qrush 0.6.0

Lightweight Job Queue and Task Scheduler for Rust (Actix + Redis + Cron)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

// qrush/src/services/basic_auth_service.rs
use actix_web::{
    dev::{forward_ready, Service, ServiceRequest, ServiceResponse, Transform},
    Error, HttpRequest, HttpResponse,
};
use base64::engine::general_purpose::STANDARD;
use base64::Engine;
use futures_util::future::{ready, Either, Ready}; // futures_util
use std::future::Ready as StdReady;              // StdReady = for new_transform
use crate::config::get_basic_auth;

pub struct BasicAuthMiddleware;

impl<S> Transform<S, ServiceRequest> for BasicAuthMiddleware
where
    S: Service<ServiceRequest, Response = ServiceResponse, Error = Error> + 'static,
    S::Future: 'static,
{
    type Response = ServiceResponse;
    type Error = Error;
    type InitError = ();
    type Transform = BasicAuthMiddlewareService<S>;
    type Future = StdReady<Result<Self::Transform, Self::InitError>>;

    fn new_transform(&self, service: S) -> Self::Future {
        std::future::ready(Ok(BasicAuthMiddlewareService { service }))
    }
}

pub struct BasicAuthMiddlewareService<S> {
    service: S,
}

impl<S> Service<ServiceRequest> for BasicAuthMiddlewareService<S>
where
    S: Service<ServiceRequest, Response = ServiceResponse, Error = Error> + 'static,
    S::Future: 'static,
{
    type Response = ServiceResponse;
    type Error = Error;

    // Correct Future type: Either<Ready<Result<...>>, S::Future>
    type Future = Either<Ready<Result<Self::Response, Self::Error>>, S::Future>;

    forward_ready!(service);

    fn call(&self, req: ServiceRequest) -> Self::Future {
        if check_basic_auth(req.request()) {
            Either::Right(self.service.call(req))
        } else {
            let response = req.into_response(unauthorized_response());
            Either::Left(ready(Ok(response)))
        }
    }
}

pub fn check_basic_auth(req: &HttpRequest) -> bool {
    if let Some(config) = get_basic_auth() {
        if let Some(auth_header) = req.headers().get("Authorization") {
            if let Ok(auth_str) = auth_header.to_str() {
                if let Some(encoded) = auth_str.strip_prefix("Basic ") {
                    if let Ok(decoded) = STANDARD.decode(encoded) {
                        if let Ok(credentials) = std::str::from_utf8(&decoded) {
                            let mut parts = credentials.splitn(2, ':');
                            let user = parts.next().unwrap_or_default();
                            let pass = parts.next().unwrap_or_default();
                            if user == config.username && pass == config.password {
                                return true;
                            }
                        }
                    }
                }
            }
        }
        return false;
    }
    // If config is not set, allow by default
    true
}

pub fn unauthorized_response() -> HttpResponse {
    HttpResponse::Unauthorized()
        .append_header(("WWW-Authenticate", r#"Basic realm="QRush""#))
        .finish()
}