Initial commit: Full Crawl API implementation

2026-04-29 07:03:48 +00:00
commit 62994d4f3d
92 changed files with 6176 additions and 0 deletions
--- a/crates/api/src/middleware/auth.rs
+++ b/crates/api/src/middleware/auth.rs
@@ -0,0 +1,52 @@
+use axum::{
+    extract::{Request, State},
+    http::StatusCode,
+    middleware::Next,
+    response::Response,
+};
+use db::repos::api_keys;
+use shared::models::User;
+
+use crate::state::AppState;
+
+#[derive(Clone)]
+pub struct ApiKeyAuth {
+    pub user: User,
+    pub api_key_id: uuid::Uuid,
+}
+
+pub async fn api_key_middleware(
+    State(state): State<AppState>,
+    mut req: Request,
+    next: Next,
+) -> Result<Response, StatusCode> {
+    let api_key = req
+        .headers()
+        .get("x-api-key")
+        .and_then(|v| v.to_str().ok())
+        .ok_or(StatusCode::UNAUTHORIZED)?;
+
+    let key_hash = format!("{:x}", md5::compute(api_key));
+
+    let api_key_record = api_keys::find_by_key_hash(&state.db, &key_hash)
+        .await
+        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?
+        .ok_or(StatusCode::UNAUTHORIZED)?;
+
+    let user = db::repos::users::find_by_id(&state.db, api_key_record.user_id)
+        .await
+        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?
+        .ok_or(StatusCode::UNAUTHORIZED)?;
+
+    api_keys::update_last_used(&state.db, api_key_record.id)
+        .await
+        .map_err(|_| StatusCode::INTERNAL_SERVER_ERROR)?;
+
+    let auth = ApiKeyAuth {
+        user,
+        api_key_id: api_key_record.id,
+    };
+
+    req.extensions_mut().insert(auth);
+    Ok(next.run(req).await)
+}