%(date +'%Y%m%d')

author: Yigit Sever 2021-04-10 15:49:26 +0300
committer: Yigit Sever 2021-04-10 15:49:26 +0300
commit: a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc (patch)
tree: 28b354bac254c1c92e8a13b8b2bf6f3d0dcde021
parent: 38a928a47f94d9f456c9c53f5db4fcd19165e7ac (diff)
download: gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.tar.gz
gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.tar.bz2
gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.zip
4 files changed, 25 insertions, 18 deletions
diff --git a/src/auth.rs b/src/auth.rs
index 03930f0..65d639b 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -66,18 +66,25 @@ struct Claims {
 #[derive(Debug)]
 struct RateLimited;
+#[derive(Debug, Clone)]
+pub struct Pubkey {
+    a: String,
+}
 impl Reject for RateLimited {}
 pub fn with_auth(
    db: Db,
    t: Transaction,
-) -> impl Filter<Extract = (String,), Error = Rejection> + Clone {
+) -> impl Filter<Extract = (Pubkey,), Error = Rejection> + Clone {
    headers_cloned()
-        .map(move |headers: HeaderMap<HeaderValue>| (db.clone(), headers))
+        .map(move |headers: HeaderMap<HeaderValue>| (db.clone(), headers, t.source.clone()))
        .and_then(authorize)
 }
-async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Rejection> {
+async fn authorize(
+    (db, headers, source): (Db, HeaderMap<HeaderValue>, String),
+) -> Result<Pubkey, Rejection> {
    match jwt_from_header(&headers) {
        Ok(jwt) => {
            let decoded = decode::<Claims>(
@@ -89,7 +96,9 @@ async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String
            .map_err(|_| reject::custom(Error::JWTTokenError))
            .unwrap();
-            Ok(decoded.claims.puk)
+            Ok(Pubkey {
+                a: decoded.claims.puk,
+            })
        }
        Err(e) => return Err(warp::reject::custom(RateLimited)),
    }
diff --git a/src/handlers.rs b/src/handlers.rs
index 8908bfc..0bcbd49 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -3,6 +3,8 @@ use log::debug; // this is more useful than debug! learn how to use this
 use parking_lot::RwLockUpgradableReadGuard;
 use std::convert::Infallible;
 use warp::{http::StatusCode, reply};
+use warp::reject::Rejection;
+use crate::auth::Pubkey;
 use crate::schema::{Block, Db, Transaction};
@@ -61,7 +63,7 @@ pub async fn propose_transaction(
 /// POST /transaction, authenticated
 /// The transaction arrived in this method has been authored by the public key in the source
 pub async fn propose_authenticated_transaction(
-    pubkey: String,
+    pubkey: Pubkey,
    new_transaction: Transaction,
    db: Db,
 ) -> Result<impl warp::Reply, warp::Rejection> {
diff --git a/src/routes.rs b/src/routes.rs
index e2e068a..871fd9c 100644
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -44,28 +44,24 @@ pub fn transaction_propose(db: Db) -> impl Filter<Extract = impl Reply, Error =
 pub fn authenticated_transaction_propose(
    db: Db,
 ) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone {
+    //         // TODO: you might have to restore this
+    //         // what we're trying to do is knowing which public key to use to decode the jwt in the
+    //         // header of the request, we will either request it through a header (ugly, ugh) or get it
+    //         // from json (then how do we chain these ugh) or we can just validate/check (move the
+    //         // header/jwt logic to propose_transaction but that doesn't feel right either
+    //         // good luck <10-04-21, yigit> //
    warp::path("transaction")
        .and(warp::path::end())
        .and(warp::post())
        .and(custom_filters::transaction_json_body()) // returns transaction
        .map(|t: Transaction| {
+            // what do these do?
            with_auth(db.clone(), t)
        })
        .and(custom_filters::transaction_json_body()) // returns transaction
        .and(custom_filters::with_db(db)) // wraps db
        .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated
-    //         .and(custom_filters::transaction_json_body())
-    //         // TODO: you might have to restore this
-    //         // what we're trying to do is knowing which public key to use to decode the jwt in the
-    //         // header of the request, we will either request it through a header (ugly, ugh) or get it
-    //         // from json (then how do we chain these ugh) or we can just validate/check (move the
-    //         // header/jwt logic to propose_transaction but that doesn't feel right either
-    //         // good luck <10-04-21, yigit> //
-    //         .map(|t: Transaction| with_auth(db.clone(), t))
-    //         .and(custom_filters::transaction_json_body())
-    //         .and(custom_filters::with_db(db))
-    //         .and_then(handlers::propose_transaction)
 }
 /// POST /block warp route
diff --git a/src/schema.rs b/src/schema.rs
index c4917ab..f680bbf 100644
--- a/src/schema.rs
+++ b/src/schema.rs
@@ -46,7 +46,7 @@ impl Db {
 /// A transaction between `source` and `target` that moves `amount` Note:
 /// https://serde.rs/container-attrs.html might be valueable to normalize the serialize/deserialize
 /// conventions as these will be hashed
-#[derive(Serialize, Deserialize, Debug)]
+#[derive(Serialize, Deserialize, Debug, Clone)]
 pub struct Transaction {
    pub source: String,
    pub target: String,
author	Yigit Sever	2021-04-10 15:49:26 +0300
committer	Yigit Sever	2021-04-10 15:49:26 +0300
commit	a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc (patch)
tree	28b354bac254c1c92e8a13b8b2bf6f3d0dcde021
parent	38a928a47f94d9f456c9c53f5db4fcd19165e7ac (diff)
download	gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.tar.gz gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.tar.bz2 gradecoin-a3bc90d6755acbe3670dfcf23f35acdaf9b00ffc.zip