feat(auth): with basic auth options
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
parent
ec483ce875
commit
cdeefba39a
@ -4,7 +4,8 @@ use crate::router::AppState;
|
|||||||
|
|
||||||
use axum::extract::{FromRef, FromRequestParts, Query, State};
|
use axum::extract::{FromRef, FromRequestParts, Query, State};
|
||||||
|
|
||||||
use axum::headers::Cookie;
|
use axum::headers::authorization::Basic;
|
||||||
|
use axum::headers::{Authorization, Cookie};
|
||||||
use axum::http::request::Parts;
|
use axum::http::request::Parts;
|
||||||
use axum::http::StatusCode;
|
use axum::http::StatusCode;
|
||||||
|
|
||||||
@ -111,31 +112,29 @@ where
|
|||||||
let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
|
let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
|
||||||
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
|
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
|
||||||
if let None = session_cookie {
|
if let None = session_cookie {
|
||||||
// let introspection_state = IntrospectionState::from_ref(state);
|
let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
|
||||||
|
|
||||||
// let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
|
if let Some(basic) = basic {
|
||||||
|
let token = services
|
||||||
|
.auth_service
|
||||||
|
.login_token(basic.username(), basic.password())
|
||||||
|
.await
|
||||||
|
.into_response()
|
||||||
|
.map_err(|_| {
|
||||||
|
(
|
||||||
|
StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
"could not get token from basic",
|
||||||
|
)
|
||||||
|
})?;
|
||||||
|
|
||||||
// if let Some(basic) = basic {
|
return Ok(UserFromSession {
|
||||||
// let config = IntrospectionConfig::from_ref(&introspection_state);
|
user: User { id: token },
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
// let res = introspect(
|
return Err(anyhow::anyhow!("No session was found"))
|
||||||
// &config.introspection_uri,
|
.into_response()
|
||||||
// &config.authority,
|
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "did not find a cookie"))?;
|
||||||
// &config.authentication,
|
|
||||||
// basic.password(),
|
|
||||||
// )
|
|
||||||
// .await
|
|
||||||
// .unwrap();
|
|
||||||
|
|
||||||
// return Ok(UserFromSession {
|
|
||||||
// user: User {
|
|
||||||
// id: res.sub().unwrap().into(),
|
|
||||||
// },
|
|
||||||
// });
|
|
||||||
// }
|
|
||||||
todo!()
|
|
||||||
|
|
||||||
//return Err(anyhow::anyhow!("No session was found")).into_response();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
let session_cookie = session_cookie.unwrap();
|
let session_cookie = session_cookie.unwrap();
|
||||||
@ -146,7 +145,12 @@ where
|
|||||||
.get_user_from_session(session_cookie)
|
.get_user_from_session(session_cookie)
|
||||||
.await
|
.await
|
||||||
.into_response()
|
.into_response()
|
||||||
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "failed with error"))?;
|
.map_err(|_| {
|
||||||
|
(
|
||||||
|
StatusCode::INTERNAL_SERVER_ERROR,
|
||||||
|
"failed to decode session cookie",
|
||||||
|
)
|
||||||
|
})?;
|
||||||
|
|
||||||
Ok(UserFromSession {
|
Ok(UserFromSession {
|
||||||
user: User { id: user.id },
|
user: User { id: user.id },
|
||||||
|
@ -15,6 +15,7 @@ use crate::{
|
|||||||
#[async_trait]
|
#[async_trait]
|
||||||
pub trait Auth {
|
pub trait Auth {
|
||||||
async fn login(&self) -> anyhow::Result<Url>;
|
async fn login(&self) -> anyhow::Result<Url>;
|
||||||
|
async fn login_token(&self, user: &str, password: &str) -> anyhow::Result<String>;
|
||||||
async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;
|
async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;
|
||||||
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;
|
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;
|
||||||
}
|
}
|
||||||
@ -91,6 +92,9 @@ impl Auth for ZitadelAuthService {
|
|||||||
.context("failed to parse login_authorized zitadel return url")?,
|
.context("failed to parse login_authorized zitadel return url")?,
|
||||||
))
|
))
|
||||||
}
|
}
|
||||||
|
async fn login_token(&self, _user: &str, password: &str) -> anyhow::Result<String> {
|
||||||
|
self.introspection.get_id_token(password).await
|
||||||
|
}
|
||||||
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
|
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
|
||||||
match self.session.get_user(cookie).await? {
|
match self.session.get_user(cookie).await? {
|
||||||
Some(u) => Ok(User { id: u }),
|
Some(u) => Ok(User { id: u }),
|
||||||
@ -114,6 +118,10 @@ impl Auth for NoopAuthService {
|
|||||||
todo!()
|
todo!()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async fn login_token(&self, user: &str, password: &str) -> anyhow::Result<String> {
|
||||||
|
todo!()
|
||||||
|
}
|
||||||
|
|
||||||
async fn get_user_from_session(&self, _cookie: &str) -> anyhow::Result<User> {
|
async fn get_user_from_session(&self, _cookie: &str) -> anyhow::Result<User> {
|
||||||
todo!()
|
todo!()
|
||||||
}
|
}
|
||||||
|
@ -9,8 +9,6 @@ pub struct AppConfig {
|
|||||||
pub database_type: DatabaseType,
|
pub database_type: DatabaseType,
|
||||||
#[clap(long, env)]
|
#[clap(long, env)]
|
||||||
pub rust_log: String,
|
pub rust_log: String,
|
||||||
#[clap(long, env)]
|
|
||||||
pub token_secret: String,
|
|
||||||
#[clap(long, env, default_value = "3001")]
|
#[clap(long, env, default_value = "3001")]
|
||||||
pub api_port: u32,
|
pub api_port: u32,
|
||||||
#[clap(long, env, default_value = "true")]
|
#[clap(long, env, default_value = "true")]
|
||||||
|
Loading…
Reference in New Issue
Block a user