1mod config;
2mod models;
3
4pub use crate::config::{Config, IConfig};
5pub use crate::models::user::{AuthorizationMiddleware, Claims};
6use actix_web::dev::Payload;
7use actix_web::error::ErrorUnauthorized;
8use actix_web::{Error, FromRequest, HttpRequest};
9use futures::future::{err, ok, Ready};
10use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
11
12
13
14impl FromRequest for AuthorizationMiddleware {
15 type Error = Error;
16 type Future = Ready<Result<AuthorizationMiddleware, Error>>;
17 type Config = ();
18
19 fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future {
20 let auth = req.headers().get("Authorization");
21 match auth {
22 Some(_) => {
23 let split: Vec<&str> = auth.unwrap().to_str().unwrap().split("Bearer").collect();
24 let token = split[1].trim();
25 let config: Config = Config {path: "src/config/config.env".to_string() };
26 let var = "Xqv8jTGLxT";
27 let key = var.as_bytes();
28 match decode::<Claims>(
29 &token.to_string(),
30 &DecodingKey::from_secret(key.as_ref()),
31 &Validation::new(Algorithm::HS256),
32 ) {
33 Ok(_token) => {
34 let user_id = _token.claims.user_id;
35 let admin = _token.claims.admin;
36 ok(AuthorizationMiddleware { user_id, admin })
37 }
38 Err(_e) => err(ErrorUnauthorized(_e)),
39 }
40 }
41 None => err(ErrorUnauthorized("Blocked")),
42 }
43 }
44}
45
46#[cfg(test)]
47mod tests {
48 use chrono::{ Duration, Utc};
49 use crate::{AuthorizationMiddleware, Claims, Config, IConfig};
50 use actix_web::http::StatusCode;
51 use actix_web::{test, Error, FromRequest, HttpRequest};
52 use jsonwebtoken::{encode, EncodingKey, Header};
53
54 #[actix_rt::test]
55 async fn from_request_fail_return_invalid() {
56 let req: HttpRequest = test::TestRequest::default().to_http_request();
57 let mut res = test::TestRequest::to_http_parts(Default::default());
58 let resp: Result<AuthorizationMiddleware, Error> =
59 AuthorizationMiddleware::from_request(&req, &mut res.1).await;
60 let tmp = resp.err().unwrap();
61 let res_to_check = tmp.as_response_error();
62 assert_eq!(res_to_check.status_code(), StatusCode::UNAUTHORIZED);
63 }
64 #[actix_rt::test]
65 async fn form_request_fail_invalid_token() {
66 let req: HttpRequest = test::TestRequest::default()
67 .header("Authorization", "Bearer text/plain")
68 .to_http_request();
69 let mut res = test::TestRequest::to_http_parts(Default::default());
70 let resp: Result<AuthorizationMiddleware, Error> =
71 AuthorizationMiddleware::from_request(&req, &mut res.1).await;
72 let tmp = resp.err().unwrap();
73 let res_to_check = tmp.as_response_error();
74 assert_eq!(res_to_check.status_code(), StatusCode::UNAUTHORIZED);
75 }
76 #[actix_rt::test]
77 async fn form_request_work() {
78 let user_id = "muf".to_string() ;
79 let admin = false;
80 let date = Utc::now() + Duration::hours(1);
81 let my_claims = Claims {
82 user_id,
83 admin,
84 exp: date.timestamp() as u32,
85 };
86 let config: Config = Config {path: "src/config/config.env".to_string() };
87 let token = encode(
88 &Header::default(),
89 &my_claims,
90 &EncodingKey::from_secret(config.get_config_with_key("SECRET_KEY").as_ref()),
91 )
92 .unwrap();
93 let req: HttpRequest = test::TestRequest::default()
94 .header("Authorization", "Bearer ".to_owned() + &token)
95 .to_http_request();
96 let mut res = test::TestRequest::to_http_parts(Default::default());
97 let resp: Result<AuthorizationMiddleware, Error> =
98 AuthorizationMiddleware::from_request(&req, &mut res.1).await;
99 let tmp = resp.unwrap();
100 assert_eq!(tmp.eq(&AuthorizationMiddleware{
101 user_id: "muf".to_string(),
102 admin:false
103 }), true)
104 }
105}