mini-apm-admin 0.0.0

Minimal APM for Rails - Admin web interface
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

use axum::{
    body::Body,
    extract::State,
    http::Request,
    middleware::Next,
    response::{IntoResponse, Redirect, Response},
};
use axum_extra::extract::cookie::CookieJar;
use std::env;

use mini_apm::{DbPool, models};

const SESSION_COOKIE: &str = "miniapm_session";

/// Middleware that checks authentication when ENABLE_USER_ACCOUNTS is set
pub async fn web_auth_middleware(
    State(pool): State<DbPool>,
    jar: CookieJar,
    request: Request<Body>,
    next: Next,
) -> Response {
    // Check if user accounts are enabled
    let enabled = env::var("ENABLE_USER_ACCOUNTS")
        .map(|v| v == "1" || v.to_lowercase() == "true")
        .unwrap_or(false);

    if !enabled {
        // User accounts disabled, allow access
        return next.run(request).await;
    }

    // Get session token from cookie
    let token = match jar.get(SESSION_COOKIE) {
        Some(cookie) => cookie.value().to_string(),
        None => return Redirect::to("/auth/login").into_response(),
    };

    // Validate session
    match models::user::get_user_from_session(&pool, &token) {
        Ok(Some(user)) => {
            // Check if password change is required
            if user.must_change_password {
                // Allow access to change-password page
                let path = request.uri().path();
                if path == "/auth/change-password" || path.starts_with("/static") {
                    return next.run(request).await;
                }
                return Redirect::to("/auth/change-password").into_response();
            }
            // User authenticated, proceed
            next.run(request).await
        }
        _ => Redirect::to("/auth/login").into_response(),
    }
}