AuthenticatedUser: Inline UserAuthenticationExt trait and implementation

Turbo87 · Turbo87 · commit 79e30af3465f · 2022-11-24T17:34:05.000+01:00
diff --git a/src/auth.rs b/src/auth.rs
@@ -27,7 +27,25 @@ impl AuthCheck {
     }
 
     pub fn check(&self, request: &dyn RequestExt) -> AppResult<AuthenticatedUser> {
-        let auth = request.authenticate()?;
+        controllers::util::verify_origin(request)?;
+
+        let auth = authenticate_user(request)?;
+
+        if let Some(reason) = &auth.user.account_lock_reason {
+            let still_locked = if let Some(until) = auth.user.account_lock_until {
+                until > Utc::now().naive_utc()
+            } else {
+                true
+            };
+            if still_locked {
+                return Err(account_locked(reason, auth.user.account_lock_until));
+            }
+        }
+
+        log_request::add_custom_metadata("uid", auth.user_id());
+        if let Some(id) = auth.api_token_id() {
+            log_request::add_custom_metadata("tokenid", id);
+        }
 
         if !self.allow_token && auth.token_id.is_some() {
             let error_message = "API Token authentication was explicitly disallowed for this API";
@@ -101,37 +119,3 @@ fn authenticate_user(req: &dyn RequestExt) -> AppResult<AuthenticatedUser> {
     // Unable to authenticate the user
     return Err(internal("no cookie session or auth header found").chain(forbidden()));
 }
-
-pub trait UserAuthenticationExt {
-    fn authenticate(&self) -> AppResult<AuthenticatedUser>;
-}
-
-impl<'a> UserAuthenticationExt for dyn RequestExt + 'a {
-    /// Obtain `AuthenticatedUser` for the request or return an `Forbidden` error
-    fn authenticate(&self) -> AppResult<AuthenticatedUser> {
-        controllers::util::verify_origin(self)?;
-
-        let authenticated_user = authenticate_user(self)?;
-
-        if let Some(reason) = &authenticated_user.user.account_lock_reason {
-            let still_locked = if let Some(until) = authenticated_user.user.account_lock_until {
-                until > Utc::now().naive_utc()
-            } else {
-                true
-            };
-            if still_locked {
-                return Err(account_locked(
-                    reason,
-                    authenticated_user.user.account_lock_until,
-                ));
-            }
-        }
-
-        log_request::add_custom_metadata("uid", authenticated_user.user_id());
-        if let Some(id) = authenticated_user.api_token_id() {
-            log_request::add_custom_metadata("tokenid", id);
-        }
-
-        Ok(authenticated_user)
-    }
-}
diff --git a/src/controllers.rs b/src/controllers.rs
@@ -15,7 +15,6 @@ mod prelude {
     pub use conduit::{header, RequestExt, StatusCode};
     pub use conduit_router::RequestParams;
 
-    pub use crate::auth::UserAuthenticationExt;
     pub use crate::db::RequestTransaction;
     pub use crate::middleware::app::RequestApp;
     pub use crate::util::errors::{cargo_err, AppError, AppResult}; // TODO: Remove cargo_err from here
