Merge branch 'main' into feature/frontend-triptype

2023-05-03 16:22:05 +02:00 · 2023-05-03 16:22:05 +02:00 · 6fa43053ba
commit 6fa43053ba
parent 1f29779ede 3f01bf39b3
1 changed files with 21 additions and 22 deletions
--- a/src/model/user.rs
+++ b/src/model/user.rs
@ -29,6 +29,7 @@ pub enum LoginError {
    NotAnAdmin,
    NotACox,
    NoPasswordSet(User),
+    DeserializationError,
 }

 impl User {
@ -162,10 +163,12 @@ impl<'r> FromRequest<'r> for User {

    async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
        match req.cookies().get_private("loggedin_user") {
-            Some(user) => {
-                let user: User = serde_json::from_str(user.value()).unwrap(); //TODO: fixme
-                Outcome::Success(user)
-            }
+            Some(user) => match serde_json::from_str(user.value()) {
+                Ok(user) => Outcome::Success(user),
+                Err(_) => {
+                    Outcome::Failure((Status::Unauthorized, LoginError::DeserializationError))
+                }
+            },
            None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
        }
    }
@ -200,15 +203,13 @@ impl<'r> FromRequest<'r> for CoxUser {
    type Error = LoginError;

    async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
-        match req.cookies().get_private("loggedin_user") {
-            Some(user) => {
-                let user: User = serde_json::from_str(user.value()).unwrap(); //TODO: fixme
-                match user.try_into() {
-                    Ok(user) => Outcome::Success(user),
-                    Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotAnAdmin)),
-                }
-            }
-            None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
+        match User::from_request(req).await {
+            Outcome::Success(user) => match user.try_into() {
+                Ok(user) => Outcome::Success(user),
+                Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotACox)),
+            },
+            Outcome::Failure(f) => Outcome::Failure(f),
+            Outcome::Forward(f) => Outcome::Forward(f),
        }
    }
 }
@ -235,15 +236,13 @@ impl<'r> FromRequest<'r> for AdminUser {
    type Error = LoginError;

    async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
-        match req.cookies().get_private("loggedin_user") {
-            Some(user) => {
-                let user: User = serde_json::from_str(user.value()).unwrap(); //TODO: fixme
-                match user.try_into() {
-                    Ok(user) => Outcome::Success(user),
-                    Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotAnAdmin)),
-                }
-            }
-            None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
+        match User::from_request(req).await {
+            Outcome::Success(user) => match user.try_into() {
+                Ok(user) => Outcome::Success(user),
+                Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotAnAdmin)),
+            },
+            Outcome::Failure(f) => Outcome::Failure(f),
+            Outcome::Forward(f) => Outcome::Forward(f),
        }
    }
 }