From 687d366f3df845514ddb47dcca21b9afe3352c15 Mon Sep 17 00:00:00 2001
From: Reimar <mail@reim.ar>
Date: Wed, 14 Aug 2024 16:33:38 +0200
Subject: [PATCH] Implement extractor for checking authorization

---
 rust-backend/Cargo.lock  |  1 +
 rust-backend/Cargo.toml  |  1 +
 rust-backend/src/auth.rs | 41 ++++++++++++++++++++++++++++++++++++++++
 rust-backend/src/main.rs | 11 +++++++++++
 4 files changed, 54 insertions(+)
 create mode 100644 rust-backend/src/auth.rs

diff --git a/rust-backend/Cargo.lock b/rust-backend/Cargo.lock
index fa14a42..78bf781 100644
--- a/rust-backend/Cargo.lock
+++ b/rust-backend/Cargo.lock
@@ -1101,6 +1101,7 @@ checksum = "56199f7ddabf13fe5074ce809e7d3f42b42ae711800501b5b16ea82ad029c39d"
 name = "skantravels"
 version = "0.1.0"
 dependencies = [
+ "actix-utils",
  "actix-web",
  "refinery",
  "rusqlite",
diff --git a/rust-backend/Cargo.toml b/rust-backend/Cargo.toml
index 3b01a45..eec9403 100644
--- a/rust-backend/Cargo.toml
+++ b/rust-backend/Cargo.toml
@@ -5,6 +5,7 @@ edition = "2021"
 
 [dependencies]
 actix-web = "4"
+actix-utils = "3.0.1"
 refinery = { version = "0.8.14", features = ["rusqlite"] }
 rusqlite = { version = "0.31", features = ["bundled"] }
 
diff --git a/rust-backend/src/auth.rs b/rust-backend/src/auth.rs
new file mode 100644
index 0000000..28685c6
--- /dev/null
+++ b/rust-backend/src/auth.rs
@@ -0,0 +1,41 @@
+use actix_web::{Error, FromRequest, HttpRequest};
+use actix_web::dev::Payload;
+use actix_web::error::ErrorUnauthorized;
+use std::string::String;
+use actix_utils::future::{Ready, ok, err};
+
+pub struct AuthorizedUser {
+    user_id: String,
+}
+
+impl FromRequest for AuthorizedUser {
+    type Error = Error;
+    type Future = Ready<Result<Self, Self::Error>>;
+
+    fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
+        if is_authorized(req) {
+            ok(Self {
+                user_id: "hi".to_string(),
+            })
+        } else {
+            err(ErrorUnauthorized("Unauthorized"))
+        }
+    }
+}
+
+fn is_authorized(req: &HttpRequest) -> bool {
+    let token = req.headers()
+        .get("Authorization")
+        .and_then(|value| value.to_str().ok())
+        .take_if(|value| value.starts_with("Bearer "))
+        .and_then(|value| Some(value.replace("Bearer ", "")));
+
+    if token.is_none() {
+        return false;
+    }
+
+    // TODO implement
+
+    true
+}
+
diff --git a/rust-backend/src/main.rs b/rust-backend/src/main.rs
index dc94b4b..7f89646 100644
--- a/rust-backend/src/main.rs
+++ b/rust-backend/src/main.rs
@@ -1,5 +1,9 @@
+mod auth;
+
 use actix_web::{get, Responder, HttpResponse, HttpServer, App, web};
+use actix_web::middleware;
 use std::sync::{Mutex, Arc};
+use crate::auth::AuthorizedUser;
 
 mod embedded {
     use refinery::embed_migrations;
@@ -21,6 +25,11 @@ async fn healthcheck(data: web::Data<AppData>) -> impl Responder {
 
 }
 
+#[get("/authorized")]
+async fn authorized(_: AuthorizedUser) -> impl Responder {
+    HttpResponse::Ok().body("Authorized")
+}
+
 #[actix_web::main]
 async fn main() -> std::io::Result<()> {
     let port = std::env::var("RUST_BACKEND_PORT")
@@ -50,8 +59,10 @@ async fn main() -> std::io::Result<()> {
                 database: conn,
             }))
             .service(healthcheck)
+            .service(authorized)
     })
     .bind(("0.0.0.0", port))?
     .run()
     .await
 }
+