|
use crate::app::{constant::AUTHORIZATION_BEARER_PREFIX, lazy::AUTH_TOKEN}; |
|
use axum::{ |
|
body::Body, |
|
http::{header::AUTHORIZATION, Request, StatusCode}, |
|
middleware::Next, |
|
response::Response, |
|
}; |
|
|
|
|
|
pub async fn auth_middleware(request: Request<Body>, next: Next) -> Result<Response, StatusCode> { |
|
let auth_header = request |
|
.headers() |
|
.get(AUTHORIZATION) |
|
.and_then(|h| h.to_str().ok()) |
|
.and_then(|h| h.strip_prefix(AUTHORIZATION_BEARER_PREFIX)) |
|
.ok_or(StatusCode::UNAUTHORIZED)?; |
|
|
|
if auth_header != AUTH_TOKEN.as_str() { |
|
return Err(StatusCode::UNAUTHORIZED); |
|
} |
|
|
|
Ok(next.run(request).await) |
|
} |
|
|
