthorized, ())),
+        }
+    }
+}
diff --git a/src/models/mod.rs b/src/models/mod.rs
@@ -1,2 +1,2 @@
 pub mod snack;
-mod user;
+pub(crate) mod user;
diff --git a/src/routes/mod.rs b/src/routes/mod.rs
@@ -1 +1,2 @@
-pub mod snack;
+pub mod snack;
+pub mod auth;
diff --git a/src/routes/snack.rs b/src/routes/snack.rs
@@ -17,7 +17,7 @@ pub struct UpdateSnack {
 }
 
 #[post("/snack", data = "<snack_data>")]
-pub fn create_snack(_api_key: ApiKey, snack_data: Json<NewSnack>) -> Result<Json<Snack>, Status> {
+pub fn create_snack(snack_data: Json<NewSnack>) -> Result<Json<Snack>, Status> {
     let snack = snack_data.into_inner();
 
     let mut conn = db::establish_connection();
@@ -33,7 +33,7 @@ pub fn create_snack(_api_key: ApiKey, snack_data: Json<NewSnack>) -> Result<Json
 }
 
 #[get("/snacks")]
-pub fn list_snacks(_api_key: ApiKey) -> Result<Json<Vec<Snack>>, Status> {
+pub fn list_snacks() -> Result<Json<Vec<Snack>>, Status> {
     let mut conn = db::establish_connection();
 
     snacks
@@ -49,7 +49,6 @@ pub fn list_snacks(_api_key: ApiKey) -> Result<Json<Vec<Snack>>, Status> {
 
 #[patch("/snack/<snack_id>", data = "<snack_data>")]
 pub fn update_snack(
-    _api_key: ApiKey,
     snack_id: i32,
     snack_data: Json<UpdateSnack>,
 ) -> Result<Json<Snack>, Status> {
@@ -68,7 +67,7 @@ pub fn update_snack(
         })
 }
 #[delete("/snack/<snack_id>")]
-pub fn delete_snack(_api_key: ApiKey, snack_id: i32) -> Status {
+pub fn delete_snack(snack_id: i32) -> Status {
     let mut conn = db::establish_connection();
 
     match diesel::delete(snacks.find(snack_id)).execute(&mut conn) {

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`pub mod snack;`
`2`		`-mod user;`
	`2`	`+pub(crate) mod user;`
Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`		`-pub mod snack;`
	`1`	`+pub mod snack;`
	`2`	`+pub mod auth;`