add user extractor and handle multipart formdata uploads

photos-network · Aug 25, 2023 · bfdbae0 · bfdbae0
1 parent 48c0132
commit bfdbae0
Show file tree

Hide file tree

Showing 13 changed files with 220 additions and 43 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -43,12 +43,14 @@ oauth_authorization_server = { path = "./crates/oauth_authorization_server" }
 oauth_authentication = { path = "./crates/oauth_authentication" }
 
 activitypub_federation = "0.4.6"
+async-trait = { version = "0.1.73" }
 axum = { version = "0.6.20", features = ["ws", "headers"] }
 axum-test = { version = "12.1.0" }
 anyhow = { version = "1.0.72" }
 
 chrono = { version = "0.4.26", features = ["serde"] }
 
+http = { version = "0.2.9" }
 hyper = { version = "0.14", features = ["full"] }
 mime = { version = "0.3" }
 mockall = { version = "0.11.4" }
@@ -59,6 +61,7 @@ sea-orm = { version = "0.12.2", features = [ "runtime-tokio-rustls", "debug-prin
 serde = "1.0.183"
 serde_json = { version = "1.0.104", features = ["raw_value"] }
 
+time = { version = "0.3.27" }
 tokio = { version = "1.30.0", features = ["full"] }
 tower = { version = "0.4.13", features = ["util"] }
 tower-http = { version = "0.4.3", features = ["fs", "tracing", "trace", "cors"] }

diff --git a/crates/common/Cargo.toml b/crates/common/Cargo.toml
@@ -16,4 +16,9 @@ path = "src/lib.rs"
 doctest = false
 
 [dependencies]
+async-trait = { workspace = true }
+axum = { workspace = true }
+http = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
+time = { workspace = true }
+uuid = { workspace = true, features = ["serde"] }
diff --git a/crates/common/src/lib.rs b/crates/common/src/lib.rs
@@ -16,7 +16,8 @@
  */
 
 //! This crate offers shared data models for [Photos.network](https://photos.network) core application.
-//! 
+//!
 pub mod model {
+    pub mod auth;
     pub mod sensitive;
 }
diff --git a/crates/common/src/model/auth/mod.rs b/crates/common/src/model/auth/mod.rs
@@ -0,0 +1,2 @@
+pub mod user;
+
diff --git a/crates/common/src/model/auth/user.rs b/crates/common/src/model/auth/user.rs
@@ -0,0 +1,70 @@
+use async_trait::async_trait;
+use axum::extract::FromRequestParts;
+use axum::http::StatusCode;
+use http::request::Parts;
+use std::fmt;
+use time::OffsetDateTime;
+use uuid::Uuid;
+
+#[derive(Clone, Debug, Eq, PartialEq)]
+pub struct User {
+    uuid: Uuid,
+    email: String,
+    password: Option<String>,
+    lastname: Option<String>,
+    firstname: Option<String>,
+    is_locked: bool,
+    created_at: OffsetDateTime,
+    updated_at: Option<OffsetDateTime>,
+    last_login: Option<OffsetDateTime>,
+}
+
+impl fmt::Display for User {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(
+            f,
+            "{} ({}), locked:{})",
+            self.email, self.uuid, self.is_locked
+        )
+    }
+}
+
+impl User {
+    fn new(email: String) -> User {
+        User {
+            uuid: Uuid::new_v4(),
+            email,
+            password: Option::None,
+            lastname: Option::None,
+            firstname: Option::None,
+            is_locked: false,
+            created_at: OffsetDateTime::now_utc(),
+            updated_at: Option::None,
+            last_login: Option::None,
+        }
+    }
+}
+
+#[async_trait]
+impl<S> FromRequestParts<S> for User
+where
+    S: Send + Sync,
+{
+    type Rejection = (StatusCode, &'static str);
+
+    async fn from_request_parts(parts: &mut Parts, _: &S) -> Result<Self, Self::Rejection> {
+        let _auth_token = parts
+            .headers
+            .get("Authorization")
+            .and_then(|header| header.to_str().ok())
+            .ok_or((StatusCode::UNAUTHORIZED, "Unauthorized"))?;
+
+        // TODO: get user for Authtoken
+        Ok(User::new("[email protected]".to_string()))
+        // TODO: verify Token
+        //        verify_auth_token(auth_header)
+        //            .await
+        //            .map_err(|_| (StatusCode::UNAUTHORIZED, "Unauthorized"))
+        //Err((StatusCode::UNAUTHORIZED, "Unauthorized"))
+    }
+}
diff --git a/crates/media/Cargo.toml b/crates/media/Cargo.toml
@@ -16,6 +16,9 @@ path = "src/lib.rs"
 doctest = false
 
 [dependencies]
+common = { path = "../common" }
+
+tracing = { workspace = true }
 # serialization
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
@@ -29,6 +32,10 @@ mime = { workspace = true }
 sea-orm = { workspace = true }
 log = "0.4.19"
 
+
+uuid = { workspace = true, features = ["serde"] }
+
+
 # testing
 mockall = { workspace = true }
 rstest = { workspace = true }

diff --git a/crates/media/src/api/router.rs b/crates/media/src/api/router.rs
@@ -102,6 +102,7 @@ mod tests {
                 Request::builder()
                     .uri("/media?limit=100000&offset=1")
                     .method("GET")
+                    .header("Authorization", "FakeAuth")
                     .body(Body::empty())
                     .unwrap(),
             )
@@ -128,6 +129,7 @@ mod tests {
                 Request::builder()
                     .uri("/media")
                     .method("GET")
+                    .header("Authorization", "FakeAuth")
                     .body(Body::empty())
                     .unwrap(),
             )
@@ -145,6 +147,7 @@ mod tests {
 
     // TODO: re-enable test
     // #[tokio::test]
+    #[allow(dead_code)]
     async fn post_media_success() {
         // given
         let app = Router::new().nest("/", MediaApi::routes());