Rework auth to include session

The actual authentication is still fake.

1 files changed, 9 insertions, 27 deletions

diff --git a/server/src/main.rs b/server/src/main.rs
index f4fec18..223d861 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -4,39 +4,18 @@ extern crate rocket;
 use futures::{future::TryFutureExt, stream::TryStreamExt};
 
 use rocket::fairing::{self, AdHoc};
-use rocket::request::{self, FromRequest, Outcome, Request};
 use rocket::response::status::NotFound;
 use rocket::serde::json::Json;
 use rocket::{futures, Build, Rocket};
 use rocket_db_pools::{sqlx, Connection, Database};
 
 mod api_model;
+mod auth;
 
 #[derive(Database)]
 #[database("eyeballs")]
 struct Db(sqlx::MySqlPool);
 
-struct User {
-    username: String,
-}
-
-#[derive(Debug)]
-enum UserError {
-    Missing,
-    Invalid,
-}
-
-#[rocket::async_trait]
-impl<'r> FromRequest<'r> for User {
-    type Error = UserError;
-
-    async fn from_request(_req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
-        Outcome::Success(User {
-            username: String::from("foo"),
-        })
-    }
-}
-
 enum Role {
     Reviewer,
     Watcher,
@@ -76,7 +55,7 @@ impl TryFrom<u8> for api_model::ReviewState {
 #[get("/projects?<limit>&<offset>")]
 async fn projects<'r>(
     mut db: Connection<Db>,
-    _user: User,
+    _session: auth::Session,
     limit: Option<u32>,
     offset: Option<u32>,
 ) -> Json<api_model::Projects> {
@@ -117,7 +96,7 @@ async fn projects<'r>(
 #[get("/project/<projectid>")]
 async fn project<'r>(
     mut db: Connection<Db>,
-    _user: User,
+    _session: auth::Session,
     projectid: u64,
 ) -> Result<Json<api_model::Project>, NotFound<&'static str>> {
     let members = sqlx::query!(
@@ -154,7 +133,7 @@ async fn project<'r>(
 #[get("/project/<projectid>/reviews?<limit>&<offset>")]
 async fn reviews<'r>(
     mut db: Connection<Db>,
-    _user: User,
+    _session: auth::Session,
     projectid: u64,
     limit: Option<u32>,
     offset: Option<u32>,
@@ -204,7 +183,7 @@ async fn reviews<'r>(
 #[get("/review/<reviewid>")]
 async fn review<'r>(
     mut db: Connection<Db>,
-    _user: User,
+    _session: auth::Session,
     reviewid: u64,
 ) -> Result<Json<api_model::Review>, NotFound<&'static str>> {
     let mut users = sqlx::query!(
@@ -277,10 +256,13 @@ async fn run_migrations(rocket: Rocket<Build>) -> fairing::Result {
 
 #[rocket::main]
 async fn main() -> Result<(), rocket::Error> {
+    let basepath = "/api/v1";
+
     let _rocket = rocket::build()
         .attach(Db::init())
         .attach(AdHoc::try_on_ignite("Database Migrations", run_migrations))
-        .mount("/api/v1", routes![projects, project, reviews, review])
+        .mount(basepath, routes![projects, project, reviews, review])
+        .attach(auth::stage(basepath.to_string()))
         .launch()
         .await?;