set auth request guard from managed state
This commit is contained in:
parent
680044cba8
commit
f3ddbcf07c
|
|
@ -7,7 +7,6 @@ use rocket::{
|
||||||
request::{self, FlashMessage, FromRequest, Request},
|
request::{self, FlashMessage, FromRequest, Request},
|
||||||
response::{Flash, Redirect},
|
response::{Flash, Redirect},
|
||||||
serde::Deserialize,
|
serde::Deserialize,
|
||||||
Config,
|
|
||||||
};
|
};
|
||||||
use rocket_dyn_templates::{tera::Context, Template};
|
use rocket_dyn_templates::{tera::Context, Template};
|
||||||
|
|
||||||
|
|
@ -15,6 +14,8 @@ use peach_lib::{error::PeachError, password_utils};
|
||||||
|
|
||||||
use crate::error::PeachWebError;
|
use crate::error::PeachWebError;
|
||||||
use crate::utils::TemplateOrRedirect;
|
use crate::utils::TemplateOrRedirect;
|
||||||
|
//use crate::DisableAuth;
|
||||||
|
use crate::RocketConfig;
|
||||||
|
|
||||||
// HELPERS AND STRUCTS FOR AUTHENTICATION WITH COOKIES
|
// HELPERS AND STRUCTS FOR AUTHENTICATION WITH COOKIES
|
||||||
|
|
||||||
|
|
@ -42,26 +43,30 @@ impl<'r> FromRequest<'r> for Authenticated {
|
||||||
type Error = LoginError;
|
type Error = LoginError;
|
||||||
|
|
||||||
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
||||||
// check for `disable_auth` config value; set to `false` if unset
|
// retrieve auth state from managed state (returns `Option<bool>`).
|
||||||
// can be set via the `ROCKET_DISABLE_AUTH` environment variable
|
// this value is read from the Rocket.toml config file on start-up
|
||||||
// - env var, if set, takes precedence over value defined in `Rocket.toml`
|
let authentication_is_disabled = req
|
||||||
let authentication_is_disabled: bool = match Config::figment().find_value("disable_auth") {
|
.rocket()
|
||||||
// deserialize the boolean value; set to `false` if an error is encountered
|
.state::<RocketConfig>()
|
||||||
Ok(value) => value.deserialize().unwrap_or(false),
|
.map(|config| (&config.disable_auth));
|
||||||
Err(_) => false,
|
|
||||||
};
|
match authentication_is_disabled {
|
||||||
if authentication_is_disabled {
|
Some(true) => {
|
||||||
let auth = Authenticated {};
|
let auth = Authenticated {};
|
||||||
request::Outcome::Success(auth)
|
request::Outcome::Success(auth)
|
||||||
} else {
|
}
|
||||||
let authenticated = req
|
_ => {
|
||||||
.cookies()
|
let authenticated = req
|
||||||
.get_private(AUTH_COOKIE_KEY)
|
.cookies()
|
||||||
.and_then(|cookie| cookie.value().parse().ok())
|
.get_private(AUTH_COOKIE_KEY)
|
||||||
.map(|_value: String| Authenticated {});
|
.and_then(|cookie| cookie.value().parse().ok())
|
||||||
match authenticated {
|
.map(|_value: String| Authenticated {});
|
||||||
Some(auth) => request::Outcome::Success(auth),
|
match authenticated {
|
||||||
None => request::Outcome::Failure((Status::Forbidden, LoginError::UserNotLoggedIn)),
|
Some(auth) => request::Outcome::Success(auth),
|
||||||
|
None => {
|
||||||
|
request::Outcome::Failure((Status::Forbidden, LoginError::UserNotLoggedIn))
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue