diff --git a/Cargo.lock b/Cargo.lock index 908b64a..fc75567 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -19,6 +19,21 @@ dependencies = [ "tokio-util", ] +[[package]] +name = "actix-cors" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b340e9cfa5b08690aae90fb61beb44e9b06f44fe3d0f93781aaa58cfba86245e" +dependencies = [ + "actix-utils", + "actix-web", + "derive_more", + "futures-util", + "log", + "once_cell", + "smallvec", +] + [[package]] name = "actix-http" version = "3.3.1" @@ -183,6 +198,21 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "actix-web-httpauth" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d613edf08a42ccc6864c941d30fe14e1b676a77d16f1dbadc1174d065a0a775" +dependencies = [ + "actix-utils", + "actix-web", + "base64 0.21.0", + "futures-core", + "futures-util", + "log", + "pin-project-lite", +] + [[package]] name = "adler" version = "1.0.2" @@ -693,6 +723,7 @@ dependencies = [ "futures-task", "pin-project-lite", "pin-utils", + "slab", ] [[package]] @@ -1961,7 +1992,9 @@ dependencies = [ name = "stacker" version = "0.1.0" dependencies = [ + "actix-cors", "actix-web", + "actix-web-httpauth", "chrono", "config", "reqwest", diff --git a/Cargo.toml b/Cargo.toml index 342ca3d..d1b3e87 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -28,6 +28,8 @@ thiserror = "1.0" serde_valid = "0.16.3" serde_json = { version = "1.0.105", features = [] } serde_derive = "1.0.188" +actix-web-httpauth = "0.8.1" +actix-cors = "0.6.4" [dependencies.sqlx] version = "0.6.3" diff --git a/src/startup.rs b/src/startup.rs index a9ad2fd..da9b592 100644 --- a/src/startup.rs +++ b/src/startup.rs @@ -1,31 +1,44 @@ -use actix_web::dev::Server; +use actix_cors::Cors; +use actix_web::dev::{Server, ServiceRequest}; use actix_web::middleware::Logger; use actix_web::{ // http::header::HeaderName, web::{self, Form}, - App, HttpServer, + App, + Error, + HttpServer, }; +use actix_web_httpauth::{extractors::bearer::BearerAuth, middleware::HttpAuthentication}; +use serde::{Deserialize, Serialize}; use sqlx::PgPool; use std::net::TcpListener; -use serde::{Deserialize, Serialize}; -// use serde_derive::{Deserialize, Serialize}; -// use uuid::Uuid; #[derive(Serialize, Deserialize, Debug)] pub struct AppState { - pub user_id: i32 // @todo User must be move later to actix session and obtained from auth + pub user_id: i32, // @todo User must be move later to actix session and obtained from auth } +async fn bearer_guard( + req: ServiceRequest, + credentials: BearerAuth, +) -> Result { + eprintln!("{credentials:?}"); + //todo check that credentials.token is a real. get in sync with auth server + //todo get user from auth server + //todo save the server in the request state + //todo get the user in the rating route + Ok(req) +} pub fn run(listener: TcpListener, db_pool: PgPool) -> Result { let db_pool = web::Data::new(db_pool); let server = HttpServer::new(move || { App::new() .wrap(Logger::default()) + .wrap(HttpAuthentication::bearer(bearer_guard)) + .wrap(Cors::permissive()) .service( - web::resource("/health_check") - .route(web::get() - .to(crate::routes::health_check)), + web::resource("/health_check").route(web::get().to(crate::routes::health_check)), ) .service( web::resource("/rating") @@ -41,23 +54,15 @@ pub fn run(listener: TcpListener, db_pool: PgPool) -> Result