use crate::errors::AppError; use axum::{ async_trait, extract::{FromRequest, RequestParts, TypedHeader}, headers::{authorization::Bearer, Authorization}, }; use chrono::{Duration, Local}; use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation}; use once_cell::sync::Lazy; use serde::{Deserialize, Serialize}; struct Keys { encoding: EncodingKey, decoding: DecodingKey, } #[derive(Serialize, Deserialize)] pub struct Claims { user_id: i32, exp: usize, } #[derive(Serialize)] pub struct AuthBody { access_token: String, token_type: String, } static KEYS: Lazy = Lazy::new(|| { let secret = std::env::var("JWT_SECRET").expect("JWT_SECRET must be set"); Keys::new(secret.as_bytes()) }); impl Keys { fn new(secret: &[u8]) -> Self { Self { encoding: EncodingKey::from_secret(secret), decoding: DecodingKey::from_secret(secret), } } } impl Claims { pub fn new(user_id: i32) -> Self { let expiration = Local::now() + Duration::days(2); Self { user_id, exp: expiration.timestamp() as usize, } } pub fn get_token(&self) -> Result { let token = encode(&Header::default(), &self, &KEYS.encoding) .map_err(|_| AppError::TokenCreation)?; Ok(token) } } impl AuthBody { pub fn new(access_token: String) -> Self { Self { access_token, token_type: "Bearer".to_string(), } } } #[async_trait] impl FromRequest for Claims where B: Send, { type Rejection = AppError; async fn from_request(req: &mut RequestParts) -> Result { // Extract the token from the authorization header let TypedHeader(Authorization(bearer)) = TypedHeader::>::from_request(req) .await .map_err(|_| AppError::InvalidToken)?; // Decode the user data let token_data = decode::(bearer.token(), &KEYS.decoding, &Validation::default()) .map_err(|_| AppError::InvalidToken)?; Ok(token_data.claims) } }