use crate::auth::Claims; use crate::AppState; use actix_web::{ dev::Payload, error::ErrorUnauthorized, http, http::header::HeaderValue, web, Error as ActixWebError, FromRequest, HttpRequest, }; use jsonwebtoken::{ decode, errors::Error as JwtError, Algorithm, DecodingKey, TokenData, Validation, }; use serde::{Deserialize, Serialize}; use std::future::{ready, Ready}; #[derive(Serialize, Deserialize, Debug)] pub struct AuthenticationToken { pub id: usize, } impl FromRequest for AuthenticationToken { type Error = ActixWebError; type Future = Ready>; fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future { // get auth token from the authorization header let auth_header: &HeaderValue = match req.headers().get(http::header::AUTHORIZATION) { Some(res) => res, None => return ready(Err(ErrorUnauthorized("No authorization token given"))), }; let auth_token: String = auth_header.to_str().unwrap_or("").to_string(); // check errors later // stop empty and weird (ascii, chinese...) auth_token strings: if auth_token.is_empty() { return ready(Err(ErrorUnauthorized("Invalid auth token!"))); } let secret: String = req .app_data::>() .unwrap() .secret .to_string(); // decode token with secret let decode: Result, JwtError> = decode::( &auth_token, &DecodingKey::from_secret(secret.as_str().as_ref()), &Validation::new(Algorithm::HS256), ); println!("{}", auth_token); // return authenticationtoken match decode { Ok(token) => ready(Ok(AuthenticationToken { id: token.claims.id, })), Err(_) => ready(Err(ErrorUnauthorized("Unauthorized!"))), } } } /* Example execution in curl: curl localhost:8000/auth/protected -H "Accept: application/json" -H "Authorization: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwiZXhwIjoxNzY5MjAyNjU1fQ.QbWkgjmbmMwLJnia6vd67EfRkf6y-4nw572g-Nk0BOE" */