@@ -0,0 +1,15 @@
+use actix_web::HttpRequest;
+use sqlx::PgPool;
+use uuid::Uuid;
+use crate::{
+ models::user::User,
+ app_error::AppError
+};
+
+pub async fn user_auth(db: &PgPool, req: &HttpRequest) -> Result<User, AppError> {
+ let cookie = req.cookie("user").ok_or(AppError::Auth)?;
+ let user_id = Uuid::parse_str(cookie.value())
+ .map_err(|_| AppError::invalid_input("Invalid UUID"))?;
+ let user = User::find_one_by_id(db, user_id).await?;
+ Ok(user)
+}
@@ -39,5 +39,5 @@ fn compare_password(pass: &String, hash: &String) -> Result<(), AppError> {
Argon2::default()
.verify_password(pass.as_bytes(), &parsed_hash)
- .map_err(|_| AppError::Auth)
+ .map_err(|_| AppError::Auth)
}
@@ -8,6 +8,7 @@ mod routes;
mod controllers;
mod models;
mod logic;
+mod auth;
#[actix_web::main]
async fn main() -> Result<(), AppError> {
@@ -64,6 +64,23 @@ impl User {
+ pub async fn find_one_by_id(db: &PgPool, id: Uuid) -> Result<User, AppError> {
+ let user = sqlx::query_as!(
+ User,
+ "SELECT *
+ FROM users
+ WHERE id = $1",
+ id
+ )
+ .fetch_optional(db)
+ .await?;
+ match user {
+ Some(u) => Ok(u),
+ None => Err(AppError::not_found("User that ID deos not exist"))
+ }
pub fn response_user(self) -> ResponseUser {
ResponseUser {
id: self.id.to_string(),