adding with headers, and also checking cookies header

2026-03-12 20:14:23 +01:00
parent 4c4fc8b91c
commit cbf65dfde7
2 changed files with 29 additions and 9 deletions
--- a/src/middleware/jwt.rs
+++ b/src/middleware/jwt.rs
@@ -29,17 +29,23 @@ impl JwtMiddleware {
        &self,
        req: &Request<Incoming>,
    ) -> Result<Claims, Box<dyn std::error::Error + Send + Sync>> {
-        let auth_header = req
-            .headers()
-            .get("Authorization")
-            .and_then(|v| v.to_str().ok())
-            .filter(|h| h.starts_with("Bearer "))
-            .map(|h| &h[7..])
-            .ok_or("No token found")?;
+        let cookie_header = req.headers().get("Cookie").and_then(|v| v.to_str().ok());
+
+        let token = cookie_header
+            .and_then(|c| c.split(';').find(|s| s.trim().starts_with("access_token=")))
+            .map(|s| s.trim().trim_start_matches("access_token="))
+            .or_else(|| {
+                req.headers()
+                    .get("Authorization")
+                    .and_then(|v| v.to_str().ok())
+                    .filter(|h| h.starts_with("Bearer "))
+                    .map(|h| &h[7..])
+            })
+            .ok_or("No token found in Cookies or Authorization header")?;

        let mut validation = Validation::new(Algorithm::RS256);
        validation.set_required_spec_claims(&["exp", "sub"]);
-        let token_data = decode::<Claims>(auth_header, &self.decoding_key, &validation)?;
+        let token_data = decode::<Claims>(token, &self.decoding_key, &validation)?;

        Ok(token_data.claims)
    }
--- a/src/responder.rs
+++ b/src/responder.rs
@@ -1,5 +1,5 @@
 use http::{
-    Response, StatusCode,
+    HeaderName, HeaderValue, Response, StatusCode,
    header::{CONTENT_TYPE, LOCATION},
 };
 use http_body_util::Full;
@@ -60,6 +60,20 @@ impl Responder {
            .unwrap())
    }

+    pub fn with_headers<B: Into<Bytes>>(
+        status: StatusCode,
+        body: B,
+        headers: Vec<(HeaderName, HeaderValue)>,
+    ) -> Result<Response<Full<Bytes>>, Infallible> {
+        let mut builder = Response::builder().status(status);
+
+        for (name, value) in headers {
+            builder = builder.header(name, value);
+        }
+
+        Ok(builder.body(Full::new(body.into())).unwrap())
+    }
+
    pub fn json_with_status<T: Serialize>(
        status: StatusCode,
        value: &T,