wasmcloud/src/api.rs

use crate::{jwt, models, schema, MainDatabase};
use color_eyre::eyre::Report;
use diesel::prelude::*;
use rocket::http::{ContentType, Status};
use rocket::request::{self, FromRequest, Request};
use rocket::response::Responder;
use rocket::Outcome;
use rocket::Response;
use rocket_contrib::{json::Json, uuid::Uuid};
use std::io::Cursor;

#[tracing::instrument]
#[get("/user/<uuid>")]
pub fn get_user(user: models::User, uuid: Uuid) -> Result<Json<models::User>> {
    if uuid != user.id {
        return Err(Error::LackPermissions);
    }

    Ok(Json(user))
}

#[derive(thiserror::Error, Debug)]
pub enum Error {
    #[error("internal database error: {0}")]
    Database(#[from] diesel::result::Error),

    #[error("bad or no authorization")]
    BadOrNoAuth,

    #[error("you lack needed permissions")]
    LackPermissions,

    #[error("internal server error")]
    InternalServerError(#[from] Report),
}

impl<'a> Responder<'a> for Error {
    fn respond_to(self, _: &Request) -> ::std::result::Result<Response<'a>, Status> {
        match self {
            Error::Database(why) => Response::build()
                .header(ContentType::Plain)
                .status(Status::InternalServerError)
                .sized_body(Cursor::new(format!("{}", why)))
                .ok(),
            Error::BadOrNoAuth | Error::LackPermissions => Response::build()
                .header(ContentType::Plain)
                .status(Status::Unauthorized)
                .sized_body(Cursor::new(format!("{}", self)))
                .ok(),
            Error::InternalServerError(why) => Response::build()
                .header(ContentType::Plain)
                .status(Status::InternalServerError)
                .sized_body(Cursor::new(format!("{}", why)))
                .ok(),
        }
    }
}

#[derive(Debug)]
pub enum AuthError {
    BadCount,
    Missing,
    Invaild,
}

pub type Result<T = ()> = std::result::Result<T, Error>;

impl<'a, 'r> FromRequest<'a, 'r> for models::User {
    type Error = ();

    fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {
        let keys: Vec<_> = request.headers().get("authorization").collect();
        match keys.len() {
            0 => Outcome::Failure((Status::BadRequest, ())),
            1 => {
                let tok = keys[0].to_string();
                let conn = request.guard::<MainDatabase>()?;
                match jwt::verify(tok, conn) {
                    Err(why) => {
                        tracing::error!("JWT verification error: {}", why);
                        Outcome::Failure((Status::Unauthorized, ()))
                    }
                    Ok(user) => Outcome::Success(user),
                }
            }
            _ => Outcome::Failure((Status::BadRequest, ())),
        }
    }
}
JSON web token protection for API routes 2020-10-28 17:23:01 +00:00			`use crate::{jwt, models, schema, MainDatabase};`
			`use color_eyre::eyre::Report;`
start on local token creation 2020-10-28 01:07:25 +00:00			`use diesel::prelude::*;`
JSON web token protection for API routes 2020-10-28 17:23:01 +00:00			`use rocket::http::{ContentType, Status};`
			`use rocket::request::{self, FromRequest, Request};`
			`use rocket::response::Responder;`
			`use rocket::Outcome;`
			`use rocket::Response;`
start on local token creation 2020-10-28 01:07:25 +00:00			`use rocket_contrib::{json::Json, uuid::Uuid};`
JSON web token protection for API routes 2020-10-28 17:23:01 +00:00			`use std::io::Cursor;`
start on local token creation 2020-10-28 01:07:25 +00:00
JSON web token protection for API routes 2020-10-28 17:23:01 +00:00			`#[tracing::instrument]`
start on local token creation 2020-10-28 01:07:25 +00:00			`#[get("/user/<uuid>")]`
JSON web token protection for API routes 2020-10-28 17:23:01 +00:00			`pub fn get_user(user: models::User, uuid: Uuid) -> Result<Json<models::User>> {`
			`if uuid != user.id {`
			`return Err(Error::LackPermissions);`
			`}`

			`Ok(Json(user))`
			`}`

			`#[derive(thiserror::Error, Debug)]`
			`pub enum Error {`
			`#[error("internal database error: {0}")]`
			`Database(#[from] diesel::result::Error),`

			`#[error("bad or no authorization")]`
			`BadOrNoAuth,`

			`#[error("you lack needed permissions")]`
			`LackPermissions,`

			`#[error("internal server error")]`
			`InternalServerError(#[from] Report),`
			`}`

			`impl<'a> Responder<'a> for Error {`
			`fn respond_to(self, _: &Request) -> ::std::result::Result<Response<'a>, Status> {`
			`match self {`
			`Error::Database(why) => Response::build()`
			`.header(ContentType::Plain)`
			`.status(Status::InternalServerError)`
			`.sized_body(Cursor::new(format!("{}", why)))`
			`.ok(),`
			`Error::BadOrNoAuth \| Error::LackPermissions => Response::build()`
			`.header(ContentType::Plain)`
			`.status(Status::Unauthorized)`
			`.sized_body(Cursor::new(format!("{}", self)))`
			`.ok(),`
			`Error::InternalServerError(why) => Response::build()`
			`.header(ContentType::Plain)`
			`.status(Status::InternalServerError)`
			`.sized_body(Cursor::new(format!("{}", why)))`
			`.ok(),`
			`}`
			`}`
			`}`

			`#[derive(Debug)]`
			`pub enum AuthError {`
			`BadCount,`
			`Missing,`
			`Invaild,`
			`}`

			`pub type Result<T = ()> = std::result::Result<T, Error>;`

			`impl<'a, 'r> FromRequest<'a, 'r> for models::User {`
			`type Error = ();`

			`fn from_request(request: &'a Request<'r>) -> request::Outcome<Self, Self::Error> {`
			`let keys: Vec<_> = request.headers().get("authorization").collect();`
			`match keys.len() {`
			`0 => Outcome::Failure((Status::BadRequest, ())),`
			`1 => {`
			`let tok = keys[0].to_string();`
			`let conn = request.guard::<MainDatabase>()?;`
			`match jwt::verify(tok, conn) {`
			`Err(why) => {`
			`tracing::error!("JWT verification error: {}", why);`
			`Outcome::Failure((Status::Unauthorized, ()))`
			`}`
			`Ok(user) => Outcome::Success(user),`
			`}`
			`}`
			`_ => Outcome::Failure((Status::BadRequest, ())),`
			`}`
			`}`
start on local token creation 2020-10-28 01:07:25 +00:00			`}`