typeway-server 0.1.0

Server runtime for the typeway type-level web framework
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276

//! Type-level authentication for endpoints.
//!
//! [`Protected<Auth, E>`] wraps an endpoint type to declare that it requires
//! authentication. The compiler enforces that the handler's first argument
//! is the auth extractor type.
//!
//! # Example
//!
//! ```ignore
//! use typeway_server::auth::Protected;
//!
//! // Tag endpoints as protected in the API type
//! type API = (
//!     GetEndpoint<TagsPath, TagsResponse>,                           // public
//!     Protected<AuthUser, GetEndpoint<UserPath, UserResponse>>,      // auth required
//! );
//!
//! // Handlers for protected endpoints MUST accept AuthUser as first arg.
//! async fn get_user(auth: AuthUser, state: State<Db>) -> Json<User> { ... }
//!
//! // Wire up with bind_auth!():
//! Server::<API>::new((
//!     bind!(get_tags),             // public
//!     bind_auth!(get_user),        // protected — AuthUser enforced
//! ));
//! ```

use std::future::Future;
use std::marker::PhantomData;
use std::pin::Pin;

use typeway_core::ApiSpec;

use crate::body::BoxBody;
use crate::extract::{FromRequest, FromRequestParts};
use crate::handler::BoxedHandler;
use crate::handler_for::{BindableEndpoint, BoundHandler};
use crate::response::IntoResponse;

/// An endpoint that requires authentication.
///
/// `Auth` is the authentication extractor type (e.g., `AuthUser`).
/// `E` is the underlying endpoint type.
///
/// Handlers bound to `Protected` endpoints via `bind_auth!()` must accept
/// `Auth` as their first argument. This is enforced at compile time by
/// the `AuthHandler` trait — using `bind!()` (without auth) for a
/// `Protected` endpoint produces a type mismatch.
pub struct Protected<Auth, E> {
    _marker: PhantomData<(Auth, E)>,
}

impl<Auth, E: ApiSpec> ApiSpec for Protected<Auth, E> {}

// Protected<Auth, E> delegates AllProvided to the inner endpoint E.
// This allows EffectfulServer to work with APIs containing Protected endpoints.
impl<Auth, E, Provided, Idx> typeway_core::effects::AllProvided<Provided, Idx>
    for Protected<Auth, E>
where
    E: typeway_core::effects::AllProvided<Provided, Idx>,
{
}

// NOTE: BindableEndpoint is intentionally NOT implemented for Protected.
// This means bind!() cannot be used with Protected endpoints — only
// bind_auth!() works. This is the compile-time enforcement mechanism.

// ---------------------------------------------------------------------------
// AuthHandler trait — enforces Auth as first argument
// ---------------------------------------------------------------------------

/// A handler that takes `Auth` as its first argument.
///
/// This is separate from `Handler<Args>` to ensure that `Protected`
/// endpoints can only be bound with handlers that accept the auth type.
/// The trait is implemented for async functions where the first argument
/// is `Auth: FromRequestParts`.
pub trait AuthHandler<Auth, Args>: Clone + Send + Sync + 'static {
    fn call(
        self,
        parts: http::request::Parts,
        body: bytes::Bytes,
    ) -> Pin<Box<dyn Future<Output = http::Response<BoxBody>> + Send>>;
}

// Auth + no other args
impl<F, Fut, Res, Auth> AuthHandler<Auth, ()> for F
where
    F: FnOnce(Auth) -> Fut + Clone + Send + Sync + 'static,
    Fut: Future<Output = Res> + Send,
    Res: IntoResponse,
    Auth: FromRequestParts + 'static,
{
    fn call(
        self,
        parts: http::request::Parts,
        _body: bytes::Bytes,
    ) -> Pin<Box<dyn Future<Output = http::Response<BoxBody>> + Send>> {
        Box::pin(async move {
            let auth = match Auth::from_request_parts(&parts) {
                Ok(v) => v,
                Err(e) => return e.into_response(),
            };
            self(auth).await.into_response()
        })
    }
}

// Generate impls for Auth + N FromRequestParts args
macro_rules! impl_auth_handler_parts {
    ([$($T:ident),+], [$($t:ident),+]) => {
        #[allow(non_snake_case)]
        impl<F, Fut, Res, Auth, $($T,)+> AuthHandler<Auth, ($($T,)+)> for F
        where
            F: FnOnce(Auth, $($T,)+) -> Fut + Clone + Send + Sync + 'static,
            Fut: Future<Output = Res> + Send,
            Res: IntoResponse,
            Auth: FromRequestParts + 'static,
            $($T: FromRequestParts + 'static,)+
        {
            fn call(
                self,
                parts: http::request::Parts,
                _body: bytes::Bytes,
            ) -> Pin<Box<dyn Future<Output = http::Response<BoxBody>> + Send>> {
                Box::pin(async move {
                    let auth = match Auth::from_request_parts(&parts) {
                        Ok(v) => v,
                        Err(e) => return e.into_response(),
                    };
                    $(
                        let $t = match $T::from_request_parts(&parts) {
                            Ok(v) => v,
                            Err(e) => return e.into_response(),
                        };
                    )+
                    self(auth, $($t,)+).await.into_response()
                })
            }
        }
    };
}

impl_auth_handler_parts!([T1], [t1]);
impl_auth_handler_parts!([T1, T2], [t1, t2]);
impl_auth_handler_parts!([T1, T2, T3], [t1, t2, t3]);
impl_auth_handler_parts!([T1, T2, T3, T4], [t1, t2, t3, t4]);
impl_auth_handler_parts!([T1, T2, T3, T4, T5], [t1, t2, t3, t4, t5]);
impl_auth_handler_parts!([T1, T2, T3, T4, T5, T6], [t1, t2, t3, t4, t5, t6]);

