Login

Ben / RubHub

Overview Code Talk CI Settings
4 branches 0 tags
Ben (Desktop/Arch) Remote CI 709f28c 14 days ago 248 Commits
rubhub / src / extractors / runner_auth.rs
Raw
text/x-rust 1.26 KB 45 lines 
use std::sync::Arc;

use axum::{
    extract::{FromRef, FromRequestParts},
    http::{StatusCode, header, request::Parts},
};
use rubhub_auth_store::RunnerToken;

use crate::GlobalState;

/// Extractor that validates runner authentication via Bearer token
pub struct RunnerAuth(pub Arc<RunnerToken>);

impl<S> FromRequestParts<S> for RunnerAuth
where
    S: Send + Sync,
    GlobalState: FromRef<S>,
{
    type Rejection = (StatusCode, &'static str);

    async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
        let state = GlobalState::from_ref(state);

        // Get Authorization header
        let auth_header = parts
            .headers
            .get(header::AUTHORIZATION)
            .and_then(|v| v.to_str().ok())
            .ok_or((StatusCode::UNAUTHORIZED, "Missing Authorization header"))?;

        // Extract Bearer token
        let token = auth_header.strip_prefix("Bearer ").ok_or((
            StatusCode::UNAUTHORIZED,
            "Invalid Authorization header format",
        ))?;

        // Validate token
        let runner_token = state
            .auth
            .validate_runner_token(token)
            .ok_or((StatusCode::UNAUTHORIZED, "Invalid runner token"))?;

        Ok(RunnerAuth(runner_token))
    }
}