diff options
| author | Owen Jacobson <owen@grimoire.ca> | 2024-09-15 23:50:41 -0400 |
|---|---|---|
| committer | Owen Jacobson <owen@grimoire.ca> | 2024-09-16 11:03:22 -0400 |
| commit | 491cb3eb34d20140aed80dbb9edc39c4db5335d2 (patch) | |
| tree | e1e2e009f064dc6dfc8c98d2bf97d8d1f7b45615 /src/repo/login/extract.rs | |
| parent | 99b33023332393e46f5a661901b980b78e6fb133 (diff) | |
Consolidate most repository types into a repo module.
Having them contained in the individual endpoint groups conveyed an unintended sense that their intended scope was _only_ that endpoint group. It also made most repo-related import paths _quite_ long. This splits up the repos as follows:
* "General applicability" repos - those that are only loosely connected to a single task, and are likely to be shared between tasks - go in crate::repo.
* Specialized repos - those tightly connected to a specific task - go in the module for that task, under crate::PATH::repo.
In both cases, each repo goes in its own submodule, to make it easier to use the module name as a namespace.
Which category a repo goes in is a judgment call. `crate::channel::repo::broadcast` (formerly `channel::repo::messages`) is used outside of `crate::channel`, for example, but its main purpose is to support channel message broadcasts. It could arguably live under `crate::event::repo::channel`, but the resulting namespace is less legible to me.
Diffstat (limited to 'src/repo/login/extract.rs')
| -rw-r--r-- | src/repo/login/extract.rs | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/repo/login/extract.rs b/src/repo/login/extract.rs new file mode 100644 index 0000000..a068bc0 --- /dev/null +++ b/src/repo/login/extract.rs @@ -0,0 +1,55 @@ +use axum::{ + extract::{FromRequestParts, State}, + http::{request::Parts, StatusCode}, + response::{IntoResponse, Response}, +}; + +use super::Login; +use crate::{app::App, clock::RequestedAt, error::InternalError, login::extract::IdentityToken}; + +#[async_trait::async_trait] +impl FromRequestParts<App> for Login { + type Rejection = LoginError<InternalError>; + + async fn from_request_parts(parts: &mut Parts, state: &App) -> Result<Self, Self::Rejection> { + // After Rust 1.82 (and #[feature(min_exhaustive_patterns)] lands on + // stable), the following can be replaced: + // + // let Ok(identity_token) = IdentityToken::from_request_parts(parts, state).await; + let identity_token = IdentityToken::from_request_parts(parts, state).await?; + let RequestedAt(used_at) = RequestedAt::from_request_parts(parts, state).await?; + + let secret = identity_token.secret().ok_or(LoginError::Unauthorized)?; + + let app = State::<App>::from_request_parts(parts, state).await?; + let login = app.logins().validate(secret, used_at).await?; + + login.ok_or(LoginError::Unauthorized) + } +} + +pub enum LoginError<E> { + Failure(E), + Unauthorized, +} + +impl<E> IntoResponse for LoginError<E> +where + E: IntoResponse, +{ + fn into_response(self) -> Response { + match self { + Self::Unauthorized => (StatusCode::UNAUTHORIZED, "unauthorized").into_response(), + Self::Failure(e) => e.into_response(), + } + } +} + +impl<E> From<E> for LoginError<InternalError> +where + E: Into<InternalError>, +{ + fn from(err: E) -> Self { + Self::Failure(err.into()) + } +} |