search

DDtKey / protect-endpoints

Authorization extension for popular web-frameworks to protect your endpoints
Apache License 2.0
214 stars 16 forks source link

Override the Access Forbidden Error #95

Closed EvilWatermelon closed 6 months ago

EvilWatermelon commented 6 months ago

I want to use a custom error message of the 403 error message if my JWT contains the wrong permissions with:

impl HttpError {
    pub fn new(
        cause: Option<String>,
        message: Option<String>,
        status_code: String,
        error_type: ErrorResponse
    ) -> Self {
        Self {
            cause,
            message,
            status_code,
            error_type
        }
    }

    pub fn forbidden(error: impl ToString) -> Self {
        Self::new(
            Some(error.to_string()),
            SystemTime::now(),
            "403".to_string(),
            ErrorResponse::Forbidden
        )
    }
}

Where can I do this? Do I have to do this with the middleware?

I only get these errors

128 | #[protect(any("STUDENT", "TEACHER", "ADMIN"), error = "HttpError::forbidden")]
129 | pub async fn get_images() -> impl Responder {
    |              ^^^^^^^^^^ the trait `Handler<_>` is not implemented for `get_images`
error[E0308]: mismatched types
   --> src/api/privacy_api.rs:132:1
    |
132 | #[protect(any("STUDENT", "TEACHER", "ADMIN"), error = "access_denied")]
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    | |
    | expected `HttpResponse`, found `HttpError`
    | arguments to this enum variant are incorrect
    |
    = note: expected struct `HttpResponse`
               found struct `http_error::HttpError`
EvilWatermelon commented 6 months ago

I overwrited ResponseError with HttpError and called error_response() which is HttpResponse<BoxBody>