Do not consider as valid sessions that are not completely signed in

src/middlewares/auth_middleware.rs

@@ -11,7 +11,7 @@ use askama::Template;
 
 use crate::constants::{ADMIN_ROUTES, AUTHENTICATED_ROUTES};
 use crate::controllers::base_controller::redirect_user_for_login;
-use crate::data::session_identity::{SessionIdentity, SessionIdentityData};
+use crate::data::session_identity::{SessionIdentity, SessionIdentityData, SessionStatus};
 
 // There are two steps in middleware processing.
 // 1. Middleware initialization, middleware factory gets called with
@@ -40,19 +40,19 @@ impl<S, B> Transform<S, ServiceRequest> for AuthMiddleware
 }
 
 #[derive(Debug)]
-enum SessionStatus {
+enum ConnStatus {
     SignedOut,
     RegularUser,
     Admin,
 }
 
-impl SessionStatus {
+impl ConnStatus {
     pub fn is_auth(&self) -> bool {
-        !matches!(self, SessionStatus::SignedOut)
+        !matches!(self, ConnStatus::SignedOut)
     }
 
     pub fn is_admin(&self) -> bool {
-        matches!(self, SessionStatus::Admin)
+        matches!(self, ConnStatus::Admin)
     }
 }
 
@@ -92,9 +92,9 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
             }
 
             let identity = match SessionIdentity::deserialize_session_data(req.get_identity()) {
-                None => SessionStatus::SignedOut,
+                Some(SessionIdentityData { status: SessionStatus::SignedIn, is_admin: true, .. }) => ConnStatus::Admin,
-                Some(SessionIdentityData { is_admin: true, .. }) => SessionStatus::Admin,
+                Some(SessionIdentityData { status: SessionStatus::SignedIn, .. }) => ConnStatus::RegularUser,
-                _ => SessionStatus::RegularUser,
+                _ => ConnStatus::SignedOut,
             };
 
             // Redirect user to login page