Use middleware instead of manual auth checks

backend/sync_server/src/server/create_document.rs

@@ -1,19 +1,12 @@
 use aide_axum_typed_multipart::TypedMultipart;
 use anyhow::Context as _;
 use axum::extract::{Path, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use sync_lib::base64_to_bytes;
 
-use super::{
-    auth::auth,
-    requests::{CreateDocumentVersion, CreateDocumentVersionMultipart},
-};
+use super::requests::{CreateDocumentVersion, CreateDocumentVersionMultipart};
 use crate::{
     app_state::{
         AppState,
@@ -36,7 +29,6 @@ pub struct CreateDocumentPathParams {
 /// with their content merged.
 #[axum::debug_handler]
 pub async fn create_document_multipart(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(CreateDocumentPathParams { vault_id }): Path<CreateDocumentPathParams>,
     State(state): State<AppState>,
     TypedMultipart(axum_typed_multipart::TypedMultipart(request)): TypedMultipart<
@@ -44,7 +36,6 @@ pub async fn create_document_multipart(
     >,
 ) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
     internal_create_document(
-        auth_header,
         state,
         vault_id,
         request.document_id,
@@ -59,7 +50,6 @@ pub async fn create_document_multipart(
 /// with their content merged.
 #[axum::debug_handler]
 pub async fn create_document_json(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(CreateDocumentPathParams { vault_id }): Path<CreateDocumentPathParams>,
     State(state): State<AppState>,
     Json(request): Json<CreateDocumentVersion>,
@@ -69,7 +59,6 @@ pub async fn create_document_json(
         .map_err(client_error)?;
 
     internal_create_document(
-        auth_header,
         state,
         vault_id,
         request.document_id,
@@ -80,15 +69,12 @@ pub async fn create_document_json(
 }
 
 async fn internal_create_document(
-    auth_header: Authorization<Bearer>,
     state: AppState,
     vault_id: VaultId,
     document_id: Option<DocumentId>,
     relative_path: String,
     content: Vec<u8>,
 ) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let mut transaction = state
         .database
         .create_write_transaction(&vault_id)

backend/sync_server/src/server/delete_document.rs

@@ -1,14 +1,10 @@
 use anyhow::Context as _;
 use axum::extract::{Path, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 
-use super::{auth::auth, requests::DeleteDocumentVersion};
+use super::requests::DeleteDocumentVersion;
 use crate::{
     app_state::{
         AppState,
@@ -29,7 +25,6 @@ pub struct DeleteDocumentPathParams {
 
 #[axum::debug_handler]
 pub async fn delete_document(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(DeleteDocumentPathParams {
         vault_id,
         document_id,
@@ -37,8 +32,6 @@ pub async fn delete_document(
     State(state): State<AppState>,
     Json(request): Json<DeleteDocumentVersion>,
 ) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let mut transaction = state
         .database
         .create_write_transaction(&vault_id)

backend/sync_server/src/server/fetch_document_version.rs

@@ -1,14 +1,9 @@
 use anyhow::anyhow;
 use axum::extract::{Path, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 
-use super::auth::auth;
 use crate::{
     app_state::{
         AppState,
@@ -27,7 +22,6 @@ pub struct FetchDocumentVersionPathParams {
 
 #[axum::debug_handler]
 pub async fn fetch_document_version(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(FetchDocumentVersionPathParams {
         vault_id,
         document_id,
@@ -35,8 +29,6 @@ pub async fn fetch_document_version(
     }): Path<FetchDocumentVersionPathParams>,
     State(state): State<AppState>,
 ) -> Result<Json<DocumentVersion>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let result = state
         .database
         .get_document_version(&vault_id, vault_update_id, None)

backend/sync_server/src/server/fetch_document_version_content.rs

@@ -3,14 +3,9 @@ use axum::{
     body::Bytes,
     extract::{Path, State},
 };
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use schemars::JsonSchema;
 use serde::Deserialize;
 
-use super::auth::auth;
 use crate::{
     app_state::{
         AppState,
@@ -29,7 +24,6 @@ pub struct FetchDocumentVersionContentPathParams {
 
