Add auth

2024-12-08 18:14:14 +00:00 · 2024-12-08 18:14:14 +00:00 · dda356ea00
commit dda356ea00
parent e1ba3d44c7
8 changed files with 60 additions and 0 deletions
--- a/backend/sync_server/src/server/auth.rs
+++ b/backend/sync_server/src/server/auth.rs
@ -0,0 +1,14 @@
+use crate::{
+    app_state::AppState,
+    config::user_config::User,
+    errors::{unauthorized_error, SyncServerError},
+};
+
+pub fn auth(app_state: &AppState, token: &str) -> Result<User, SyncServerError> {
+    app_state
+        .config
+        .users
+        .get_user(token)
+        .cloned()
+        .ok_or_else(|| unauthorized_error(anyhow::anyhow!("Invalid token")))
+}
--- a/backend/sync_server/src/server/create_document.rs
+++ b/backend/sync_server/src/server/create_document.rs
@ -9,16 +9,23 @@ use anyhow::Context;
 use axum::extract::Path;
 use axum::extract::State;
 use axum::Json;
+use axum_extra::headers::authorization::Bearer;
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;
 use sync_lib::base64_to_bytes;

+use super::auth::auth;
 use super::requests::CreateDocumentVersion;

 #[axum::debug_handler]
 pub async fn create_document(
+    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
    Path(vault_id): Path<VaultId>,
    State(state): State<AppState>,
    Json(request): Json<CreateDocumentVersion>,
 ) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
+    auth(&state, auth_header.token())?;
+
    let new_version = StoredDocumentVersion {
        vault_id,
        document_id: uuid::Uuid::new_v4(),
--- a/backend/sync_server/src/server/delete_document.rs
+++ b/backend/sync_server/src/server/delete_document.rs
@ -10,15 +10,22 @@ use anyhow::Context;
 use axum::extract::Path;
 use axum::extract::State;
 use axum::Json;
+use axum_extra::headers::authorization::Bearer;
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;

+use super::auth::auth;
 use super::requests::DeleteDocumentVersion;

 #[axum::debug_handler]
 pub async fn delete_document(
+    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
    Path((vault_id, document_id)): Path<(VaultId, DocumentId)>,
    State(state): State<AppState>,
    Json(request): Json<DeleteDocumentVersion>,
 ) -> Result<(), SyncServerError> {
+    auth(&state, auth_header.token())?;
+
    let mut transaction = state
        .database
        .create_transaction()
--- a/backend/sync_server/src/server/fetch_latest_document_version.rs
+++ b/backend/sync_server/src/server/fetch_latest_document_version.rs
@ -9,12 +9,20 @@ use anyhow::anyhow;
 use axum::extract::Path;
 use axum::extract::State;
 use axum::Json;
+use axum_extra::headers::authorization::Bearer;
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;
+
+use super::auth::auth;

 #[axum::debug_handler]
 pub async fn fetch_latest_document_version(
+    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
    Path((vault_id, document_id)): Path<(VaultId, DocumentId)>,
    State(state): State<AppState>,
 ) -> Result<Json<DocumentVersion>, SyncServerError> {
+    auth(&state, auth_header.token())?;
+
    let latest_version = state
        .database
        .get_latest_document_version(&vault_id, &document_id, None)
--- a/backend/sync_server/src/server/fetch_latest_documents.rs
+++ b/backend/sync_server/src/server/fetch_latest_documents.rs
@ -6,12 +6,20 @@ use crate::errors::SyncServerError;
 use axum::extract::Path;
 use axum::extract::State;
 use axum::Json;
+use axum_extra::headers::authorization::Bearer;
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;
+
+use super::auth::auth;

 #[axum::debug_handler]
 pub async fn fetch_latest_documents(
+    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
    Path(vault_id): Path<VaultId>,
    State(state): State<AppState>,
 ) -> Result<Json<Vec<DocumentVersionWithoutContent>>, SyncServerError> {
+    auth(&state, auth_header.token())?;
+
    let latest_version = state
        .database
        .get_latest_documents(&vault_id, None)
--- a/backend/sync_server/src/server/update_document.rs
+++ b/backend/sync_server/src/server/update_document.rs
@ -12,17 +12,24 @@ use anyhow::Context;
 use axum::extract::Path;
 use axum::extract::State;
 use axum::Json;
+use axum_extra::headers::authorization::Bearer;
+use axum_extra::headers::Authorization;
+use axum_extra::TypedHeader;
 use sync_lib::base64_to_bytes;
 use sync_lib::base64_to_string;

+use super::auth::auth;
 use super::requests::UpdateDocumentVersion;

 #[axum::debug_handler]
 pub async fn update_document(
+    TypedHeader(auth_header): TypedHeader<Authorization<Bearer>>,
    Path((vault_id, document_id)): Path<(VaultId, DocumentId)>,
    State(state): State<AppState>,
    Json(request): Json<UpdateDocumentVersion>,
 ) -> Result<Json<DocumentVersionWithoutContent>, SyncServerError> {
+    auth(&state, auth_header.token())?;
+
    let parent = state
        .database
        .get_document_version(&vault_id, &document_id, &request.parent_version_id, None)