update

2024-12-24 02:12:16 +01:00 · 2024-12-24 02:12:16 +01:00 · 2097bd1cca
commit 2097bd1cca
parent a89c566120
4 changed files with 81 additions and 27 deletions
--- a/src/auth/user.rs
+++ b/src/auth/user.rs
@ -160,16 +160,7 @@ async fn extract_user<'r>(request: &'r Request<'_>) -> Option<User> {
        }
    }

-    match request.headers().get_one("token") {
-        Some(key) => {
-            if let Some(user) = User::from_session(key).await {
-                return Some(user);
-            } else {
-                return None;
-            }
-        }
-        None => None,
-    }
+    None
 }

 #[rocket::async_trait]
@ -185,6 +176,27 @@ impl<'r> FromRequest<'r> for User {
    }
 }

+/// Struct which extracts a user with session from `Token` HTTP Header.
+pub struct APIUser(User);
+
+#[rocket::async_trait]
+impl<'r> FromRequest<'r> for APIUser {
+    type Error = ();
+
+    async fn from_request(request: &'r Request<'_>) -> rocket::request::Outcome<Self, Self::Error> {
+        match request.headers().get_one("token") {
+            Some(key) => {
+                if let Some(user) = User::from_session(key).await {
+                    return Outcome::Success(APIUser(user));
+                } else {
+                    return Outcome::Error((Status::Unauthorized, ()));
+                }
+            }
+            None => Outcome::Error((Status::Unauthorized, ())),
+        }
+    }
+}
+
 /// Maybe User?
 ///
 /// This struct extracts a user if possible, but also allows anybody.
--- a/src/lib.rs
+++ b/src/lib.rs
@ -2,10 +2,17 @@ use tokio::sync::OnceCell;

 pub mod auth;
 pub mod format;
-pub mod htmx;
 pub mod page;
 pub mod request;
 pub mod result;
+pub mod htmx;
+
+// TODO : Cache Headers
+// TODO : Refactor Responders
+// TODO : Streaming Responses + Ranges
+// TODO : API Pagination?
+// TODO : CORS?
+// TODO : CSRF?

 // Postgres