feat: フロントエンドから降ってきたトークンを使って認証する部分の実装

GiganticMinecraft · Oct 8, 2023 · 589451f · 589451f
1 parent dca4adc
commit 589451f
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 4 deletions.
diff --git a/server/Cargo.lock b/server/Cargo.lock
diff --git a/server/domain/src/user/models.rs b/server/domain/src/user/models.rs
@@ -4,5 +4,5 @@ use uuid::Uuid;
 #[derive(Serialize, Deserialize, Debug, PartialEq)]
 pub struct User {
     pub name: String,
-    pub uuid: Uuid,
+    pub id: Uuid,
 }
diff --git a/server/presentation/Cargo.toml b/server/presentation/Cargo.toml
@@ -9,7 +9,9 @@ common = { path = "../common" }
 domain = { path = "../domain" }
 errors = { path = "../errors" }
 resource = { path = "../infra/resource" }
+serde = { workspace = true }
 serde_json = { workspace = true }
 tracing = { workspace = true }
 usecase = { path = "../usecase" }
 uuid = { workspace = true }
+reqwest = { workspace = true }
diff --git a/server/presentation/src/auth.rs b/server/presentation/src/auth.rs
@@ -1,3 +1,4 @@
+use axum::http::HeaderValue;
 use axum::{
     extract::TypedHeader,
     headers::authorization::{Authorization, Bearer},
@@ -7,23 +8,47 @@ use axum::{
 };
 use common::config::ENV;
 use domain::user::models::User;
+use reqwest::header::{ACCEPT, CONTENT_TYPE};
 use uuid::uuid;
 
 pub async fn auth<B>(
     TypedHeader(auth): TypedHeader<Authorization<Bearer>>,
     mut request: Request<B>,
     next: Next<B>,
 ) -> Result<Response, StatusCode> {
-    //todo: フロントエンド側から何が返ってくるかがわかったらユーザー認証を実装する
-    if ENV.name == "local" && auth.token() == "debug_user" {
+    let token = auth.token();
+
+    if ENV.name == "local" && token == "debug_user" {
         let user = User {
             name: "test_user".to_string(),
-            uuid: uuid!("478911be-3356-46c1-936e-fb14b71bf282"),
+            id: uuid!("478911be-3356-46c1-936e-fb14b71bf282"),
         };
         request.extensions_mut().insert(user);
         let response = next.run(request).await;
         Ok(response)
     } else {
+        let client = reqwest::Client::new();
+
+        let response = client
+            .get("https://api.minecraftservices.com/minecraft/profile")
+            .bearer_auth(token)
+            .header(CONTENT_TYPE, HeaderValue::from_static("application/json"))
+            .header(ACCEPT, HeaderValue::from_static("application/json"))
+            .send()
+            .await
+            .map_err(|_| StatusCode::UNAUTHORIZED)?;
+
+        println!(
+            "{:?}",
+            serde_json::from_str::<User>(
+                response
+                    .text()
+                    .await
+                    .map_err(|_| StatusCode::UNAUTHORIZED)?
+                    .as_str()
+            )
+        );
+
         Err(StatusCode::UNAUTHORIZED)
     }
 }