feat: authorised path

1 files changed, 26 insertions, 3 deletions

diff --git a/src/server/driver/auth.rs b/src/server/driver/auth.rs
index 28e9285..958698b 100644
--- a/src/server/driver/auth.rs
+++ b/src/server/driver/auth.rs
@@ -4,9 +4,10 @@ use async_trait::async_trait;
 use bon::Builder;
 use oauth2::{AuthUrl, ClientId, ClientSecret, EndpointNotSet, EndpointSet, RedirectUrl, TokenUrl};
 use secrecy::{ExposeSecret, SecretString};
+use time::OffsetDateTime;
 use tracing::{instrument, trace};
 
-use crate::server::driver::Services;
+use crate::server::{driver::Services, entity};
 
 pub(super) static COOKIE_NAME: &str = "SESSION";
 pub(super) static CSRF_TOKEN: &str = "csrf_token";
@@ -48,9 +49,31 @@ impl SessionStore for Services {
     #[instrument(skip(self))]
     async fn load_session(&self, cookie_value: String) -> Result<Option<Session>> {
         let id = Session::id_from_cookie_value(&cookie_value)?;
-        let mut connection = self.database.acquire().await?;
 
-        todo!()
+        let result = sqlx::query_as!(
+            entity::auth::Session,
+            "select
+                *
+            from
+                session
+            where
+                    id = $1
+                and
+                    (
+                        expires
+                            is null
+                        or
+                            expires > $2
+                    )
+            ",
+            id,
+            OffsetDateTime::now_utc()
+        )
+        .fetch_optional(&self.database)
+        .await?
+        .map(|value| serde_json::from_str(&value.session));
+
+        Ok(result.transpose()?)
     }
 
     #[instrument(skip(self, session), fields(id = session.id()))]