diff --git a/src/middleware/auth.rs b/src/middleware/auth.rs new file mode 100644 index 0000000..2ce07ad --- /dev/null +++ b/src/middleware/auth.rs @@ -0,0 +1,25 @@ +use axum::{ + extract::Request, + http::{header, StatusCode}, + middleware::Next, + response::Response, +}; + +pub async fn require_auth(request: Request, next: Next) -> Result { + let token = request + .headers() + .get(header::AUTHORIZATION) + .and_then(|v| v.to_str().ok()) + .and_then(|v| v.strip_prefix("Bearer ")); + + match token { + Some(t) => { + if crate::auth::jwt::verify(t).is_ok() { + Ok(next.run(request).await) + } else { + Err(StatusCode::UNAUTHORIZED) + } + } + None => Err(StatusCode::UNAUTHORIZED), + } +}