Add authorization on users

1 files changed, 10 insertions, 4 deletions

diff --git a/server/src/routes/user.rs b/server/src/routes/user.rs
index 4103ccb..3ca0e7b 100644
--- a/server/src/routes/user.rs
+++ b/server/src/routes/user.rs
@@ -1,5 +1,8 @@
 use crate::errors::AppError;
-use crate::models::user::{User, UserCreate, UserList};
+use crate::models::{
+    auth::Claims,
+    user::{User, UserCreate, UserList},
+};
 use axum::{extract::Path, routing::get, Json, Router};
 
 pub fn create_route() -> Router {
@@ -8,20 +11,23 @@ pub fn create_route() -> Router {
         .route("/:id", get(get_user))
 }
 
-async fn list_users() -> Result<Json<Vec<UserList>>, AppError> {
+async fn list_users(_: Claims) -> Result<Json<Vec<UserList>>, AppError> {
     let users = User::list().await?;
 
     Ok(Json(users))
 }
 
-async fn create_user(Json(payload): Json<UserCreate>) -> Result<Json<UserList>, AppError> {
+async fn create_user(
+    Json(payload): Json<UserCreate>,
+    _: Claims,
+) -> Result<Json<UserList>, AppError> {
     let user = User::new(payload.email, payload.password);
     let user_new = User::create(user).await?;
 
     Ok(Json(user_new))
 }
 
-async fn get_user(Path(user_id): Path<i32>) -> Result<Json<UserList>, AppError> {
+async fn get_user(Path(user_id): Path<i32>, _: Claims) -> Result<Json<UserList>, AppError> {
     match User::find_by_id(user_id).await {
         Ok(user) => Ok(Json(user)),
         Err(_) => Err(AppError::NotFound),