examples/auth/simple-auth-server/src/auth_handler.rs

use std::future::{ready, Ready};

use actix_identity::Identity;
use actix_web::{
    dev::Payload, web, Error, FromRequest, HttpMessage as _, HttpRequest, HttpResponse,
};
use diesel::prelude::*;
use serde::Deserialize;

use crate::{
    errors::ServiceError,
    models::{Pool, SlimUser, User},
    utils::verify,
};

#[derive(Debug, Deserialize)]
pub struct AuthData {
    pub email: String,
    pub password: String,
}

// we need the same data
// simple aliasing makes the intentions clear and its more readable
pub type LoggedUser = SlimUser;

impl FromRequest for LoggedUser {
    type Error = Error;
    type Future = Ready<Result<LoggedUser, Error>>;

    fn from_request(req: &HttpRequest, pl: &mut Payload) -> Self::Future {
        if let Ok(identity) = Identity::from_request(req, pl).into_inner() {
            if let Ok(user_json) = identity.id() {
                if let Ok(user) = serde_json::from_str(&user_json) {
                    return ready(Ok(user));
                }
            }
        }

        ready(Err(ServiceError::Unauthorized.into()))
    }
}

pub async fn logout(id: Identity) -> HttpResponse {
    id.logout();
    HttpResponse::NoContent().finish()
}

pub async fn login(
    req: HttpRequest,
    auth_data: web::Json<AuthData>,
    pool: web::Data<Pool>,
) -> Result<HttpResponse, actix_web::Error> {
    let user = web::block(move || query(auth_data.into_inner(), pool)).await??;

    let user_string = serde_json::to_string(&user).unwrap();
    Identity::login(&req.extensions(), user_string).unwrap();

    Ok(HttpResponse::NoContent().finish())
}

pub async fn get_me(logged_user: LoggedUser) -> HttpResponse {
    HttpResponse::Ok().json(logged_user)
}
/// Diesel query
fn query(auth_data: AuthData, pool: web::Data<Pool>) -> Result<SlimUser, ServiceError> {
    use crate::schema::users::dsl::{email, users};

    let mut conn = pool.get().unwrap();

    let mut items = users
        .filter(email.eq(&auth_data.email))
        .load::<User>(&mut conn)?;

    if let Some(user) = items.pop() {
        if let Ok(matching) = verify(&user.hash, &auth_data.password) {
            if matching {
                return Ok(user.into());
            }
        }
    }
    Err(ServiceError::Unauthorized)
}
reduce futures dep 2022-03-06 00:15:16 +00:00			`use std::future::{ready, Ready};`

use cors and identity crates 2019-06-17 12:48:03 +06:00			`use actix_identity::Identity;`
update deps 2022-10-26 16:51:27 +01:00			`use actix_web::{`
			`dev::Payload, web, Error, FromRequest, HttpMessage as _, HttpRequest, HttpResponse,`
			`};`
update diesel to v2 2022-09-10 23:33:09 +01:00			`use diesel::prelude::*;`
Use derive feature from serde https://github.com/serde-rs/serde/issues/1441#issuecomment-445481084 (#230) 2020-01-12 13:11:12 +01:00			`use serde::Deserialize;`
update deps 2019-03-29 13:43:03 -07:00
add session ttl customization example 2022-08-28 18:39:28 +01:00			`use crate::{`
			`errors::ServiceError,`
			`models::{Pool, SlimUser, User},`
			`utils::verify,`
			`};`
simple-auth-server added to examples (#65) 2018-12-09 15:55:36 +00:00
			`#[derive(Debug, Deserialize)]`
			`pub struct AuthData {`
			`pub email: String,`
			`pub password: String,`
			`}`