// Generate impls for Auth + N FromRequestParts args + body extractor (last arg)
macro_rules! impl_auth_handler_with_body {
    ([], []) => {
        impl<F, Fut, Res, Auth, B> AuthHandler<Auth, AuthWithBody<(), B>> for F
        where
            F: FnOnce(Auth, B) -> Fut + Clone + Send + Sync + 'static,
            Fut: Future<Output = Res> + Send,
            Res: IntoResponse,
            Auth: FromRequestParts + 'static,
            B: FromRequest + 'static,
        {
            fn call(
                self,
                parts: http::request::Parts,
                body: bytes::Bytes,
            ) -> Pin<Box<dyn Future<Output = http::Response<BoxBody>> + Send>> {
                Box::pin(async move {
                    let auth = match Auth::from_request_parts(&parts) {
                        Ok(v) => v,
                        Err(e) => return e.into_response(),
                    };
                    let b = match B::from_request(&parts, body).await {
                        Ok(v) => v,
                        Err(e) => return e.into_response(),
                    };
                    self(auth, b).await.into_response()
                })
            }
        }
    };
    ([$($T:ident),+], [$($t:ident),+]) => {
        #[allow(non_snake_case)]
        impl<F, Fut, Res, Auth, $($T,)+ B> AuthHandler<Auth, AuthWithBody<($($T,)+), B>> for F
        where
            F: FnOnce(Auth, $($T,)+ B) -> Fut + Clone + Send + Sync + 'static,
            Fut: Future<Output = Res> + Send,
            Res: IntoResponse,
            Auth: FromRequestParts + 'static,
            $($T: FromRequestParts + 'static,)+
            B: FromRequest + 'static,
        {
            fn call(
                self,
                parts: http::request::Parts,
                body: bytes::Bytes,
            ) -> Pin<Box<dyn Future<Output = http::Response<BoxBody>> + Send>> {
                Box::pin(async move {
                    let auth = match Auth::from_request_parts(&parts) {
                        Ok(v) => v,
                        Err(e) => return e.into_response(),
                    };
                    $(
                        let $t = match $T::from_request_parts(&parts) {
                            Ok(v) => v,
                            Err(e) => return e.into_response(),
                        };
                    )+
                    let b = match B::from_request(&parts, body).await {
                        Ok(v) => v,
                        Err(e) => return e.into_response(),
                    };
                    self(auth, $($t,)+ b).await.into_response()
                })
            }
        }
    };
}

/// Marker for auth handlers with a body extractor as last arg.
pub struct AuthWithBody<Parts, Body>(PhantomData<(Parts, Body)>);

impl_auth_handler_with_body!([], []);
impl_auth_handler_with_body!([T1], [t1]);
impl_auth_handler_with_body!([T1, T2], [t1, t2]);
impl_auth_handler_with_body!([T1, T2, T3], [t1, t2, t3]);
impl_auth_handler_with_body!([T1, T2, T3, T4], [t1, t2, t3, t4]);
impl_auth_handler_with_body!([T1, T2, T3, T4, T5], [t1, t2, t3, t4, t5]);

// ---------------------------------------------------------------------------
// bind_protected — uses AuthHandler instead of Handler
// ---------------------------------------------------------------------------

/// Bind a handler to a `Protected<Auth, E>` endpoint.
///
/// The handler's first argument MUST be `Auth`. This is enforced by the
/// `AuthHandler<Auth, Args>` trait — the compiler rejects handlers that
/// don't take `Auth` as their first argument.
/// Trait to extract binding info from the inner endpoint of a Protected type.
pub trait ProtectedEndpoint {
    type Auth;
    type Inner: BindableEndpoint;
}

impl<Auth, E: BindableEndpoint> ProtectedEndpoint for Protected<Auth, E> {
    type Auth = Auth;
    type Inner = E;
}

pub fn bind_protected<P, H, Args>(handler: H) -> BoundHandler<P>
where
    P: ProtectedEndpoint,
    P::Auth: FromRequestParts + 'static,
    P::Inner: BindableEndpoint,
    H: AuthHandler<P::Auth, Args>,
    Args: 'static,
{
    let method = P::Inner::method();
    let pattern = P::Inner::pattern();
    let match_fn = P::Inner::match_fn();

    // Type-erase via AuthHandler::call
    let boxed: BoxedHandler = std::sync::Arc::new(move |parts, body| {
        let h = handler.clone();
        h.call(parts, body)
    });

    BoundHandler::new(method, pattern, match_fn, boxed)
}

/// Convenience macro for binding protected handlers.
#[macro_export]
macro_rules! bind_auth {
    ($handler:expr) => {
        $crate::auth::bind_protected::<_, _, _>($handler)
    };
}