Merge factors type for authentication

2022-11-11 12:26:02 +01:00
parent 8d231c0b45
commit af383720b7
44 changed files with 1177 additions and 674 deletions
--- a/src/middlewares/auth_middleware.rs
+++ b/src/middlewares/auth_middleware.rs
@ -1,18 +1,20 @@
 //! # Authentication middleware

-use std::future::{Future, ready, Ready};
+use std::future::{ready, Future, Ready};
 use std::pin::Pin;
 use std::rc::Rc;

 use actix_identity::IdentityExt;
-use actix_web::{
-    dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
-    Error, HttpResponse, web,
-};
 use actix_web::body::EitherBody;
 use actix_web::http::{header, Method};
+use actix_web::{
+    dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
+    web, Error, HttpResponse,
+};

-use crate::constants::{ADMIN_ROUTES, AUTHENTICATED_ROUTES, AUTHORIZE_URI, TOKEN_URI, USERINFO_URI};
+use crate::constants::{
+    ADMIN_ROUTES, AUTHENTICATED_ROUTES, AUTHORIZE_URI, TOKEN_URI, USERINFO_URI,
+};
 use crate::controllers::base_controller::{build_fatal_error_page, redirect_user_for_login};
 use crate::data::app_config::AppConfig;
 use crate::data::session_identity::{SessionIdentity, SessionIdentityData, SessionStatus};
@ -27,10 +29,10 @@ pub struct AuthMiddleware;
 // `S` - type of the next service
 // `B` - type of response's body
 impl<S, B> Transform<S, ServiceRequest> for AuthMiddleware
-    where
-        S: Service<ServiceRequest, Response=ServiceResponse<B>, Error=Error> + 'static,
-        S::Future: 'static,
-        B: 'static,
+where
+    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
+    S::Future: 'static,
+    B: 'static,
 {
    type Response = ServiceResponse<EitherBody<B>>;
    type Error = Error;
@ -62,22 +64,21 @@ impl ConnStatus {
    }
 }

-
 pub struct AuthInnerMiddleware<S> {
    service: Rc<S>,
 }

 impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
-    where
-        S: Service<ServiceRequest, Response=ServiceResponse<B>, Error=Error> + 'static,
-        S::Future: 'static,
-        B: 'static,
+where
+    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
+    S::Future: 'static,
+    B: 'static,
 {
    type Response = ServiceResponse<EitherBody<B>>;
    type Error = Error;

    #[allow(clippy::type_complexity)]
-    type Future = Pin<Box<dyn Future<Output=Result<Self::Response, Self::Error>>>>;
+    type Future = Pin<Box<dyn Future<Output = Result<Self::Response, Self::Error>>>>;

    forward_ready!(service);

@ -90,7 +91,8 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>

            // Check if POST request comes from another website (block invalid origins)
            let origin = req.headers().get(header::ORIGIN);
-            if req.method() == Method::POST && req.path() != TOKEN_URI && req.path() != USERINFO_URI {
+            if req.method() == Method::POST && req.path() != TOKEN_URI && req.path() != USERINFO_URI
+            {
                if let Some(o) = origin {
                    if !o.to_str().unwrap_or("bad").eq(&config.website_origin) {
                        log::warn!(
@ -118,14 +120,14 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
            let session_data = SessionIdentity::deserialize_session_data(id);
            let session = match session_data {
                Some(SessionIdentityData {
-                         status: SessionStatus::SignedIn,
-                         is_admin: true,
-                         ..
-                     }) => ConnStatus::Admin,
+                    status: SessionStatus::SignedIn,
+                    is_admin: true,
+                    ..
+                }) => ConnStatus::Admin,
                Some(SessionIdentityData {
-                         status: SessionStatus::SignedIn,
-                         ..
-                     }) => ConnStatus::RegularUser,
+                    status: SessionStatus::SignedIn,
+                    ..
+                }) => ConnStatus::RegularUser,
                _ => ConnStatus::SignedOut,
            };

@ -135,10 +137,13 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
            // Redirect user to login page
            if !session.is_auth()
                && (req.path().starts_with(ADMIN_ROUTES)
-                || req.path().starts_with(AUTHENTICATED_ROUTES) || req.path().eq(AUTHORIZE_URI))
+                    || req.path().starts_with(AUTHENTICATED_ROUTES)
+                    || req.path().eq(AUTHORIZE_URI))
            {
-                log::debug!("Redirect unauthenticated user from {} to authorization route.",
-                    req.path());
+                log::debug!(
+                    "Redirect unauthenticated user from {} to authorization route.",
+                    req.path()
+                );

                let path = req.uri().to_string();
                return Ok(req
@ -149,10 +154,9 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
            // Restrict access to admin pages
            if !session.is_admin() && req.path().starts_with(ADMIN_ROUTES) {
                return Ok(req
-                    .into_response(
-                        HttpResponse::Unauthorized().body(
-                            build_fatal_error_page("You are not allowed to access this resource.")),
-                    )
+                    .into_response(HttpResponse::Unauthorized().body(build_fatal_error_page(
+                        "You are not allowed to access this resource.",
+                    )))
                    .map_into_right_body());
            }