use std::future::{ready, Ready}; use actix_web::dev::Payload; use actix_web::{error::ErrorUnauthorized, Error, FromRequest, HttpMessage, HttpRequest}; /// The user id of the caller, as established by the auth middleware after /// verifying the `user-token` header. Extracting this (instead of trusting a /// client-supplied `user_id` in the path/body) is the source of truth for /// "who is making this request". #[derive(Clone, Copy)] pub struct AuthUser(pub i32); impl FromRequest for AuthUser { type Error = Error; type Future = Ready>; fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future { match req.extensions().get::() { Some(auth_user) => ready(Ok(*auth_user)), None => ready(Err(ErrorUnauthorized("missing authenticated user"))), } } }