diff options
Diffstat (limited to 'src/extractors/auth_token.rs')
| -rw-r--r-- | src/extractors/auth_token.rs | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/extractors/auth_token.rs b/src/extractors/auth_token.rs index c505fdf..6ad2a45 100644 --- a/src/extractors/auth_token.rs +++ b/src/extractors/auth_token.rs @@ -16,8 +16,12 @@ impl FromRequest for AuthenticationToken { fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future { // get auth token from the authorization header - let auth_header: Option<&HeaderValue> = req.headers().get(http::header::AUTHORIZATION); - let auth_token: String = auth_header.unwrap().to_str().unwrap_or("").to_string(); // check errors later + let auth_header: &HeaderValue = match req.headers().get(http::header::AUTHORIZATION) { + Some(res) => res, + None => { return ready(Err(ErrorUnauthorized("No authorization token given")))}, + }; + + let auth_token: String = auth_header.to_str().unwrap_or("").to_string(); // check errors later // stop empty and weird (ascii, chinese...) auth_token strings: if auth_token.is_empty() { return ready(Err(ErrorUnauthorized("Invalid auth token!")))} let secret: String = req.app_data::<web::Data<AppState>>().unwrap().secret.to_string(); |