mmtickets_common/middlewares/
jwt_extractor.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
use std::sync::Arc;

use axum::{extract::State, http::Request, http::StatusCode, middleware::Next, response::Response};
use axum_extra::extract::CookieJar;

use crate::auth::jwt;

pub trait AppStateGetter {
    fn jwt_cookie_name(&self) -> &str;
    fn jwt_secret(&self) -> &str;
}

pub async fn set_jwt_from_cookie<B, A>(
    State(state): State<Arc<A>>,
    jar: CookieJar,
    mut request: Request<B>,
    next: Next<B>,
) -> Result<Response, StatusCode>
where
    A: AppStateGetter,
{
    let token = jar
        .get(state.jwt_cookie_name())
        .ok_or(StatusCode::UNAUTHORIZED)?
        .value()
        .to_string();
    let jwt = jwt::verify(&token, state.jwt_secret()).map_err(|_| StatusCode::UNAUTHORIZED)?;
    request.extensions_mut().insert(jwt);
    Ok(next.run(request).await)
}