fix: use custom authenticated user extractor

Author: ImShyMike

rustytime/src/handlers/admin/mod.rs

@@ -1,25 +1,21 @@
 use aide::NoApi;
 use axum::extract::Path;
 use axum::{
-    Extension,
     extract::State,
     http::StatusCode,
     response::{IntoResponse, Response},
 };
 
 use crate::models::user::User;
 use crate::state::AppState;
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 
 pub async fn change_user_admin_level(
     State(app_state): State<AppState>,
     Path((user_id, new_level)): Path<(i32, i16)>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<StatusCode, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     if !current_user.is_owner() {
         return Err((StatusCode::FORBIDDEN, "No permission").into_response());

rustytime/src/handlers/data/import.rs

@@ -4,7 +4,7 @@ use axum::extract::State;
 use axum::http::StatusCode;
 use axum::response::IntoResponse;
 use axum::response::Response;
-use axum::{Extension, Json};
+use axum::Json;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
@@ -14,9 +14,9 @@ use tracing::{error, info};
 use crate::db_query;
 use crate::jobs::import::enqueue_import;
 use crate::models::import_job::{ImportJob, ImportJobStatus};
-use crate::models::user::User;
 use crate::state::AppState;
 use crate::utils::session::SessionManager;
+use crate::utils::auth::AuthenticatedUser;
 
 #[derive(Deserialize, JsonSchema)]
 pub struct ImportQuery {
@@ -65,12 +65,8 @@ pub async fn import_heartbeats(
     State(app_state): State<AppState>,
     Query(query): Query<ImportQuery>,
     cookies: NoApi<Cookies>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<ImportStartResponse>, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let Some(session_id) = SessionManager::get_session_from_cookies(&cookies) else {
         return Err((StatusCode::UNAUTHORIZED, "User session is invalid").into_response());
@@ -153,13 +149,8 @@ pub async fn import_heartbeats(
 
 pub async fn import_status(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<ImportStatusResponse>, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
-
     let user_id = current_user.id;
 
     let job = db_query!(

rustytime/src/handlers/data/project_aliases.rs

@@ -1,12 +1,11 @@
 use crate::models::project_alias::{NewProjectAlias, ProjectAlias as ProjectAliasModel};
-use crate::models::user::User;
 use crate::state::AppState;
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 use aide::NoApi;
 use axum::Json;
 use axum::extract::Path;
 use axum::{
-    Extension,
     extract::State,
     http::StatusCode,
     response::{IntoResponse, Response},
@@ -35,13 +34,8 @@ pub struct ProjectAliasesResponse {
 /// Handler for the project aliases
 pub async fn project_aliases(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<ProjectAliasesResponse>, Response> {
-    // get current user
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     // get database connection
     let mut conn = get_db_conn!(app_state);
@@ -78,13 +72,9 @@ pub async fn project_aliases(
 
 pub async fn add_project_alias(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
     Path((id, alias_id)): Path<(i32, i32)>,
 ) -> Result<StatusCode, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let mut conn = get_db_conn!(app_state);
 
@@ -104,13 +94,9 @@ pub async fn add_project_alias(
 
 pub async fn delete_project_alias(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
     Path(id): Path<i32>,
 ) -> Result<StatusCode, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let mut conn = get_db_conn!(app_state);
 

rustytime/src/handlers/data/projects.rs

@@ -1,12 +1,11 @@
 use crate::models::project::Project as ProjectModel;
-use crate::models::user::User;
 use crate::state::AppState;
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 use aide::NoApi;
 use axum::Json;
 use axum::extract::Path;
 use axum::{
-    Extension,
     extract::State,
     http::StatusCode,
     response::{IntoResponse, Response},
@@ -33,13 +32,8 @@ pub struct RepoUrlRequest {
 /// Handler for the projects list
 pub async fn projects_list(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<ProjectsListResponse>, Response> {
-    // get current user
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     // get database connection
     let mut conn = get_db_conn!(app_state);
@@ -61,15 +55,10 @@ pub async fn projects_list(
 
 pub async fn set_project_repo(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
     Path(project_id): Path<i32>,
     repo_url: Json<RepoUrlRequest>,
 ) -> Result<Response, Response> {
-    // get current user
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     // get database connection
     let mut conn = get_db_conn!(app_state);

rustytime/src/handlers/page/admin.rs

@@ -18,6 +18,7 @@ use crate::models::user::{PartialUser, User};
 use crate::state::AppState;
 use crate::utils::cache::CachedAdminStats;
 use crate::utils::session::{ImpersonationContext, SessionManager};
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 
 #[derive(Deserialize, JsonSchema)]
@@ -54,13 +55,8 @@ pub struct AdminDashboardResponse {
 pub async fn admin_dashboard(
     State(app_state): State<AppState>,
     Query(query): Query<AdminQuery>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<AdminDashboardResponse>, Response> {
-    // check if user is an admin
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     if !current_user.is_admin() {
         return Err((StatusCode::FORBIDDEN, "No permission").into_response());
@@ -145,14 +141,10 @@ pub async fn impersonate_user(
     Path(user_id): Path<i64>,
     cookies: NoApi<Cookies>,
     impersonation: NoApi<Option<Extension<ImpersonationContext>>>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(session_user)): NoApi<AuthenticatedUser>,
 ) -> Result<StatusCode, Response> {
     let cookies = cookies.0;
     let impersonation = impersonation.0;
-    let session_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let Some(session_id) = SessionManager::get_session_from_cookies(&cookies) else {
         return Err((StatusCode::UNAUTHORIZED, "Session missing").into_response());