 #[axum::debug_handler]
 pub async fn fetch_document_version_content(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(FetchDocumentVersionContentPathParams {
         vault_id,
         document_id,
@@ -37,8 +31,6 @@ pub async fn fetch_document_version_content(
     }): Path<FetchDocumentVersionContentPathParams>,
     State(state): State<AppState>,
 ) -> Result<Bytes, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let result = state
         .database
         .get_document_version(&vault_id, vault_update_id, None)

backend/sync_server/src/server/fetch_latest_document_version.rs

@@ -1,14 +1,9 @@
 use anyhow::anyhow;
 use axum::extract::{Path, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 
-use super::auth::auth;
 use crate::{
     app_state::{
         AppState,
@@ -26,15 +21,12 @@ pub struct FetchLatestDocumentVersionPathParams {
 
 #[axum::debug_handler]
 pub async fn fetch_latest_document_version(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(FetchLatestDocumentVersionPathParams {
         vault_id,
         document_id,
     }): Path<FetchLatestDocumentVersionPathParams>,
     State(state): State<AppState>,
 ) -> Result<Json<DocumentVersion>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let latest_version = state
         .database
         .get_latest_document(&vault_id, &document_id, None)

backend/sync_server/src/server/fetch_latest_documents.rs

@@ -1,13 +1,9 @@
 use axum::extract::{Path, Query, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 
-use super::{auth::auth, responses::FetchLatestDocumentsResponse};
+use super::responses::FetchLatestDocumentsResponse;
 use crate::{
     app_state::{
         AppState,
@@ -30,13 +26,10 @@ pub struct QueryParams {
 
 #[axum::debug_handler]
 pub async fn fetch_latest_documents(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(FetchLatestDocumentsPathParams { vault_id }): Path<FetchLatestDocumentsPathParams>,
     Query(QueryParams { since_update_id }): Query<QueryParams>,
     State(state): State<AppState>,
 ) -> Result<Json<FetchLatestDocumentsResponse>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     let documents = if let Some(since_update_id) = since_update_id {
         state
             .database

backend/sync_server/src/server/update_document.rs

@@ -1,10 +1,6 @@
 use aide_axum_typed_multipart::TypedMultipart;
 use anyhow::{Context as _, anyhow};
 use axum::extract::{Path, State};
-use axum_extra::{
-    TypedHeader,
-    headers::{Authorization, authorization::Bearer},
-};
 use axum_jsonschema::Json;
 use log::info;
 use schemars::JsonSchema;
@@ -12,7 +8,6 @@ use serde::Deserialize;
 use sync_lib::{base64_to_bytes, is_file_type_mergable, merge};
 
 use super::{
-    auth::auth,
     requests::{UpdateDocumentVersion, UpdateDocumentVersionMultipart},
     responses::DocumentUpdateResponse,
 };
@@ -34,7 +29,6 @@ pub struct UpdateDocumentPathParams {
 
 #[axum::debug_handler]
 pub async fn update_document_multipart(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(UpdateDocumentPathParams {
         vault_id,
         document_id,
@@ -45,7 +39,6 @@ pub async fn update_document_multipart(
     >,
 ) -> Result<Json<DocumentUpdateResponse>, SyncServerError> {
     internal_update_document(
-        auth_header,
         state,
         vault_id,
         document_id,
@@ -58,7 +51,6 @@ pub async fn update_document_multipart(
 
 #[axum::debug_handler]
 pub async fn update_document_json(
-    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
     Path(UpdateDocumentPathParams {
         vault_id,
         document_id,
@@ -71,7 +63,6 @@ pub async fn update_document_json(
         .map_err(client_error)?;
 
     internal_update_document(
-        auth_header,
         state,
         vault_id,
         document_id,
@@ -84,7 +75,6 @@ pub async fn update_document_json(
 
 #[allow(clippy::too_many_arguments, clippy::too_many_lines)]
 async fn internal_update_document(
-    auth_header: Authorization<Bearer>,
     state: AppState,
     vault_id: VaultId,
     document_id: DocumentId,
@@ -92,8 +82,6 @@ async fn internal_update_document(
     relative_path: String,
     content: Vec<u8>,
 ) -> Result<Json<DocumentUpdateResponse>, SyncServerError> {
-    auth(&state, auth_header.token(), &vault_id)?;
-
     // No need for a transaction as document versions are immutable
     let parent_document = state
         .database