add auth to all routes

src/routes/create_or_edit_get.rs

@@ -1,11 +1,14 @@
 use actix_web::{error, web, Error, HttpRequest, HttpResponse};
 use tera::{Context};
-
+use actix_session::{Session};
 use crate::prelude::*;
 
 use crate::TERA;
+use super::add_auth_context;
+
 
 pub async fn create_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     _req: HttpRequest,
     data: web::Data<T>,
     _body: web::Payload,
@@ -14,10 +17,11 @@ pub async fn create_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
     let db = &data.get_db();
     let model = ActixAdminModel::create_empty();
     
-    create_or_edit_get::<T, E>(&data, db, model).await
+    create_or_edit_get::<T, E>(session, &data, db, model).await
 }
 
 pub async fn edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     _req: HttpRequest,
     data: web::Data<T>,
     _text: String,
@@ -26,10 +30,10 @@ pub async fn edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
     let db = &data.get_db();
     let model = E::get_entity(db, id.into_inner()).await;
 
-    create_or_edit_get::<T, E>(&data, db, model).await
+    create_or_edit_get::<T, E>(session, &data, db, model).await
 }
 
-async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error>{
+async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(session: Session, data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error>{
     let entity_name = E::get_entity_name();
     let entity_names = &data.get_actix_admin().entity_names;
 
@@ -44,6 +48,9 @@ async fn create_or_edit_get<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTra
     ctx.insert("list_link", &E::get_list_link(&entity_name));
     ctx.insert("model", &model);
 
+    add_auth_context(session, actix_admin, &mut ctx);
+
+
     let body = TERA
         .render("create_or_edit.html", &ctx)
         .map_err(|err| error::ErrorInternalServerError(err))?;

src/routes/create_or_edit_post.rs

@@ -1,12 +1,14 @@
 use actix_web::http::header;
 use actix_web::{web, error, Error, HttpRequest, HttpResponse};
 use tera::{Context};
+use actix_session::{Session};
 use crate::TERA;
 use actix_multipart::Multipart;
 
 use crate::prelude::*;
 
 pub async fn create_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     _req: HttpRequest,
     data: web::Data<T>,
     payload: Multipart,
@@ -15,10 +17,11 @@ pub async fn create_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>
     let mut model = ActixAdminModel::create_from_payload(payload).await.unwrap();
     model = E::create_entity(db, model).await;
 
-    create_or_edit_post::<T, E>(&data, db, model).await
+    create_or_edit_post::<T, E>(session, &data, db, model).await
 }
 
 pub async fn edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     _req: HttpRequest,
     data: web::Data<T>,
     payload: Multipart,
@@ -28,15 +31,17 @@ pub async fn edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
     let mut model = ActixAdminModel::create_from_payload(payload).await.unwrap();
     model = E::edit_entity(db, id.into_inner(), model).await;
 
-    create_or_edit_post::<T, E>(&data, db, model).await
+    create_or_edit_post::<T, E>(session, &data, db, model).await
 }
 
-async fn create_or_edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error> {
+async fn create_or_edit_post<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(_session: Session, data: &web::Data<T>, db: &sea_orm::DatabaseConnection, model: ActixAdminModel) -> Result<HttpResponse, Error> {
     let entity_name = E::get_entity_name();
     let entity_names = &data.get_actix_admin().entity_names;
     let actix_admin = data.get_actix_admin();
     let view_model = actix_admin.view_models.get(&entity_name).unwrap();
 
+    // TODO: verify is user is logged in and can delete entity
+
     if model.has_errors() {
         let mut ctx = Context::new();
         ctx.insert("entity_names", &entity_names);

src/routes/delete.rs

@@ -1,6 +1,6 @@
 use actix_web::{web, Error, HttpRequest, HttpResponse};
 use actix_web::http::header;
-
+use actix_session::{Session};
 use crate::prelude::*;
 
 pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
@@ -18,6 +18,7 @@ pub async fn delete<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
 }
 
 pub async fn delete_many<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     _req: HttpRequest,
     data: web::Data<T>,
     text: String,
@@ -30,6 +31,8 @@ pub async fn delete_many<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>
         .map(|id_str| id_str.replace("ids=", "").parse::<i32>().unwrap()
     ).collect();
     
+    // TODO: verify is user is logged in and can delete entity
+
     // TODO: implement delete_many
     for id in entity_ids {
         let _result = E::delete_entity(db, id).await;

src/routes/helpers.rs

@@ -0,0 +1,15 @@
+use actix_session::{Session};
+use tera::{Context};
+
+use crate::prelude::*;
+
+pub fn add_auth_context(session: Session, actix_admin: &ActixAdmin, ctx: &mut Context) {
+    let enable_auth = &actix_admin.configuration.enable_auth;
+    ctx.insert("enable_auth", &enable_auth);
+    if *enable_auth {
+        let func = &actix_admin.configuration.user_is_logged_in.unwrap();
+        ctx.insert("user_is_logged_in", &func(session));
+        ctx.insert("login_link", &actix_admin.configuration.login_link);
+        ctx.insert("logout_link", &actix_admin.configuration.logout_link);
+    }
+}

src/routes/index.rs

@@ -6,6 +6,8 @@ use crate::prelude::*;
 
 use crate::TERA;
 
+use super::add_auth_context;
+
 pub async fn index<T: ActixAdminAppDataTrait>(session: Session, data: web::Data<T>) -> Result<HttpResponse, Error> {
     let entity_names = &data.get_actix_admin().entity_names;
     let actix_admin = data.get_actix_admin();
@@ -13,15 +15,7 @@ pub async fn index<T: ActixAdminAppDataTrait>(session: Session, data: web::Data<
     let mut ctx = Context::new();
     ctx.insert("entity_names", &entity_names);
 
-    let enable_auth = &actix_admin.configuration.enable_auth;
+    add_auth_context(session, actix_admin, &mut ctx);
-    ctx.insert("enable_auth", &enable_auth);
-    if *enable_auth {
-        println!("auth enabled");
-        let func = &actix_admin.configuration.user_is_logged_in.unwrap();
-        ctx.insert("user_is_logged_in", &func(session));
-        ctx.insert("login_link", &actix_admin.configuration.login_link);
-        ctx.insert("logout_link", &actix_admin.configuration.logout_link);
-    }
 
     let body = TERA
         .render("index.html", &ctx)

src/routes/list.rs

@@ -8,6 +8,8 @@ use crate::ActixAdminViewModelTrait;
 use crate::ActixAdminViewModel;
 use crate::ActixAdminModel;
 use crate::TERA;
+use actix_session::{Session};
+use super::add_auth_context;
 
 const DEFAULT_ENTITIES_PER_PAGE: usize = 10;
 
@@ -20,6 +22,7 @@ pub struct Params {
 }
 
 pub async fn list<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
+    session: Session,
     req: HttpRequest,
     data: web::Data<T>,
 ) -> Result<HttpResponse, Error> {
@@ -53,6 +56,7 @@ pub async fn list<T: ActixAdminAppDataTrait, E: ActixAdminViewModelTrait>(
     ctx.insert("num_pages", &num_pages);
     ctx.insert("view_model", &view_model);
     ctx.insert("search", &search);
+    add_auth_context(session, actix_admin, &mut ctx);
 
     let body = TERA
         .render("list.html", &ctx)

src/routes/mod.rs

@@ -12,3 +12,6 @@ pub use list::list;
 
 mod delete;
 pub use delete::{ delete, delete_many };
+
+mod helpers;
+pub use helpers::{ add_auth_context };