From 38a928a47f94d9f456c9c53f5db4fcd19165e7ac Mon Sep 17 00:00:00 2001
From: Yigit Sever
Date: Sat, 10 Apr 2021 15:14:37 +0300
Subject: agliyo

---
 src/auth.rs     | 31 +++++--------------------------
 src/handlers.rs |  2 +-
 src/routes.rs   |  5 ++++-
 3 files changed, 10 insertions(+), 28 deletions(-)

(limited to 'src')

diff --git a/src/auth.rs b/src/auth.rs
index ced9e8e..03930f0 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -63,29 +63,10 @@ struct Claims {
     puk: String,
 }
 
-// #[derive(Error, Debug)]
-// pub enum Nope {
-//     #[error("Invalid header")]
-//     InvalidHeader {
-//         expected: String,
-//         found: String,
-//     },
-// }
-// impl warp::reject::Reject for Nope {}
+#[derive(Debug)]
+struct RateLimited;
 
-#[derive(Error, Debug)]
-pub enum DataStoreError {
-    #[error("invalid header")]
-    InvalidHeader {},
-}
-
-impl Reject for DataStoreError {}
-
-// impl From<LessThanTenError> for Rejection {
-//     fn from(other: LessThanTenError) -> Self {
-//         warp::reject::custom(other)
-//     }
-// }
+impl Reject for RateLimited {}
 
 pub fn with_auth(
     db: Db,
@@ -94,10 +75,9 @@ pub fn with_auth(
     headers_cloned()
         .map(move |headers: HeaderMap<HeaderValue>| (db.clone(), headers))
         .and_then(authorize)
-        .recover(handle_rejection())
 }
 
-async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Infallible> {
+async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Rejection> {
     match jwt_from_header(&headers) {
         Ok(jwt) => {
             let decoded = decode::<Claims>(
@@ -111,8 +91,7 @@ async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String
 
             Ok(decoded.claims.puk)
         }
-        Err(e) => return (StatusCode::UNAUTHORIZED, e.to_string()),
-        // warp error
+        Err(e) => return Err(warp::reject::custom(RateLimited)),
     }
 }
 
diff --git a/src/handlers.rs b/src/handlers.rs
index 89905a3..8908bfc 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -61,7 +61,7 @@ pub async fn propose_transaction(
 /// POST /transaction, authenticated
 /// The transaction arrived in this method has been authored by the public key in the source
 pub async fn propose_authenticated_transaction(
-    header: HeaderMap<HeaderName, HeaderValue>,
+    pubkey: String,
     new_transaction: Transaction,
     db: Db,
 ) -> Result<impl warp::Reply, warp::Rejection> {
diff --git a/src/routes.rs b/src/routes.rs
index b48fdb2..e2e068a 100644
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -48,7 +48,10 @@ pub fn authenticated_transaction_propose(
         .and(warp::path::end())
         .and(warp::post())
         .and(custom_filters::transaction_json_body()) // returns transaction
-        .and(custom_filters::transaction_header()) // returns Transaction
+        .map(|t: Transaction| {
+            with_auth(db.clone(), t)
+        })
+        .and(custom_filters::transaction_json_body()) // returns transaction
         .and(custom_filters::with_db(db)) // wraps db
         .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated
 
-- 
cgit v1.2.3-70-g09d2