24 lines
863 B
Rust
24 lines
863 B
Rust
use std::future::{ready, Ready};
|
|
|
|
use actix_web::dev::Payload;
|
|
use actix_web::{error::ErrorUnauthorized, Error, FromRequest, HttpMessage, HttpRequest};
|
|
|
|
/// The user id of the caller, as established by the auth middleware after
|
|
/// verifying the `user-token` header. Extracting this (instead of trusting a
|
|
/// client-supplied `user_id` in the path/body) is the source of truth for
|
|
/// "who is making this request".
|
|
#[derive(Clone, Copy)]
|
|
pub struct AuthUser(pub i32);
|
|
|
|
impl FromRequest for AuthUser {
|
|
type Error = Error;
|
|
type Future = Ready<Result<Self, Self::Error>>;
|
|
|
|
fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future {
|
|
match req.extensions().get::<AuthUser>() {
|
|
Some(auth_user) => ready(Ok(*auth_user)),
|
|
None => ready(Err(ErrorUnauthorized("missing authenticated user"))),
|
|
}
|
|
}
|
|
}
|