AI-Studio/runtime/src/runtime_api_token.rs

use once_cell::sync::Lazy;
use axum::extract::FromRequestParts;
use axum::http::request::Parts;
use axum::http::StatusCode;
use crate::api_token::{generate_api_token, APIToken};

pub static API_TOKEN: Lazy<APIToken> = Lazy::new(generate_api_token);

impl<S> FromRequestParts<S> for APIToken
where
    S: Send + Sync,
{
    type Rejection = StatusCode;

    async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {
        match parts.headers.get("token").and_then(|value| value.to_str().ok()) {
            Some(token) => {
                let received_token = APIToken::from_hex_text(token);
                if API_TOKEN.validate(&received_token) {
                    Ok(received_token)
                } else {
                    Err(StatusCode::UNAUTHORIZED)
                }
            }

            None => Err(StatusCode::UNAUTHORIZED),
        }
    }
}

/// The API token error types.
#[derive(Debug)]
pub enum APITokenError {
    Missing,
    Invalid,
}
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`use once_cell::sync::Lazy;`
Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`use axum::extract::FromRequestParts;`
			`use axum::http::request::Parts;`
			`use axum::http::StatusCode;`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`use crate::api_token::{generate_api_token, APIToken};`

Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`pub static API_TOKEN: Lazy<APIToken> = Lazy::new(generate_api_token);`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00
Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`impl<S> FromRequestParts<S> for APIToken`
			`where`
			`S: Send + Sync,`
			`{`
			`type Rejection = StatusCode;`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00
Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`async fn from_request_parts(parts: &mut Parts, _state: &S) -> Result<Self, Self::Rejection> {`
			`match parts.headers.get("token").and_then(\|value\| value.to_str().ok()) {`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`Some(token) => {`
			`let received_token = APIToken::from_hex_text(token);`
			`if API_TOKEN.validate(&received_token) {`
Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`Ok(received_token)`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`} else {`
Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`Err(StatusCode::UNAUTHORIZED)`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`}`
			`}`

Migrated to axum (#757) 2026-05-12 18:31:08 +00:00			`None => Err(StatusCode::UNAUTHORIZED),`
Add Qdrant as vector database (#580) Co-authored-by: Thorsten Sommer <SommerEngineering@users.noreply.github.com> 2026-02-03 13:32:17 +00:00			`}`
			`}`
			`}`

			`/// The API token error types.`
			`#[derive(Debug)]`
			`pub enum APITokenError {`
			`Missing,`
			`Invalid,`
			`}`