			`// we need the same data`
			`// simple aliasing makes the intentions clear and its more readable`
			`pub type LoggedUser = SlimUser;`

upgrade to alpha.6 2019-04-14 10:34:41 -07:00			`impl FromRequest for LoggedUser {`
update deps 2019-03-29 13:43:03 -07:00			`type Error = Error;`
Refactor FromRequest for LoggedUser in simple-auth-server 2020-05-14 00:33:54 +02:00			`type Future = Ready<Result<LoggedUser, Error>>;`
update deps 2019-03-29 13:43:03 -07:00
upgrade to alpha.6 2019-04-14 10:34:41 -07:00			`fn from_request(req: &HttpRequest, pl: &mut Payload) -> Self::Future {`
Refactor FromRequest for LoggedUser in simple-auth-server 2020-05-14 00:33:54 +02:00			`if let Ok(identity) = Identity::from_request(req, pl).into_inner() {`
update deps 2022-10-26 16:51:27 +01:00			`if let Ok(user_json) = identity.id() {`
Refactor FromRequest for LoggedUser in simple-auth-server 2020-05-14 00:33:54 +02:00			`if let Ok(user) = serde_json::from_str(&user_json) {`
reduce futures dep 2022-03-06 00:15:16 +00:00			`return ready(Ok(user));`
Refactor FromRequest for LoggedUser in simple-auth-server 2020-05-14 00:33:54 +02:00			`}`
			`}`
			`}`
reduce futures dep 2022-03-06 00:15:16 +00:00
			`ready(Err(ServiceError::Unauthorized.into()))`
simple-auth-server added to examples (#65) 2018-12-09 15:55:36 +00:00			`}`
			`}`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00
upgrade to 2.0 alpha.3 2019-12-07 23:59:24 +06:00			`pub async fn logout(id: Identity) -> HttpResponse {`
update deps 2022-10-26 16:51:27 +01:00			`id.logout();`
			`HttpResponse::NoContent().finish()`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00			`}`

upgrade to 2.0 alpha.3 2019-12-07 23:59:24 +06:00			`pub async fn login(`
update deps 2022-10-26 16:51:27 +01:00			`req: HttpRequest,`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00			`auth_data: web::Json<AuthData>,`
			`pool: web::Data<Pool>,`
Update database-interactions/simple-auth-server to v4 (#511) Co-authored-by: Rob Ede <robjtede@icloud.com> 2022-02-02 15:19:49 +00:00			`) -> Result<HttpResponse, actix_web::Error> {`
			`let user = web::block(move \|\| query(auth_data.into_inner(), pool)).await??;`
upgrade to 2.0 alpha.3 2019-12-07 23:59:24 +06:00
Update database-interactions/simple-auth-server to v4 (#511) Co-authored-by: Rob Ede <robjtede@icloud.com> 2022-02-02 15:19:49 +00:00			`let user_string = serde_json::to_string(&user).unwrap();`
update deps 2022-10-26 16:51:27 +01:00			`Identity::login(&req.extensions(), user_string).unwrap();`
update diesel to v2 2022-09-10 23:33:09 +01:00
update deps 2022-10-26 16:51:27 +01:00			`Ok(HttpResponse::NoContent().finish())`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00			`}`

upgrade to 2.0 alpha.3 2019-12-07 23:59:24 +06:00			`pub async fn get_me(logged_user: LoggedUser) -> HttpResponse {`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00			`HttpResponse::Ok().json(logged_user)`
			`}`
			`/// Diesel query`
			`fn query(auth_data: AuthData, pool: web::Data<Pool>) -> Result<SlimUser, ServiceError> {`
			`use crate::schema::users::dsl::{email, users};`
update diesel to v2 2022-09-10 23:33:09 +01:00
			`let mut conn = pool.get().unwrap();`

Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00			`let mut items = users`
			`.filter(email.eq(&auth_data.email))`
update diesel to v2 2022-09-10 23:33:09 +01:00			`.load::<User>(&mut conn)?;`
Update to new actix 1.0 api, drop actix-rt (#158) 2019-07-18 12:55:14 +01:00
			`if let Some(user) = items.pop() {`
			`if let Ok(matching) = verify(&user.hash, &auth_data.password) {`
			`if matching {`
			`return Ok(user.into());`
			`}`
			`}`
			`}`
			`Err(ServiceError::Unauthorized)`
			`}`