add optional user extractor

crates/accounts/src/api/mod.rs

@@ -1,2 +1,2 @@
-pub(crate) mod routes;
 pub mod router;
+pub(crate) mod routes;

crates/accounts/src/api/router.rs

@@ -33,29 +33,25 @@ impl AccountsApi {
             // 401 Unauthorized - Requesting user is unauthenticated
             // 404 Not Found - The requested resource does not exist.
             .route("/users/:user_id/profile", get(get_user_id_profile))
-
             // Update a single account when `admin.users:write` scope is present
             // 200 - OK
-            // 400 Bad Request - The request body was malformed or a field violated its constraints. 
+            // 400 Bad Request - The request body was malformed or a field violated its constraints.
             // 401 Unauthorized - You are unauthenticated
             // 403 Forbidden - You are authenticated but have no permission to manage the target user.
             // 404 Not Found - The requested resource does not exist.
             .route("/users/:user_id/profile", patch(get_user_id_profile))
-
             // Disable a single account by ID when `admin.users:write` scope is present
             // 204 No Content - Account was disabled successful
             // 401 Unauthorized - You are unauthenticated
             // 403 Forbidden - You are authenticated but have no permission to manage the target user.
             // 404 Not Found - The requested resource does not exist.
             .route("/users/:user_id/disable", patch(get_user_id_profile))
-
             // Enable a single account by ID when `admin.users:write` scope is present
             // 204 No Content - Account was enabled successful
             // 401 Unauthorized - You are unauthenticated
             // 403 Forbidden - You are authenticated but have no permission to manage the target user.
             // 404 Not Found - The requested resource does not exist.
             .route("/users/:user_id/enabled", patch(get_user_id_profile))
-
             .layer(tower_http::trace::TraceLayer::new_for_http())
     }
 }

crates/accounts/src/lib.rs

@@ -16,5 +16,5 @@
  */
 
 //! This crate handles all account related tasks in [Photos.network](https://photos.network) core application.
-//! 
+//!
 pub mod api;

crates/activity_pub/src/lib.rs

@@ -15,4 +15,4 @@
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 //! This crate provides the [ActivityPub](https://www.w3.org/TR/activitypub/) implementation for [Photos.network](https://photos.network).
-//! 
+//!

crates/common/src/http/extractors/mod.rs

@@ -0,0 +1,18 @@
+/* Photos.network · A privacy first photo storage and sharing service for fediverse.
+ * Copyright (C) 2020 Photos network developers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+pub mod optuser;
+pub mod user;

crates/common/src/http/extractors/optuser.rs

@@ -0,0 +1,47 @@
+/* Photos.network · A privacy first photo storage and sharing service for fediverse.
+ * Copyright (C) 2020 Photos network developers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+//! This extractor checks if an `Authorization` is header and contains a valid JWT token.
+//! Otherwise it will respond `Some(None)` to indicate an unauthorized user or a visiter without an account at all.
+//!
+use crate::model::auth::user::User;
+use async_trait::async_trait;
+use axum::extract::FromRequestParts;
+use http::request::Parts;
+
+pub struct OptionalUser(pub Option<User>);
+
+#[async_trait]
+impl<S> FromRequestParts<S> for OptionalUser
+where
+    S: Send + Sync,
+{
+    type Rejection = String;
+
+    async fn from_request_parts(parts: &mut Parts, _: &S) -> Result<Self, Self::Rejection> {
+        parts
+            .headers
+            .get("Authorization")
+            .and_then(|header| {
+                let _auth_token = header.to_str().ok();
+
+                // TODO: verify auth token
+                Some(Self(Some(User::new("[email protected]".to_string()))))
+            })
+            .ok_or("".to_string())
+    }
+}

crates/common/src/http/extractors/user.rs

@@ -0,0 +1,50 @@
+/* Photos.network · A privacy first photo storage and sharing service for fediverse.
+ * Copyright (C) 2020 Photos network developers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+//! This extractor requires an `Authorization` header present with a valid JWT token.
+//! Otherwise it will respond with `StatusCode::UNAUTHORIZED`
+//!
+use async_trait::async_trait;
+use axum::extract::FromRequestParts;
+use axum::http::StatusCode;
+use http::request::Parts;
+
+use crate::model::auth::user::User;
+
+#[async_trait]
+impl<S> FromRequestParts<S> for User
+where
+    S: Send + Sync,
+{
+    type Rejection = (StatusCode, &'static str);
+
+    async fn from_request_parts(parts: &mut Parts, _: &S) -> Result<Self, Self::Rejection> {
+        let _auth_token = parts
+            .headers
+            .get("Authorization")
+            .and_then(|header| header.to_str().ok())
+            .ok_or((StatusCode::UNAUTHORIZED, "Unauthorized"))?;
+
+        // TODO: get user for Authtoken
+        Ok(User::new("[email protected]".to_string()))
+        // TODO: verify Token
+        //        verify_auth_token(auth_header)
+        //            .await
+        //            .map_err(|_| (StatusCode::UNAUTHORIZED, "Unauthorized"))
+        //Err((StatusCode::UNAUTHORIZED, "Unauthorized"))
+    }
+}

crates/common/src/http/mod.rs

@@ -0,0 +1,17 @@
+/* Photos.network · A privacy first photo storage and sharing service for fediverse.
+ * Copyright (C) 2020 Photos network developers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+pub mod extractors;

crates/common/src/lib.rs

@@ -17,6 +17,7 @@
 
 //! This crate offers shared data models for [Photos.network](https://photos.network) core application.
 //!
+pub mod http;
 pub mod model {
     pub mod auth;
     pub mod sensitive;

