API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 28th, 2020
164
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Rust 2.35 KB | None | 0 0
raw download clone embed print report
  1. #[macro_use]
  2. extern crate actix_rt;
  3.  
  4. #[macro_use]
  5. extern crate lazy_static;
  6.  
  7. use actix_web::{
  8.     dev::Payload,
  9.     get,
  10.     http::StatusCode,
  11.     post,
  12.     web::{self, HttpRequest, HttpResponse},
  13.     App, Error as HttpError, FromRequest, HttpServer, Responder,
  14. };
  15. use serde::{Deserialize, Serialize};
  16. use std::{error::Error, future::Future, pin::Pin, task::Poll};
  17. use tokio::sync::Mutex;
  18.  
  19. lazy_static! {
  20.     static ref SECRET_PASSWORD: Mutex<Box<str>> = Mutex::new("secret".into());
  21. }
  22.  
  23. pub struct Auth;
  24.  
  25. impl FromRequest for Auth {
  26.     type Error = HttpError;
  27.     type Config = ();
  28.     type Future = Box<Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>>;
  29.  
  30.     fn from_request(req: &HttpRequest, pl: &mut Payload) -> Self::Future {
  31.         let headers = req.headers();
  32.  
  33.         match headers.get("Authorization") {
  34.             Some(v) => {
  35.                 let owned = v.clone();
  36.  
  37.                 Box::new(Box::pin(async move {
  38.                     let lock = SECRET_PASSWORD.lock().await;
  39.  
  40.                     if &**lock == owned.to_str().unwrap() {
  41.                         Ok(Self)
  42.                     } else {
  43.                         Err(HttpError::from(
  44.                             HttpResponse::build(StatusCode::FORBIDDEN)
  45.                                 .body("authorization incorrect"),
  46.                         ))
  47.                     }
  48.                 }))
  49.             }
  50.             None => Box::new(Box::pin(async {
  51.                 Err(HttpError::from(
  52.                     HttpResponse::build(StatusCode::FORBIDDEN).body("authorization required"),
  53.                 ))
  54.             })),
  55.         }
  56.     }
  57. }
  58.  
  59. #[get("/")]
  60. pub async fn index(_: Auth) -> impl Responder {
  61.     HttpResponse::build(StatusCode::OK).body("hello")
  62. }
  63.  
  64. #[derive(Deserialize)]
  65. pub struct ChangePass {
  66.     pub pass: Box<str>,
  67. }
  68.  
  69. #[post("changepass")]
  70. pub async fn change_pass(form: web::Json<ChangePass>) -> impl Responder {
  71.     // lock
  72.     let mut lock = SECRET_PASSWORD.lock().await;
  73.  
  74.     *lock = form.pass.to_owned();
  75.  
  76.     HttpResponse::build(StatusCode::CREATED)
  77. }
  78.  
  79. #[actix_rt::main]
  80. async fn main() -> Result<(), Box<dyn Error>> {
  81.     HttpServer::new(move || {
  82.         App::new().service(web::scope("private").service(change_pass).service(index))
  83.     })
  84.     .bind("127.0.0.1:8080")?
  85.     .workers(4)
  86.     .run()
  87.     .await?;
  88.  
  89.     Ok(())
  90. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!