diff options
-rw-r--r-- | src/auth.rs | 31 | ||||
-rw-r--r-- | src/handlers.rs | 2 | ||||
-rw-r--r-- | src/routes.rs | 5 |
3 files changed, 10 insertions, 28 deletions
diff --git a/src/auth.rs b/src/auth.rs index ced9e8e..03930f0 100644 --- a/src/auth.rs +++ b/src/auth.rs | |||
@@ -63,29 +63,10 @@ struct Claims { | |||
63 | puk: String, | 63 | puk: String, |
64 | } | 64 | } |
65 | 65 | ||
66 | // #[derive(Error, Debug)] | 66 | #[derive(Debug)] |
67 | // pub enum Nope { | 67 | struct RateLimited; |
68 | // #[error("Invalid header")] | ||
69 | // InvalidHeader { | ||
70 | // expected: String, | ||
71 | // found: String, | ||
72 | // }, | ||
73 | // } | ||
74 | // impl warp::reject::Reject for Nope {} | ||
75 | 68 | ||
76 | #[derive(Error, Debug)] | 69 | impl Reject for RateLimited {} |
77 | pub enum DataStoreError { | ||
78 | #[error("invalid header")] | ||
79 | InvalidHeader {}, | ||
80 | } | ||
81 | |||
82 | impl Reject for DataStoreError {} | ||
83 | |||
84 | // impl From<LessThanTenError> for Rejection { | ||
85 | // fn from(other: LessThanTenError) -> Self { | ||
86 | // warp::reject::custom(other) | ||
87 | // } | ||
88 | // } | ||
89 | 70 | ||
90 | pub fn with_auth( | 71 | pub fn with_auth( |
91 | db: Db, | 72 | db: Db, |
@@ -94,10 +75,9 @@ pub fn with_auth( | |||
94 | headers_cloned() | 75 | headers_cloned() |
95 | .map(move |headers: HeaderMap<HeaderValue>| (db.clone(), headers)) | 76 | .map(move |headers: HeaderMap<HeaderValue>| (db.clone(), headers)) |
96 | .and_then(authorize) | 77 | .and_then(authorize) |
97 | .recover(handle_rejection()) | ||
98 | } | 78 | } |
99 | 79 | ||
100 | async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Infallible> { | 80 | async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Rejection> { |
101 | match jwt_from_header(&headers) { | 81 | match jwt_from_header(&headers) { |
102 | Ok(jwt) => { | 82 | Ok(jwt) => { |
103 | let decoded = decode::<Claims>( | 83 | let decoded = decode::<Claims>( |
@@ -111,8 +91,7 @@ async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String | |||
111 | 91 | ||
112 | Ok(decoded.claims.puk) | 92 | Ok(decoded.claims.puk) |
113 | } | 93 | } |
114 | Err(e) => return (StatusCode::UNAUTHORIZED, e.to_string()), | 94 | Err(e) => return Err(warp::reject::custom(RateLimited)), |
115 | // warp error | ||
116 | } | 95 | } |
117 | } | 96 | } |
118 | 97 | ||
diff --git a/src/handlers.rs b/src/handlers.rs index 89905a3..8908bfc 100644 --- a/src/handlers.rs +++ b/src/handlers.rs | |||
@@ -61,7 +61,7 @@ pub async fn propose_transaction( | |||
61 | /// POST /transaction, authenticated | 61 | /// POST /transaction, authenticated |
62 | /// The transaction arrived in this method has been authored by the public key in the source | 62 | /// The transaction arrived in this method has been authored by the public key in the source |
63 | pub async fn propose_authenticated_transaction( | 63 | pub async fn propose_authenticated_transaction( |
64 | header: HeaderMap<HeaderName, HeaderValue>, | 64 | pubkey: String, |
65 | new_transaction: Transaction, | 65 | new_transaction: Transaction, |
66 | db: Db, | 66 | db: Db, |
67 | ) -> Result<impl warp::Reply, warp::Rejection> { | 67 | ) -> Result<impl warp::Reply, warp::Rejection> { |
diff --git a/src/routes.rs b/src/routes.rs index b48fdb2..e2e068a 100644 --- a/src/routes.rs +++ b/src/routes.rs | |||
@@ -48,7 +48,10 @@ pub fn authenticated_transaction_propose( | |||
48 | .and(warp::path::end()) | 48 | .and(warp::path::end()) |
49 | .and(warp::post()) | 49 | .and(warp::post()) |
50 | .and(custom_filters::transaction_json_body()) // returns transaction | 50 | .and(custom_filters::transaction_json_body()) // returns transaction |
51 | .and(custom_filters::transaction_header()) // returns Transaction | 51 | .map(|t: Transaction| { |
52 | with_auth(db.clone(), t) | ||
53 | }) | ||
54 | .and(custom_filters::transaction_json_body()) // returns transaction | ||
52 | .and(custom_filters::with_db(db)) // wraps db | 55 | .and(custom_filters::with_db(db)) // wraps db |
53 | .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated | 56 | .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated |
54 | 57 | ||