crates/common/src/model/auth/mod.rs

@@ -1,2 +1 @@
 pub mod user;
-

crates/common/src/model/auth/user.rs

@@ -1,7 +1,20 @@
-use async_trait::async_trait;
-use axum::extract::FromRequestParts;
-use axum::http::StatusCode;
-use http::request::Parts;
+/* Photos.network · A privacy first photo storage and sharing service for fediverse.
+ * Copyright (C) 2020 Photos network developers
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
 use std::fmt;
 use time::OffsetDateTime;
 use uuid::Uuid;
@@ -30,7 +43,7 @@ impl fmt::Display for User {
 }
 
 impl User {
-    fn new(email: String) -> User {
+    pub(crate) fn new(email: String) -> User {
         User {
             uuid: Uuid::new_v4(),
             email,
@@ -44,27 +57,3 @@ impl User {
         }
     }
 }
-
-#[async_trait]
-impl<S> FromRequestParts<S> for User
-where
-    S: Send + Sync,
-{
-    type Rejection = (StatusCode, &'static str);
-
-    async fn from_request_parts(parts: &mut Parts, _: &S) -> Result<Self, Self::Rejection> {
-        let _auth_token = parts
-            .headers
-            .get("Authorization")
-            .and_then(|header| header.to_str().ok())
-            .ok_or((StatusCode::UNAUTHORIZED, "Unauthorized"))?;
-
-        // TODO: get user for Authtoken
-        Ok(User::new("[email protected]".to_string()))
-        // TODO: verify Token
-        //        verify_auth_token(auth_header)
-        //            .await
-        //            .map_err(|_| (StatusCode::UNAUTHORIZED, "Unauthorized"))
-        //Err((StatusCode::UNAUTHORIZED, "Unauthorized"))
-    }
-}

crates/media/src/api/mod.rs

@@ -1,2 +1,2 @@
-pub(crate) mod routes;
 pub mod router;
+pub(crate) mod routes;

crates/media/src/api/routes/delete_media_id.rs

@@ -1,5 +1,5 @@
 //! Deletes the given item owned by the user
-//! 
+//!
 use axum::http::StatusCode;
 
 pub(crate) async fn delete_media_id() -> std::result::Result<String, StatusCode> {

crates/media/src/api/routes/get_media.rs

@@ -1,6 +1,7 @@
 //! Returns a list of owned media items for current user
 //!
 use axum::{extract::Query, http::StatusCode, Json};
+use common::http::extractors::{self, optuser::OptionalUser};
 use common::model::auth::user::User;
 use serde::{Deserialize, Serialize};
 use std::result::Result;
@@ -12,10 +13,10 @@ pub(crate) struct MediaListQuery {
 }
 
 pub(crate) async fn get_media(
-    user: User,
+    user: OptionalUser,
     Query(query): Query<MediaListQuery>,
 ) -> Result<Json<String>, StatusCode> {
-    tracing::error!("GET /media user={}", user);
+    //tracing::error!("GET /media user={}", user);
     // TODO: check auth header
     // TODO: read list from persistency
     // TODO: return list
@@ -40,7 +41,7 @@ mod tests {
     use super::*;
 
     #[tokio::test]
-    async fn get_media_unauthorized_should_fail() {
+    async fn get_media_unauthorized_should_not_fail() {
         // given
         let app = Router::new().nest("/", MediaApi::routes());
 
@@ -57,6 +58,6 @@ mod tests {
             .unwrap();
 
         // then
-        assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
+        assert_eq!(response.status(), StatusCode::OK);
     }
 }

crates/media/src/api/routes/mod.rs

@@ -1,12 +1,12 @@
-pub(crate) mod get_media;
-pub(crate) mod post_media;
-pub(crate) mod get_media_id;
-pub(crate) mod post_media_id;
-pub(crate) mod patch_media_id;
 pub(crate) mod delete_media_id;
 pub(crate) mod get_albums;
-pub(crate) mod post_albums;
 pub(crate) mod get_albums_id;
+pub(crate) mod get_media;
+pub(crate) mod get_media_id;
 pub(crate) mod patch_albums_id;
 pub(crate) mod patch_albums_id_share;
 pub(crate) mod patch_albums_id_unshare;
+pub(crate) mod patch_media_id;
+pub(crate) mod post_albums;
+pub(crate) mod post_media;
+pub(crate) mod post_media_id;

crates/media/src/data/exif_info.rs

@@ -1,16 +1,16 @@
 /* Photos.network · A privacy first photo storage and sharing service for fediverse.
  * Copyright (C) 2020 Photos network developers
- * 
+ *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as
  * published by the Free Software Foundation, either version 3 of the
  * License, or (at your option) any later version.
- * 
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Affero General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */

crates/media/src/data/file.rs

@@ -1,16 +1,16 @@
 /* Photos.network · A privacy first photo storage and sharing service for fediverse.
  * Copyright (C) 2020 Photos network developers
- * 
+ *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as
  * published by the Free Software Foundation, either version 3 of the
  * License, or (at your option) any later version.
- * 
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Affero General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */

crates/media/src/data/location.rs

@@ -1,21 +1,21 @@
 /* Photos.network · A privacy first photo storage and sharing service for fediverse.
  * Copyright (C) 2020 Photos network developers
- * 
+ *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as
  * published by the Free Software Foundation, either version 3 of the
  * License, or (at your option) any later version.
- * 
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Affero General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 
 pub struct Location {
     pub latitude: f64,
-    pub longitude: f64
+    pub longitude: f64,
 }