feat: switch to headers for auth

2025-05-04 19:05:51 +02:00 · 2025-05-04 19:05:51 +02:00 · cbf0131d14
commit cbf0131d14
parent 6c706d973e
6 changed files with 96 additions and 159 deletions
--- a/src/api/v1/auth/mod.rs
+++ b/src/api/v1/auth/mod.rs
@ -34,33 +34,36 @@ pub fn web() -> Scope {
 }

 pub async fn check_access_token(
-    access_token: String,
+    access_token: &str,
    pool: &sqlx::Pool<Postgres>,
 ) -> Result<Uuid, HttpResponse> {
-    let row = sqlx::query_as(
-        "SELECT CAST(uuid as VARCHAR), created FROM access_tokens WHERE token = $1",
-    )
-    .bind(&access_token)
-    .fetch_one(pool)
-    .await;
+    let row =
+        sqlx::query_as("SELECT CAST(uuid as VARCHAR), created_at FROM access_tokens WHERE token = $1")
+            .bind(&access_token)
+            .fetch_one(pool)
+            .await;

    if let Err(error) = row {
-        if error.to_string() == "no rows returned by a query that expected to return at least one row" {
-            return Err(HttpResponse::Unauthorized().finish())
+        if error.to_string()
+            == "no rows returned by a query that expected to return at least one row"
+        {
+            return Err(HttpResponse::Unauthorized().finish());
        }

        error!("{}", error);
-        return Err(HttpResponse::InternalServerError().json(r#"{ "error": "Unhandled exception occured, contact the server administrator" }"#))
+        return Err(HttpResponse::InternalServerError().json(
+            r#"{ "error": "Unhandled exception occured, contact the server administrator" }"#,
+        ));
    }

-    let (uuid, created): (String, i64) = row.unwrap();
+    let (uuid, created_at): (String, i64) = row.unwrap();

    let current_time = SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .unwrap()
        .as_secs() as i64;

-    let lifetime = current_time - created;
+    let lifetime = current_time - created_at;

    if lifetime > 3600 {
        return Err(HttpResponse::Unauthorized().finish());