From 491cb3eb34d20140aed80dbb9edc39c4db5335d2 Mon Sep 17 00:00:00 2001 From: Owen Jacobson Date: Sun, 15 Sep 2024 23:50:41 -0400 Subject: Consolidate most repository types into a repo module. Having them contained in the individual endpoint groups conveyed an unintended sense that their intended scope was _only_ that endpoint group. It also made most repo-related import paths _quite_ long. This splits up the repos as follows: * "General applicability" repos - those that are only loosely connected to a single task, and are likely to be shared between tasks - go in crate::repo. * Specialized repos - those tightly connected to a specific task - go in the module for that task, under crate::PATH::repo. In both cases, each repo goes in its own submodule, to make it easier to use the module name as a namespace. Which category a repo goes in is a judgment call. `crate::channel::repo::broadcast` (formerly `channel::repo::messages`) is used outside of `crate::channel`, for example, but its main purpose is to support channel message broadcasts. It could arguably live under `crate::event::repo::channel`, but the resulting namespace is less legible to me. --- src/login/extract/identity_token.rs | 70 ------------------------------------- src/login/extract/login.rs | 59 ------------------------------- src/login/extract/mod.rs | 4 --- 3 files changed, 133 deletions(-) delete mode 100644 src/login/extract/identity_token.rs delete mode 100644 src/login/extract/login.rs delete mode 100644 src/login/extract/mod.rs (limited to 'src/login/extract') diff --git a/src/login/extract/identity_token.rs b/src/login/extract/identity_token.rs deleted file mode 100644 index c813324..0000000 --- a/src/login/extract/identity_token.rs +++ /dev/null @@ -1,70 +0,0 @@ -use std::convert::Infallible; - -use axum::{ - extract::FromRequestParts, - http::request::Parts, - response::{IntoResponseParts, ResponseParts}, -}; -use axum_extra::extract::cookie::{Cookie, CookieJar}; - -// The usage pattern here - receive the extractor as an argument, return it in -// the response - is heavily modelled after CookieJar's own intended usage. -pub struct IdentityToken { - cookies: CookieJar, -} - -impl IdentityToken { - /// Get the identity secret sent in the request, if any. If the identity - /// was not sent, or if it has previously been [clear]ed, then this will - /// return [None]. If the identity has previously been [set], then this - /// will return that secret, regardless of what the request originally - /// included. - pub fn secret(&self) -> Option<&str> { - self.cookies.get(IDENTITY_COOKIE).map(Cookie::value) - } - - /// Positively set the identity secret, and ensure that it will be sent - /// back to the client when this extractor is included in a response. - pub fn set(self, secret: &str) -> Self { - let identity_cookie = Cookie::build((IDENTITY_COOKIE, String::from(secret))) - .http_only(true) - .permanent() - .build(); - - Self { - cookies: self.cookies.add(identity_cookie), - } - } - - /// Remove the identity secret and ensure that it will be cleared when this - /// extractor is included in a response. - pub fn clear(self) -> Self { - Self { - cookies: self.cookies.remove(IDENTITY_COOKIE), - } - } -} - -const IDENTITY_COOKIE: &str = "identity"; - -#[async_trait::async_trait] -impl FromRequestParts for IdentityToken -where - S: Send + Sync, -{ - type Rejection = >::Rejection; - - async fn from_request_parts(parts: &mut Parts, state: &S) -> Result { - let cookies = CookieJar::from_request_parts(parts, state).await?; - Ok(Self { cookies }) - } -} - -impl IntoResponseParts for IdentityToken { - type Error = ::Error; - - fn into_response_parts(self, res: ResponseParts) -> Result { - let Self { cookies } = self; - cookies.into_response_parts(res) - } -} diff --git a/src/login/extract/login.rs b/src/login/extract/login.rs deleted file mode 100644 index 8b5bb41..0000000 --- a/src/login/extract/login.rs +++ /dev/null @@ -1,59 +0,0 @@ -use axum::{ - extract::{FromRequestParts, State}, - http::{request::Parts, StatusCode}, - response::{IntoResponse, Response}, -}; - -use crate::{ - app::App, - clock::RequestedAt, - error::InternalError, - login::{extract::IdentityToken, repo::logins::Login}, -}; - -#[async_trait::async_trait] -impl FromRequestParts for Login { - type Rejection = LoginError; - - async fn from_request_parts(parts: &mut Parts, state: &App) -> Result { - // After Rust 1.82 (and #[feature(min_exhaustive_patterns)] lands on - // stable), the following can be replaced: - // - // let Ok(identity_token) = IdentityToken::from_request_parts(parts, state).await; - let identity_token = IdentityToken::from_request_parts(parts, state).await?; - let RequestedAt(used_at) = RequestedAt::from_request_parts(parts, state).await?; - - let secret = identity_token.secret().ok_or(LoginError::Unauthorized)?; - - let app = State::::from_request_parts(parts, state).await?; - let login = app.logins().validate(secret, used_at).await?; - - login.ok_or(LoginError::Unauthorized) - } -} - -pub enum LoginError { - Failure(E), - Unauthorized, -} - -impl IntoResponse for LoginError -where - E: IntoResponse, -{ - fn into_response(self) -> Response { - match self { - Self::Unauthorized => (StatusCode::UNAUTHORIZED, "unauthorized").into_response(), - Self::Failure(e) => e.into_response(), - } - } -} - -impl From for LoginError -where - E: Into, -{ - fn from(err: E) -> Self { - Self::Failure(err.into()) - } -} diff --git a/src/login/extract/mod.rs b/src/login/extract/mod.rs deleted file mode 100644 index ba943a6..0000000 --- a/src/login/extract/mod.rs +++ /dev/null @@ -1,4 +0,0 @@ -mod identity_token; -mod login; - -pub use self::identity_token::IdentityToken; -- cgit v1.2.3