Use tower http auth layer in kv store example (#171)

2024-11-25 08:37:29 +01:00 · 2021-08-10 09:46:09 +02:00 · 2021-08-10 09:46:09 +02:00 · 387de8b426
commit 387de8b426
parent a790abca87
1 changed files with 5 additions and 35 deletions
--- a/examples/key_value_store.rs
+++ b/examples/key_value_store.rs
@ -7,8 +7,7 @@
 //! ```

 use axum::{
-    async_trait,
-    extract::{extractor_middleware, ContentLengthLimit, Extension, Path, RequestParts},
+    extract::{ContentLengthLimit, Extension, Path},
    prelude::*,
    response::IntoResponse,
    routing::BoxRoute,
@ -25,7 +24,8 @@ use std::{
 };
 use tower::{BoxError, ServiceBuilder};
 use tower_http::{
-    add_extension::AddExtensionLayer, compression::CompressionLayer, trace::TraceLayer,
+    add_extension::AddExtensionLayer, auth::RequireAuthorizationLayer,
+    compression::CompressionLayer, trace::TraceLayer,
 };

 #[tokio::main]
@ -118,41 +118,11 @@ fn admin_routes() -> BoxRoute<hyper::Body> {

    route("/keys", delete(delete_all_keys))
        .route("/key/:key", delete(remove_key))
-        // Require beare auth for all admin routes
-        .layer(extractor_middleware::<RequireAuth>())
+        // Require bearer auth for all admin routes
+        .layer(RequireAuthorizationLayer::bearer("secret-token"))
        .boxed()
 }

-/// An extractor that performs authorization.
-// TODO: when https://github.com/hyperium/http-body/pull/46 is merged we can use
-// `tower_http::auth::RequireAuthorization` instead
-struct RequireAuth;
-
-#[async_trait]
-impl<B> extract::FromRequest<B> for RequireAuth
-where
-    B: Send,
-{
-    type Rejection = StatusCode;
-
-    async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> {
-        let auth_header = req
-            .headers()
-            .and_then(|headers| headers.get(http::header::AUTHORIZATION))
-            .and_then(|value| value.to_str().ok());
-
-        if let Some(value) = auth_header {
-            if let Some(token) = value.strip_prefix("Bearer ") {
-                if token == "secret-token" {
-                    return Ok(Self);
-                }
-            }
-        }
-
-        Err(StatusCode::UNAUTHORIZED)
-    }
-}
-
 fn handle_error(error: BoxError) -> Result<impl IntoResponse, Infallible> {
    if error.is::<tower::timeout::error::Elapsed>() {
        return Ok((StatusCode::REQUEST_TIMEOUT, Cow::from("request timed out")));