diff --git a/src/handlers.rs b/src/handlers.rs index 0531bb174..e709fdd20 100644 --- a/src/handlers.rs +++ b/src/handlers.rs @@ -6,8 +6,9 @@ //! project root. use actix::prelude::{Addr, Syn}; +use actix_web; use actix_web::*; -use actix_web::middleware::RequestSession; +use actix_web::middleware::{Started, Middleware, RequestSession}; use db::*; use errors::{Result, ConverseError}; use futures::Future; @@ -120,6 +121,8 @@ pub fn login(state: State) -> ConverseResponse { .responder() } +const AUTHOR: &'static str = "author"; + pub fn callback(state: State, data: Form, mut req: HttpRequest) -> ConverseResponse { @@ -128,10 +131,30 @@ pub fn callback(state: State, .and_then(move |result| { let author = result?; info!("Setting cookie for {} after callback", author.name); - req.session().set("author_name", author.name)?; - req.session().set("author_email", author.email)?; + req.session().set(AUTHOR, author)?; Ok(HttpResponse::SeeOther() .header("Location", "/") .finish())}) .responder() } + + +/// Middleware used to enforce logins unceremonially. +pub struct RequireLogin; + +impl Middleware for RequireLogin { + fn start(&self, req: &mut HttpRequest) -> actix_web::Result { + let has_author = req.session().get::(AUTHOR)?.is_some(); + let is_oidc_req = req.path().starts_with("/oidc"); + + if !is_oidc_req && !has_author { + Ok(Started::Response( + HttpResponse::SeeOther() + .header("Location", "/oidc/login") + .finish() + )) + } else { + Ok(Started::Done) + } + } +} diff --git a/src/oidc.rs b/src/oidc.rs index bd2044ce5..09f7f7b6e 100644 --- a/src/oidc.rs +++ b/src/oidc.rs @@ -42,7 +42,7 @@ pub struct CodeResponse { /// This struct represents the data extracted from the ID token and /// stored in the user's session. -#[derive(Debug)] +#[derive(Debug, Serialize, Deserialize)] pub struct Author { pub name: String, pub email: String,