From 6e20a3c51756c2e84290da6ec53b89a5fc58c0fc Mon Sep 17 00:00:00 2001 From: Vika Date: Wed, 28 Sep 2022 03:55:48 +0300 Subject: Use tokens from the auth backend to authenticate for Micropub --- kittybox-rs/src/media/mod.rs | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'kittybox-rs/src/media') diff --git a/kittybox-rs/src/media/mod.rs b/kittybox-rs/src/media/mod.rs index a8ae6f9..0ce2ec9 100644 --- a/kittybox-rs/src/media/mod.rs +++ b/kittybox-rs/src/media/mod.rs @@ -1,9 +1,10 @@ use axum::{ - extract::{Extension, Host, multipart::{Multipart, MultipartError}, Path}, + extract::{Extension, Host, multipart::Multipart, Path}, response::{IntoResponse, Response}, headers::HeaderValue, }; use kittybox_util::error::{MicropubError, ErrorType}; -use crate::tokenauth::User; +use kittybox_indieauth::Scope; +use crate::indieauth::{User, backend::AuthBackend}; pub mod storage; use storage::{MediaStore, MediaStoreError, Metadata, ErrorKind}; @@ -19,12 +20,12 @@ impl From for MicropubError { } #[tracing::instrument(skip(blobstore))] -pub async fn upload( +pub(crate) async fn upload( mut upload: Multipart, Extension(blobstore): Extension, - user: User + user: User ) -> Response { - if !user.check_scope("media") { + if !user.check_scope(&Scope::Media) { return MicropubError { error: ErrorType::NotAuthorized, error_description: "Interacting with the media storage requires the \"media\" scope.".to_owned() @@ -61,7 +62,7 @@ pub async fn upload( } #[tracing::instrument(skip(blobstore))] -pub async fn serve( +pub(crate) async fn serve( Host(host): Host, Path(path): Path, Extension(blobstore): Extension @@ -103,9 +104,10 @@ pub async fn serve( } } -pub fn router(blobstore: S) -> axum::Router { +pub fn router(blobstore: S, auth: A) -> axum::Router { axum::Router::new() - .route("/", axum::routing::post(upload::)) + .route("/", axum::routing::post(upload::)) .route("/uploads/*file", axum::routing::get(serve::)) .layer(axum::Extension(blobstore)) + .layer(axum::Extension(auth)) } -- cgit 1.4.1