Merge remote-tracking branch 'upstream/master' into api-token-auth-he…

…ader
rust-lang · bors · Oct 5, 2019 · Jan 20, 2019 · Oct 4, 2019 · Oct 4, 2019
commit dec4383f4241e33de58ed0b9b612a14c46c7267f
diff --git a/src/middleware/current_user.rs b/src/middleware/current_user.rs
@@ -42,16 +42,21 @@ impl Middleware for CurrentUser {
         } else {
             // Otherwise, look for an `Authorization` header on the request
             // and try to find a user in the database with a matching API token
-            let user_auth = req.headers().find("Authorization").and_then(|headers| {
+            let user_auth = if let Some(headers) = req.headers().find("Authorization") {
                 let auth_header = headers[0].to_string();
 
                 User::find_by_api_token(&conn, &auth_header)
-                    .ok()
                     .map(|user| (AuthenticationSource::ApiToken { auth_header }, user))
-            });
+                    .optional()
+                    .map_err(|e| return Box::new(e) as Box<dyn Error + Send>)?
+            } else {
+                None
+            };
+
+            drop(conn);
 
             if let Some((api_token, user)) = user_auth {
-                // Attach the `User` model from the database to the request
+                // Attach the `User` model from the database and the API token to the request
                 req.mut_extensions().insert(user);
                 req.mut_extensions().insert(api_token);
             }