hobokenchicken/GopherGate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: unify authentication state and improve middleware efficiency

Browse Source 
- Introduce AuthInfo struct for shared auth state.
- Populate AuthInfo in rate_limit_middleware and store in request extensions.
- Update AuthenticatedClient extractor to use pre-resolved AuthInfo.
- Simplify chat_completions by removing redundant DB lookups.
This commit is contained in:
Dustin Newkirk
2026-03-05 18:44:41 +00:00
parent 7411d3dbed
commit fc5d3ed636
3 changed files with 57 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
src/server/mod.rs
View File

@@ -122,32 +122,16 @@ async fn chat_completions(
auth: AuthenticatedClient,
Json(mut request): Json<ChatCompletionRequest>,
) -> Result<axum::response::Response, AppError> {
// Resolve client_id: try DB token first, then env tokens, then permissive fallback
let db_client_id: Option<String> = sqlx::query_scalar::<_, String>(
"SELECT client_id FROM client_tokens WHERE token = ? AND is_active = TRUE",
)
.bind(&auth.token)
.fetch_optional(&state.db_pool)
.await
.unwrap_or(None);
let client_id = auth.client_id.clone();
let token = auth.token.clone();
let client_id = if let Some(cid) = db_client_id {
// Update last_used_at in background (fire-and-forget)
let pool = state.db_pool.clone();
let token = auth.token.clone();
tokio::spawn(async move {
let _ = sqlx::query("UPDATE client_tokens SET last_used_at = CURRENT_TIMESTAMP WHERE token = ?")
.bind(&token)
.execute(&pool)
.await;
});
cid
} else if state.auth_tokens.is_empty() || state.auth_tokens.contains(&auth.token) {
// Env token match or permissive mode (no env tokens configured)
auth.client_id.clone()
} else {
return Err(AppError::AuthError("Invalid authentication token".to_string()));
};
// Verify token if env tokens are configured
if !state.auth_tokens.is_empty() && !state.auth_tokens.contains(&token) {
// If not in env tokens, check if it was a DB token (client_id wouldn't be client_XXXX prefix)
if client_id.starts_with("client_") {
return Err(AppError::AuthError("Invalid authentication token".to_string()));
}
}
let start_time = std::time::Instant::now();
let model = request.model.clone();