added clerk auth middleware

suhaybu · Dec 3, 2024 · 89d1b6a · 89d1b6a
1 parent f678e3a
commit 89d1b6a
Show file tree

Hide file tree

Showing 6 changed files with 27 additions and 2 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,6 +11,8 @@ aws-config = "1.5"
 lambda_http = "0.13"
 lambda_runtime = "0.13"
 
+clerk-rs = { version = "0.4", features = ["axum"] }
+
 tokio = { version = "1", features = ["macros"] }
 tracing = { version = "0.1", features = ["log"] }
 tracing-subscriber = { version = "0.3", default-features = false, features = [

diff --git a/src/common/Cargo.toml b/src/common/Cargo.toml
@@ -12,3 +12,4 @@ tracing.workspace = true
 chrono.workspace = true
 sqlx.workspace = true
 thiserror.workspace = true
+clerk-rs.workspace = true
diff --git a/src/common/src/services/clerk.rs b/src/common/src/services/clerk.rs
@@ -0,0 +1,11 @@
+use crate::error::{Error, Result};
+use clerk_rs::{clerk::Clerk, ClerkConfiguration};
+
+pub fn init_clerk() -> Result<Clerk> {
+    let secret_key = std::env::var("CLERK_SECRET_KEY")
+        .map_err(|_| Error::validation("CLERK_SECRET_KEY must be set"))?;
+
+    let config = ClerkConfiguration::new(None, None, Some(secret_key), None);
+
+    Ok(Clerk::new(config))
+}
diff --git a/src/common/src/services/mod.rs b/src/common/src/services/mod.rs
@@ -1,2 +1,3 @@
+pub mod clerk;
 pub mod cors;
 pub mod mw_auth;
diff --git a/src/usertasks-lambda/Cargo.toml b/src/usertasks-lambda/Cargo.toml
@@ -15,3 +15,4 @@ chrono.workspace = true
 validator.workspace = true
 uuid.workspace = true
 sqlx.workspace = true
+clerk-rs.workspace = true
diff --git a/src/usertasks-lambda/src/main.rs b/src/usertasks-lambda/src/main.rs
@@ -3,10 +3,12 @@ use axum::{
     routing::{delete, get, patch, post},
     Router,
 };
+use clerk_rs::validators::{axum::ClerkLayer, jwks::MemoryCacheJwksProvider};
 use lambda_http::{run, Error};
 use std::env::set_var;
+use tracing_subscriber::fmt::layer;
 
-use common::services::{cors::cors_middleware, mw_auth::auth};
+use common::services::{self, cors::cors_middleware, mw_auth::auth};
 use handlers::schedule::get_user_schedule;
 use handlers::tasks::{create_task, delete_task, get_all_tasks, get_tasks_batch, update_task};
 
@@ -24,6 +26,8 @@ async fn main() -> Result<(), Error> {
 
     set_var("AWS_LAMBDA_HTTP_IGNORE_STAGE_IN_PATH", "true");
 
+    let clerk_client = services::clerk::init_clerk()?;
+
     let app = Router::new()
         .route("/v1/user/:user_id/schedule", get(get_user_schedule))
         .route("/v1/tasks", get(get_all_tasks))
@@ -32,7 +36,12 @@ async fn main() -> Result<(), Error> {
         .route("/v1/user/:user_id/tasks/:task_id", patch(update_task))
         .route("/v1/user/:user_id/tasks/:task_id", delete(delete_task))
         .layer(middleware::from_fn(cors_middleware))
-        .layer(middleware::from_fn(auth));
+        // .layer(middleware::from_fn(auth))
+        .layer(ClerkLayer::new(
+            MemoryCacheJwksProvider::new(clerk_client),
+            None,
+            true,
+        ));
 
     run(app).await
 }