2 files changed, 67 insertions, 0 deletions

diff --git a/crates/auth-service/src/server/grpc/auth.rs b/crates/auth-service/src/server/grpc/auth.rs
new file mode 100644
index 0000000..fb00291
--- /dev/null
+++ b/crates/auth-service/src/server/grpc/auth.rs
@@ -0,0 +1,50 @@
+use std::str::FromStr;
+
+use jsonwebtoken::DecodingKey;
+use sellershut_core::auth::{ValidationRequest, ValidationResponse, auth_server::Auth};
+use tonic::{Request, Response, Status, async_trait};
+use tower_sessions::{SessionStore, session::Id};
+use tracing::warn;
+
+use crate::{auth::Claims, state::AppHandle};
+
+#[async_trait]
+impl Auth for AppHandle {
+    async fn validate_auth_token(
+        &self,
+        request: Request<ValidationRequest>,
+    ) -> Result<Response<ValidationResponse>, Status> {
+        let token = request.into_inner().token;
+
+        let token = jsonwebtoken::decode::<Claims>(
+            &token,
+            &DecodingKey::from_secret(self.local_config.oauth.jwt_encoding_key.as_bytes()),
+            &jsonwebtoken::Validation::default(),
+        );
+
+        match token {
+            Ok(value) => {
+                let session_id = value.claims.sid;
+                let store = &self.session_store;
+                match Id::from_str(&session_id) {
+                    Ok(ref id) => {
+                        if let Ok(Some(_)) = store.load(id).await {
+                            return Ok(Response::new(ValidationResponse { valid: true }));
+                        } else {
+                            return Ok(Response::new(Default::default()));
+                        }
+                    }
+                    Err(e) => {
+                        warn!("{e}");
+
+                        return Ok(Response::new(Default::default()));
+                    }
+                }
+            }
+            Err(e) => {
+                warn!("{e}");
+                Ok(Response::new(ValidationResponse::default()))
+            }
+        }
+    }
+}
diff --git a/crates/auth-service/src/server/grpc/interceptor.rs b/crates/auth-service/src/server/grpc/interceptor.rs
new file mode 100644
index 0000000..155a306
--- /dev/null
+++ b/crates/auth-service/src/server/grpc/interceptor.rs
@@ -0,0 +1,17 @@
+use tonic::{
+    Status,
+    service::{Interceptor, interceptor::InterceptedService},
+    transport::Channel,
+};
+use tracing::Span;
+
+pub type Intercepted = InterceptedService<Channel, MyInterceptor>;
+
+#[derive(Clone, Copy)]
+pub struct MyInterceptor;
+
+impl Interceptor for MyInterceptor {
+    fn call(&mut self, request: tonic::Request<()>) -> Result<tonic::Request<()>, Status> {
+        Ok(request)
+    }
+}