zero2prod/src/routes/admin.rs

mod change_password;
mod dashboard;
mod logout;
mod newsletters;
mod posts;

use crate::{
    authentication::AuthenticatedUser,
    routes::{AppError, error_chain_fmt},
    session_state::TypedSession,
};
use axum::{extract::Request, middleware::Next, response::Response};
pub use change_password::*;
pub use dashboard::*;
pub use logout::*;
pub use newsletters::*;
pub use posts::*;

#[derive(thiserror::Error)]
pub enum AdminError {
    #[error("Something went wrong while performing an admin action.")]
    UnexpectedError(#[from] anyhow::Error),
    #[error("Trying to access admin dashboard without authentication.")]
    NotAuthenticated,
    #[error("Updating password failed.")]
    ChangePassword(String),
    #[error("Could not publish newsletter.")]
    Publish(#[source] anyhow::Error),
    #[error("The idempotency key was invalid.")]
    Idempotency(String),
}

impl std::fmt::Debug for AdminError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        error_chain_fmt(self, f)
    }
}

pub async fn require_auth(
    session: TypedSession,
    mut request: Request,
    next: Next,
) -> Result<Response, AppError> {
    let user_id = session
        .get_user_id()
        .await
        .map_err(|e| AdminError::UnexpectedError(e.into()))?
        .ok_or(AdminError::NotAuthenticated)?;
    let username = session
        .get_username()
        .await
        .map_err(|e| AdminError::UnexpectedError(e.into()))?
        .ok_or(AdminError::UnexpectedError(anyhow::anyhow!(
            "Could not find username in session."
        )))?;

    request
        .extensions_mut()
        .insert(AuthenticatedUser { user_id, username });

    Ok(next.run(request).await)
}