Rominou/hotel_api
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

swap encoding key implementation, need to not-arcode it if possible next.

Browse Source
This commit is contained in:
Romain Mallard
2025-09-24 04:22:45 +02:00
parent af03bd4e31
commit f315ffbe7b
3 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/main.rs
View File

@@ -1,4 +1,6 @@
use axum::serve;
use axum::Extension;
use jsonwebtoken::{DecodingKey, EncodingKey};
use tokio::net::TcpListener;
mod utils;
@@ -8,7 +10,7 @@ use r2d2::{Pool};
use r2d2_sqlite::SqliteConnectionManager;
use crate::utils::db_pool::{HotelPool,AppState};
use routes::create_router;
use crate::utils::auth::JwtKeys;
@@ -25,11 +27,18 @@ async fn main() -> std::io::Result<()> {
let state = AppState {
hotel_pools,
logs_pool,
jwt_secret: "your_jwt_secret_key s".to_string(), // better: load from env var
//jwt_secret: "your_jwt_secret_key s".to_string(), // better: load from env var
};
let jwt_secret = "your_jwt_secret_key".to_string();
let jwt_keys = JwtKeys {
encoding: EncodingKey::from_secret(jwt_secret.as_ref()),
decoding: DecodingKey::from_secret(jwt_secret.as_ref()),
};
let app = create_router(state)
.layer(Extension(jwt_keys));
let app = create_router(state);
let listener = TcpListener::bind("0.0.0.0:3000").await?;
serve(listener, app).into_future().await?;
Ok(())

19
src/utils/auth.rs
View File

@@ -6,7 +6,7 @@ use axum::{
middleware::Next,
response::{Response, IntoResponse},
Json,
extract::{Path, State, FromRequest, FromRequestParts}
extract::{Path, State, FromRequest, FromRequestParts, Extension}
};
use axum::extract::FromRef;
use axum::extract::Request as ExtractRequest;
@@ -15,7 +15,6 @@ use serde::{Deserialize, Serialize};
use serde_json::Value;
use chrono::{Utc};
use rusqlite::{params, Connection, OptionalExtension};
use async_trait::async_trait;
use rand_core::OsRng;
use argon2::{
@@ -25,8 +24,15 @@ use argon2::{
//use crate::utils::db_pool::;
use crate::utils::db_pool::{HotelPool,AppState};
#[derive(Clone)]
pub struct JwtKeys {
pub encoding: EncodingKey,
pub decoding: DecodingKey,
}
pub async fn token_tester(
State(state): State<AppState>,
Extension(keys): Extension<JwtKeys>,
AuthClaims { user_id, hotel_id, username }: AuthClaims,
) -> impl IntoResponse {
format!(
@@ -53,6 +59,8 @@ where
async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
// We assume your state has a `jwt_secret` field
let Extension(keys): Extension<JwtKeys> =
Extension::from_request_parts(parts, state).await.map_err(|_| (StatusCode::UNAUTHORIZED, "Missing keys".to_string()))?;
// 1⃣ Extract the token from the Authorization header
let auth_header = parts
@@ -70,7 +78,7 @@ where
// 2⃣ Decode the token
let token_data = decode::<Claims>(
token,
&DecodingKey::from_secret("your_jwt_secret_key s".to_string().as_ref()),
&keys.decoding,
&Validation::new(Algorithm::HS256),
).map_err(|_| (StatusCode::UNAUTHORIZED, "Invalid token".to_string()))?;
@@ -186,7 +194,8 @@ struct LoginResponse {
pub async fn clean_auth_loging(
State(state): State<AppState>,
LoginPayload(payload): LoginPayload
Extension(keys): Extension<JwtKeys>,
LoginPayload(payload): LoginPayload,
) -> impl IntoResponse {
// 1⃣ Get a connection from logs pool
let conn = match state.logs_pool.get() {
@@ -234,7 +243,7 @@ pub async fn clean_auth_loging(
let token = match encode(
&Header::default(),
&claims,
&EncodingKey::from_secret(state.jwt_secret.as_ref()),
&keys.encoding
) {
Ok(t) => t,
Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "JWT creation failed").into_response(),

2
src/utils/db_pool.rs
View File

@@ -9,7 +9,7 @@ type HotelId = i32; // or i32 if you want numeric ids
pub struct AppState {
pub hotel_pools: HotelPool,
pub logs_pool: Pool<SqliteConnectionManager>,
pub jwt_secret: String
}