move authencation to extractor mod

This commit is contained in:
marin postma 2021-06-23 18:54:33 +02:00
parent 5229f1e220
commit 12f6709e1c
No known key found for this signature in database
GPG Key ID: 6088B7721C3E39F9
3 changed files with 122 additions and 108 deletions

View File

@ -0,0 +1,117 @@
use std::collections::HashMap;
use std::marker::PhantomData;
use std::ops::Deref;
use std::any::{Any, TypeId};
use actix_web::FromRequest;
use futures::future::err;
use futures::future::{Ready, ok};
use crate::error::{AuthenticationError, ResponseError};
pub struct Public;
impl Policy for Public {
fn authenticate(&self, _token: &[u8]) -> bool {
true
}
}
pub struct GuardedData<T, D> {
data: D,
_marker: PhantomData<T>,
}
impl<T, D> Deref for GuardedData<T, D> {
type Target = D;
fn deref(&self) -> &Self::Target {
&self.data
}
}
pub trait Policy {
fn authenticate(&self, token: &[u8]) -> bool;
}
pub struct Policies {
inner: HashMap<TypeId, Box<dyn Any>>,
}
impl Policies {
pub fn new() -> Self {
Self { inner: HashMap::new() }
}
pub fn insert<S: Policy + 'static>(&mut self, policy: S) {
self.inner.insert(TypeId::of::<S>(), Box::new(policy));
}
pub fn get<S: Policy + 'static>(&self) -> Option<&S> {
self.inner
.get(&TypeId::of::<S>())
.and_then(|p| p.downcast_ref::<S>())
}
}
impl Default for Policies {
fn default() -> Self {
Self::new()
}
}
pub enum AuthConfig {
NoAuth,
Auth(Policies),
}
impl Default for AuthConfig {
fn default() -> Self {
Self::NoAuth
}
}
impl<P: Policy + 'static, D: 'static + Clone> FromRequest for GuardedData<P, D> {
type Config = AuthConfig;
type Error = ResponseError;
type Future = Ready<Result<Self, Self::Error>>;
fn from_request(
req: &actix_web::HttpRequest,
_payload: &mut actix_http::Payload,
) -> Self::Future {
match req.app_data::<Self::Config>() {
Some(config) => match config {
AuthConfig::NoAuth => match req.app_data::<D>().cloned() {
Some(data) => ok(Self {
data,
_marker: PhantomData,
}),
None => todo!("Data not configured"),
},
AuthConfig::Auth(policies) => match policies.get::<P>() {
Some(policy) => match req.headers().get("x-meili-api-key") {
Some(token) => {
if policy.authenticate(token.as_bytes()) {
match req.app_data::<D>().cloned() {
Some(data) => ok(Self {
data,
_marker: PhantomData,
}),
None => todo!("Data not configured"),
}
} else {
err(AuthenticationError::InvalidToken(String::from("hello")).into())
}
}
None => err(AuthenticationError::MissingAuthorizationHeader.into()),
},
None => todo!("no policy found"),
},
},
None => todo!(),
}
}
}

View File

@ -1 +1,2 @@
pub mod payload;
pub mod authentication;

View File

@ -1,119 +1,15 @@
use std::any::{Any, TypeId};
use std::collections::{BTreeSet, HashMap, HashSet};
use std::marker::PhantomData;
use std::ops::Deref;
use std::collections::{BTreeSet, HashSet};
use log::debug;
use actix_web::{web, FromRequest, HttpResponse};
use futures::future::{err, ok, Ready};
use actix_web::{web, HttpResponse};
use serde::Deserialize;
use serde_json::Value;
use crate::error::{AuthenticationError, ResponseError};
use crate::error::ResponseError;
use crate::index::{default_crop_length, SearchQuery, DEFAULT_SEARCH_LIMIT};
use crate::routes::IndexParam;
use crate::Data;
struct Public;
impl Policy for Public {
fn authenticate(&self, _token: &[u8]) -> bool {
true
}
}
struct GuardedData<T, D> {
data: D,
_marker: PhantomData<T>,
}
trait Policy {
fn authenticate(&self, token: &[u8]) -> bool;
}
struct Policies {
inner: HashMap<TypeId, Box<dyn Any>>,
}
impl Policies {
fn new() -> Self {
Self { inner: HashMap::new() }
}
fn insert<S: Policy + 'static>(&mut self, policy: S) {
self.inner.insert(TypeId::of::<S>(), Box::new(policy));
}
fn get<S: Policy + 'static>(&self) -> Option<&S> {
self.inner
.get(&TypeId::of::<S>())
.and_then(|p| p.downcast_ref::<S>())
}
}
enum AuthConfig {
NoAuth,
Auth(Policies),
}
impl Default for AuthConfig {
fn default() -> Self {
Self::NoAuth
}
}
impl<P: Policy + 'static, D: 'static + Clone> FromRequest for GuardedData<P, D> {
type Config = AuthConfig;
type Error = ResponseError;
type Future = Ready<Result<Self, Self::Error>>;
fn from_request(
req: &actix_web::HttpRequest,
_payload: &mut actix_http::Payload,
) -> Self::Future {
match req.app_data::<Self::Config>() {
Some(config) => match config {
AuthConfig::NoAuth => match req.app_data::<D>().cloned() {
Some(data) => ok(Self {
data,
_marker: PhantomData,
}),
None => todo!("Data not configured"),
},
AuthConfig::Auth(policies) => match policies.get::<P>() {
Some(policy) => match req.headers().get("x-meili-api-key") {
Some(token) => {
if policy.authenticate(token.as_bytes()) {
match req.app_data::<D>().cloned() {
Some(data) => ok(Self {
data,
_marker: PhantomData,
}),
None => todo!("Data not configured"),
}
} else {
err(AuthenticationError::InvalidToken(String::from("hello")).into())
}
}
None => err(AuthenticationError::MissingAuthorizationHeader.into()),
},
None => todo!("no policy found"),
},
},
None => todo!(),
}
}
}
impl<T, D> Deref for GuardedData<T, D> {
type Target = D;
fn deref(&self) -> &Self::Target {
&self.data
}
}
use crate::extractors::authentication::{Policies, AuthConfig, Public, GuardedData};
pub fn services(cfg: &mut web::ServiceConfig) {
let mut policies = Policies::new();