1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
use std::error::Error;
use std::marker::PhantomData;
use std::sync::{Arc, Mutex};
use mould::prelude::*;
use authorize::{Role, Authorize};
use authorize::checkers::TokenChecker;
pub struct TokenService<C, R, E>
where C: TokenChecker<R, E>, R: Role, E: Error {
checker: Arc<Mutex<C>>,
_role: PhantomData<R>,
_error: PhantomData<E>,
}
impl<C, R, E> TokenService<C, R, E>
where C: TokenChecker<R, E>, R: Role, E: Error {
pub fn new(checker: C) -> Self {
TokenService {
checker: Arc::new(Mutex::new(checker)),
_role: PhantomData,
_error: PhantomData,
}
}
}
impl<T, C, R, E> Service<T> for TokenService<C, R, E>
where T: Authorize<R>,
C: TokenChecker<R, E> + Send + 'static,
R: Role + Send + Sync + 'static,
E: Error + Send + Sync + 'static {
fn route(&self, request: &Request) -> Box<Worker<T>> {
if request.action == "do-auth" {
Box::new(TokenCheckWorker::new(self.checker.clone()))
} else {
let msg = format!("Unknown action '{}' for token service!", request.action);
Box::new(RejectWorker::new(msg))
}
}
}
struct TokenCheckWorker<C, R, E>
where C: TokenChecker<R, E>, R: Role, E: Error {
checker: Arc<Mutex<C>>,
_role: PhantomData<R>,
_error: PhantomData<E>,
}
impl<C, R, E> TokenCheckWorker<C, R, E>
where C: TokenChecker<R, E>, R: Role, E: Error {
fn new(checker: Arc<Mutex<C>>) -> Self {
TokenCheckWorker {
checker: checker,
_role: PhantomData,
_error: PhantomData,
}
}
}
impl<T, C, R, E> Worker<T> for TokenCheckWorker<C, R, E>
where T: Authorize<R>, C: TokenChecker<R, E>, R: Role, E: Error + 'static {
fn prepare(&mut self, session: &mut T, mut request: Request) -> worker::Result<Shortcut> {
let token: String = extract_field!(request, "token");
let role = {
let mut guard = try!(self.checker.lock()
.or(Err("Impossible to check token!")));
try!(guard.get_role_for_token(&token))
};
ensure_it!(role.is_some(), "Token is not valid!");
session.set_role(role);
Ok(Shortcut::Done)
}
}