push

src/model/user.rs

@@ -1,3 +1,5 @@
+use std::ops::Deref;
+
 use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
 use rocket::{
     async_trait,
@@ -34,12 +36,37 @@ impl TryFrom<User> for AdminUser {
     }
 }
 
+pub struct CoxUser {
+    user: User,
+}
+
+impl Deref for CoxUser {
+    type Target = User;
+
+    fn deref(&self) -> &Self::Target {
+        &self.user
+    }
+}
+
+impl TryFrom<User> for CoxUser {
+    type Error = LoginError;
+
+    fn try_from(user: User) -> Result<Self, Self::Error> {
+        if user.is_cox {
+            Ok(CoxUser { user })
+        } else {
+            Err(LoginError::NotACox)
+        }
+    }
+}
+
 #[derive(Debug)]
 pub enum LoginError {
     SqlxError(sqlx::Error),
     InvalidAuthenticationCombo,
     NotLoggedIn,
     NotAnAdmin,
+    NotACox,
     NoPasswordSet(User),
 }
 
@@ -181,6 +208,24 @@ impl<'r> FromRequest<'r> for AdminUser {
     }
 }
 
+#[async_trait]
+impl<'r> FromRequest<'r> for CoxUser {
+    type Error = LoginError;
+
+    async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
+        match req.cookies().get_private("loggedin_user") {
+            Some(user) => {
+                let user: User = serde_json::from_str(&user.value()).unwrap(); //TODO: fixme
+                match user.try_into() {
+                    Ok(user) => Outcome::Success(user),
+                    Err(_) => Outcome::Failure((Status::Unauthorized, LoginError::NotAnAdmin)),
+                }
+            }
+            None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
+        }
+    }
+}
+
 #[cfg(test)]
 mod test {
     use crate::testdb;