jackmechem/server-dash-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Authentication how handled as seperate router

Browse source
This commit is contained in:
Jack Mechem 2026-03-28 16:02:14 -07:00
parent 0cf00faf78
commit e47ad30a10
4 changed files with 24 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/auth.rs
View file

@ -1,4 +1,8 @@
use axum::{http::HeaderMap, http::StatusCode, response::IntoResponse, response::Json};
use axum::body::Body;
use axum::{
http::HeaderMap, http::Request, http::StatusCode, middleware::Next, response::IntoResponse,
response::Json, response::Response,
};
use base64::{Engine, engine::general_purpose};
use jsonwebtoken::{DecodingKey, EncodingKey, Header, Validation, decode, encode};
use pam::Client;
@ -114,6 +118,14 @@ pub fn verify_system_credentials(username: &str, password: &str) -> bool {
client.authenticate().is_ok()
}
pub async fn require_auth(headers: HeaderMap, request: Request<Body>, next: Next) -> Response {
if verify_token(&headers) {
next.run(request).await
} else {
(StatusCode::UNAUTHORIZED, "Unauthorized").into_response()
}
}
// POST /auth/login
pub async fn post_login(headers: HeaderMap) -> impl IntoResponse {
let (username, password) = match decode_basic_auth(&headers) {