From 8c4de2ddac066a072f376e9f30409b114aa9978c Mon Sep 17 00:00:00 2001
From: niliara-edu <nil.jimeno@estudiant.fjaverianas.com>
Date: Thu, 23 Jan 2025 23:28:01 +0100
Subject: finished jws tutorial

---
 src/extractors/auth_token.rs | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 src/extractors/auth_token.rs

(limited to 'src/extractors/auth_token.rs')

diff --git a/src/extractors/auth_token.rs b/src/extractors/auth_token.rs
new file mode 100644
index 0000000..c505fdf
--- /dev/null
+++ b/src/extractors/auth_token.rs
@@ -0,0 +1,43 @@
+use std::future::{ Ready, ready };
+use actix_web::{web, FromRequest, Error as ActixWebError, HttpRequest, dev::Payload, http, http::header::HeaderValue, error::ErrorUnauthorized};
+use serde::{Serialize, Deserialize};
+use jsonwebtoken:: {decode, DecodingKey, errors::Error as JwtError, Algorithm, Validation, TokenData};
+use crate::auth::Claims;
+use crate::AppState;
+
+#[derive(Serialize, Deserialize, Debug)]
+pub struct AuthenticationToken {
+    pub id: usize,
+}
+
+impl FromRequest for AuthenticationToken {
+    type Error = ActixWebError;
+    type Future = Ready<Result<Self, Self::Error>>;
+
+    fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
+        // get auth token from the authorization header
+        let auth_header: Option<&HeaderValue> = req.headers().get(http::header::AUTHORIZATION);
+        let auth_token: String = auth_header.unwrap().to_str().unwrap_or("").to_string(); // check errors later
+        // stop empty and weird (ascii, chinese...) auth_token strings:
+        if auth_token.is_empty() { return ready(Err(ErrorUnauthorized("Invalid auth token!")))}
+        let secret: String = req.app_data::<web::Data<AppState>>().unwrap().secret.to_string();
+
+        // decode token with secret
+        let decode: Result<TokenData<Claims>, JwtError> = decode::<Claims>(
+            &auth_token,
+            &DecodingKey::from_secret(secret.as_str().as_ref()),
+            &Validation::new(Algorithm::HS256),
+        );
+
+        println!("{}", auth_token);
+        // return authenticationtoken
+        match decode {
+            Ok(token) => ready(Ok(AuthenticationToken { id: token.claims.id })),
+            Err(_) => ready(Err(ErrorUnauthorized("Unauthorized!"))),
+        }
+    }
+}
+
+/* Example execution in curl:
+curl localhost:8000/auth/protected -H "Accept: application/json" -H "Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNzY5MjAyNjU1fQ.QbWkgjmbmMwLJnia6vd67EfRkf6y-4nw572g-Nk0BOE"
+*/
-- 
cgit v1.2.3