Is it possible to attach a Rocket request guard onto all routes?

Question

I'm trying to block all access using Basic HTTP Authentication, but wish to avoid accidentally forgetting any routes.

I thought that perhaps it could be implemented through a Fairing, but I cannot see how that would work given that "Fairings cannot respond to an incoming request directly."

I saw that I can get an Outcome from a request guard, but I do not see how it could be used.

#[rocket::async_trait]
impl Fairing for TheFairing {
    fn info(&self) -> Info {
        Info {
            name: "TheFairing",
            kind: Kind::Request | Kind::Response,
        }
    }

    async fn on_request(&self, request: &mut Request<'_>, _: &mut Data<'_>) {
        let outcome = request.guard::<BasicAuthentication>().await;
    }
}

I also know that it's possible to block data by modifying the response in on_response with something like response.set_status(Status::Unauthorized) but this still generates a response, requires erasing its content and more generally, seems like it would cause unintended consequences.

I am using v0.5-rc.

What I did once for a similar issue is to write a _fairing_ that checks the precondition, and if that fails, it rewrites the URL with `req.set_uri('/url/to/failure');`. I don't know if it is a best practice, but it seems to work. — rodrigo, Nov 29 '21 at 17:45

Is it possible to attach a Rocket request guard onto all routes?

0 Answers0