26 lines
567 B
Rust
26 lines
567 B
Rust
use axum::{
|
|
extract::{Request, State},
|
|
http::StatusCode,
|
|
middleware::Next,
|
|
response::Response,
|
|
};
|
|
use crate::AppState;
|
|
|
|
/// Axum middleware that checks the `X-Api-Key` header.
|
|
pub async fn require_api_key(
|
|
State(state): State<AppState>,
|
|
req: Request,
|
|
next: Next,
|
|
) -> Result<Response, StatusCode> {
|
|
let key = req
|
|
.headers()
|
|
.get("X-Api-Key")
|
|
.and_then(|v| v.to_str().ok())
|
|
.unwrap_or("");
|
|
|
|
if key != state.api_key {
|
|
return Err(StatusCode::UNAUTHORIZED);
|
|
}
|
|
|
|
Ok(next.run(req).await)
|
|
}
|