Fix bug in auth.rs

2025-09-08 22:39:48 +02:00
parent 6a104c38ec
commit 756d96c8de
1 changed files with 12 additions and 16 deletions
--- a/server/src/utils/auth.rs
+++ b/server/src/utils/auth.rs
@@ -10,13 +10,13 @@ pub struct AuthUser {
    pub user: User,
 }

-impl<S> FromRequestParts<S> for AuthUser
-where
-    S: Send + Sync,
-{
+impl FromRequestParts<DbPool> for AuthUser {
    type Rejection = StatusCode;

-    async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
+    async fn from_request_parts(
+        parts: &mut Parts,
+        state: &DbPool,
+    ) -> Result<Self, Self::Rejection> {
        let auth_header = parts
            .headers
            .get(AUTHORIZATION)
@@ -28,12 +28,8 @@ where
        }

        let token = &auth_header[7..];
-        let pool = parts
-            .extensions
-            .get::<DbPool>()
-            .ok_or(StatusCode::INTERNAL_SERVER_ERROR)?;

-        let user = AuthController::authenticate_user(pool, token)
+        let user = AuthController::authenticate_user(state, token)
            .await
            .map_err(|_| StatusCode::UNAUTHORIZED)?;

@@ -47,14 +43,14 @@ pub struct AdminUser {
    pub user: User,
 }

-impl<S> FromRequestParts<S> for AdminUser
-where
-    S: Send + Sync,
-{
+impl FromRequestParts<DbPool> for AdminUser {
    type Rejection = StatusCode;

-    async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
-        let auth_user = AuthUser::from_request_parts(parts, _state).await?;
+    async fn from_request_parts(
+        parts: &mut Parts,
+        state: &DbPool,
+    ) -> Result<Self, Self::Rejection> {
+        let auth_user = AuthUser::from_request_parts(parts, state).await?;

        if auth_user.user.role != UserRole::Admin {
            return Err(StatusCode::FORBIDDEN);