From 6e20a3c51756c2e84290da6ec53b89a5fc58c0fc Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Wed, 28 Sep 2022 03:55:48 +0300
Subject: Use tokens from the auth backend to authenticate for Micropub

---
 kittybox-rs/src/media/mod.rs | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

(limited to 'kittybox-rs/src/media')

diff --git a/kittybox-rs/src/media/mod.rs b/kittybox-rs/src/media/mod.rs
index a8ae6f9..0ce2ec9 100644
--- a/kittybox-rs/src/media/mod.rs
+++ b/kittybox-rs/src/media/mod.rs
@@ -1,9 +1,10 @@
 use axum::{
-    extract::{Extension, Host, multipart::{Multipart, MultipartError}, Path},
+    extract::{Extension, Host, multipart::Multipart, Path},
     response::{IntoResponse, Response}, headers::HeaderValue,
 };
 use kittybox_util::error::{MicropubError, ErrorType};
-use crate::tokenauth::User;
+use kittybox_indieauth::Scope;
+use crate::indieauth::{User, backend::AuthBackend};
 
 pub mod storage;
 use storage::{MediaStore, MediaStoreError, Metadata, ErrorKind};
@@ -19,12 +20,12 @@ impl From<MediaStoreError> for MicropubError {
 }
 
 #[tracing::instrument(skip(blobstore))]
-pub async fn upload<S: MediaStore>(
+pub(crate) async fn upload<S: MediaStore, A: AuthBackend>(
     mut upload: Multipart,
     Extension(blobstore): Extension<S>,
-    user: User
+    user: User<A>
 ) -> Response {
-    if !user.check_scope("media") {
+    if !user.check_scope(&Scope::Media) {
         return MicropubError {
             error: ErrorType::NotAuthorized,
             error_description: "Interacting with the media storage requires the \"media\" scope.".to_owned()
@@ -61,7 +62,7 @@ pub async fn upload<S: MediaStore>(
 }
 
 #[tracing::instrument(skip(blobstore))]
-pub async fn serve<S: MediaStore>(
+pub(crate) async fn serve<S: MediaStore>(
     Host(host): Host,
     Path(path): Path<String>,
     Extension(blobstore): Extension<S>
@@ -103,9 +104,10 @@ pub async fn serve<S: MediaStore>(
     }
 }
 
-pub fn router<S: MediaStore>(blobstore: S) -> axum::Router {
+pub fn router<S: MediaStore, A: AuthBackend>(blobstore: S, auth: A) -> axum::Router {
     axum::Router::new()
-        .route("/", axum::routing::post(upload::<S>))
+        .route("/", axum::routing::post(upload::<S, A>))
         .route("/uploads/*file", axum::routing::get(serve::<S>))
         .layer(axum::Extension(blobstore))
+        .layer(axum::Extension(auth))
 }
-- 
cgit 1.4.1