get stuff ready for deployment!

2024-11-06 16:19:47 +01:00 · 2024-11-06 16:19:47 +01:00 · 66b14ed855
commit 66b14ed855
parent 00a584c8f0
4 changed files with 87 additions and 55 deletions
--- a/crates/backend/src/admin.rs
+++ b/crates/backend/src/admin.rs
@ -1,19 +1,62 @@
 use axum::{
-    extract::{Path, State},
+    extract::{Path, Request, State},
+    middleware::{self, Next},
+    response::{IntoResponse, Response},
    routing::get,
    Json, Router,
 };
+use http::{HeaderMap, HeaderValue, StatusCode};
 use rand::distributions::{Alphanumeric, DistString};
 use sqlx::{Pool, Postgres, QueryBuilder};

-use crate::{model::Chat, state::AppState};
+use crate::{markup_response::simple_error_page, model::Chat, state::AppState, ADMIN_TOK};

 pub fn router(state: AppState) -> Router {
    Router::new()
        .route("/new/:amount", get(create))
+        .nest("/stat", stat::router(state.clone()))
+        .route_layer(middleware::from_fn_with_state(
+            state.clone(),
+            auth_middleware,
+        ))
        .with_state(state)
 }

+async fn auth_middleware(
+    State(state): State<AppState>,
+    headers: HeaderMap,
+    req: Request,
+    next: Next,
+) -> Response {
+    let admin_tok = headers.get("x-admin-tok");
+    if headers.get("x-admin-tok") == Some(&HeaderValue::from_static(ADMIN_TOK)) {
+        let res = next.run(req).await;
+        return res;
+    }
+
+    simple_error_page(StatusCode::UNAUTHORIZED).into_response()
+}
+
+mod stat {
+    use axum::{extract::State, routing::get, Json, Router};
+
+    use crate::{model::Chat, state::AppState};
+
+    // TODO: /stat/* should require authentication
+    pub fn router(state: AppState) -> Router<AppState> {
+        Router::new().route("/chats", get(chats)).with_state(state)
+    }
+
+    async fn chats(State(state): State<AppState>) -> Json<Vec<Chat>> {
+        let r = sqlx::query_as!(Chat, "select * from chats;")
+            .fetch_all(state.pool())
+            .await
+            .unwrap();
+
+        Json(r)
+    }
+}
+
 async fn create(Path(amount): Path<u8>, State(state): State<AppState>) -> Json<Vec<Chat>> {
    let paths: Vec<String> = (0..amount)
        .map(|_| Alphanumeric.sample_string(&mut rand::thread_rng(), 6))
--- a/crates/backend/src/main.rs
+++ b/crates/backend/src/main.rs
@ -10,7 +10,6 @@ mod admin;
 mod chat;
 mod markup_response;
 mod model;
-mod stat;
 mod state;
 mod ws;

@ -28,7 +27,6 @@ async fn main() -> anyhow::Result<()> {
        .route("/:path", get(chat::get).post(chat::post))
        .route("/poll/:msg", get(chat::poll))
        .with_state(state.clone())
-        .nest("/stat", stat::router(state.clone()))
        .nest("/admin", admin::router(state.clone()))
        .nest("/static", axum_static::static_router("static"));
    let listener = tokio::net::TcpListener::bind("0.0.0.0:8080").await.unwrap();
--- a/crates/backend/src/stat.rs
+++ b/crates/backend/src/stat.rs
@ -4,17 +4,3 @@ use axum::{extract::State, routing::get, Json, Router};
 use sqlx::{types::Uuid, Pool, Postgres};

 use crate::{model::Chat, state::AppState};
-
-// TODO: /stat/* should require authentication
-pub fn router(state: AppState) -> Router {
-    Router::new().route("/chats", get(chats)).with_state(state)
-}
-
-async fn chats(State(state): State<AppState>) -> Json<Vec<Chat>> {
-    let r = sqlx::query_as!(Chat, "select * from chats;")
-        .fetch_all(state.pool())
-        .await
-        .unwrap();
-
-    Json(r)
-}