rustytime/src/handlers/page/dashboard.rs

@@ -1,13 +1,12 @@
 use crate::models::heartbeat::{TimeRange, UsageStat};
-use crate::models::user::User;
 use crate::state::AppState;
 use crate::utils::cache::{CachedDashboardStats, DashboardCacheKey};
 use crate::utils::session::SessionManager;
 use crate::utils::time::{TimeFormat, human_readable_duration};
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn, models::heartbeat::Heartbeat};
 use aide::NoApi;
 use axum::{
-    Extension,
     extract::{Query, State},
     http::StatusCode,
     response::{IntoResponse, Json, Response},
@@ -45,33 +44,21 @@ pub struct DashboardResponse {
 pub async fn dashboard(
     State(app_state): State<AppState>,
     cookies: NoApi<Cookies>,
-    user: Option<Extension<User>>,
+    NoApi(AuthenticatedUser(user)): NoApi<AuthenticatedUser>,
     Query(query): Query<DashboardQuery>,
 ) -> Result<Json<DashboardResponse>, Response> {
     let cookies = cookies.0;
-    // check if user is authenticated
-    if user.is_none() {
-        return Err((
-            StatusCode::INTERNAL_SERVER_ERROR,
-            "User should be authenticated since middleware validated authentication",
-        )
-            .into_response());
-    }
-    let user = user.unwrap().0;
 
     // get user's session info
-    let session_id = SessionManager::get_session_from_cookies(&cookies)
-        .expect("Session should exist since middleware validated authentication");
+    let Some(session_id) = SessionManager::get_session_from_cookies(&cookies) else {
+        return Err((StatusCode::UNAUTHORIZED, "Session missing").into_response());
+    };
 
     let Some(session_data) = db_query!(
         SessionManager::validate_session(&app_state.db_pool, session_id).await,
         "Session validation error"
     ) else {
-        return Err((
-            StatusCode::INTERNAL_SERVER_ERROR,
-            "User should be authenticated since middleware validated authentication",
-        )
-            .into_response());
+        return Err((StatusCode::UNAUTHORIZED, "Session invalid").into_response());
     };
 
     let user_timezone = user.timezone.clone();

rustytime/src/handlers/page/imports.rs

@@ -2,7 +2,7 @@ use aide::NoApi;
 use axum::Json;
 use axum::extract::Query;
 use axum::{
-    Extension, extract::State, http::StatusCode, response::IntoResponse, response::Response,
+    extract::State, http::StatusCode, response::IntoResponse, response::Response,
 };
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
@@ -11,6 +11,7 @@ use crate::db_query;
 use crate::models::import_job::ImportJob;
 use crate::models::user::User;
 use crate::state::AppState;
+use crate::utils::auth::AuthenticatedUser;
 
 #[derive(Deserialize, JsonSchema)]
 pub struct ImportsQuery {
@@ -52,12 +53,8 @@ pub struct AdminImportsResponse {
 pub async fn admin_imports(
     State(app_state): State<AppState>,
     Query(query): Query<ImportsQuery>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<AdminImportsResponse>, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     if !current_user.is_admin() {
         return Err((StatusCode::FORBIDDEN, "No permission").into_response());

rustytime/src/handlers/page/projects.rs

@@ -1,12 +1,11 @@
 use crate::models::project::Project as ProjectModel;
-use crate::models::user::User;
 use crate::state::AppState;
 use crate::utils::time::{TimeFormat, human_readable_duration};
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 use aide::NoApi;
 use axum::Json;
 use axum::{
-    Extension,
     extract::State,
     http::StatusCode,
     response::{IntoResponse, Response},
@@ -34,13 +33,8 @@ pub struct ProjectsDashboardResponse {
 /// Handler for the projects dashboard page
 pub async fn projects_dashboard(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<ProjectsDashboardResponse>, Response> {
-    // get current user
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     // get database connection
     let mut conn = get_db_conn!(app_state);

rustytime/src/handlers/page/settings.rs

@@ -3,13 +3,13 @@ use std::env;
 use crate::models::user::User;
 use crate::state::AppState;
 use crate::utils::session::SessionManager;
+use crate::utils::auth::AuthenticatedUser;
 use crate::{db_query, get_db_conn};
 use aide::NoApi;
 use axum::Json;
 use axum::extract::State;
 use axum::response::Redirect;
 use axum::{
-    Extension,
     http::StatusCode,
     response::{IntoResponse, Response},
 };
@@ -42,14 +42,9 @@ pub struct UpdateSettingsResponse {
 pub async fn settings_page(
     State(app_state): State<AppState>,
     cookies: NoApi<Cookies>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
 ) -> Result<Json<SettingsResponse>, Response> {
     let cookies = cookies.0;
-    // get current user
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let frontend_url =
         env::var("FRONTEND_URL").unwrap_or_else(|_| "http://localhost:5173".to_string());
@@ -87,13 +82,9 @@ pub async fn settings_page(
 /// Handler for updating user settings
 pub async fn update_settings(
     State(app_state): State<AppState>,
-    user: NoApi<Option<Extension<User>>>,
+    NoApi(AuthenticatedUser(current_user)): NoApi<AuthenticatedUser>,
     Json(request): Json<UpdateSettingsRequest>,
 ) -> Result<Json<UpdateSettingsResponse>, Response> {
-    let current_user = user
-        .0
-        .expect("User should be authenticated since middleware validated authentication")
-        .0;
 
     let mut conn = get_db_conn!(app_state);