feat: add access control to channels with various modes

- Introduced AccessMode enum to define channel access levels: Public, PasswordProtected, AccountRequired, and OwnerOnly. - Updated Channel and ProgrammingBlock entities to include access_mode and access_password_hash fields. - Enhanced create and update channel functionality to handle access mode and password. - Implemented access checks in channel routes based on the defined access modes. - Modified frontend components to support channel creation and editing with access control options. - Added ChannelPasswordModal for handling password input when accessing restricted channels. - Updated API calls to include channel and block passwords as needed. - Created database migrations to add access_mode and access_password_hash columns to channels table.
2026-03-14 01:45:10 +01:00
parent 924e162563
commit 81df6eb8ff
25 changed files with 635 additions and 53 deletions
--- a/k-tv-backend/api/src/extractors.rs
+++ b/k-tv-backend/api/src/extractors.rs
@@ -38,6 +38,29 @@ impl FromRequestParts<AppState> for CurrentUser {
    }
 }

+/// Optional current user — returns None instead of error when auth is missing/invalid.
+pub struct OptionalCurrentUser(pub Option<User>);
+
+impl FromRequestParts<AppState> for OptionalCurrentUser {
+    type Rejection = ApiError;
+
+    async fn from_request_parts(
+        parts: &mut Parts,
+        state: &AppState,
+    ) -> Result<Self, Self::Rejection> {
+        #[cfg(feature = "auth-jwt")]
+        {
+            return Ok(OptionalCurrentUser(try_jwt_auth(parts, state).await.ok()));
+        }
+
+        #[cfg(not(feature = "auth-jwt"))]
+        {
+            let _ = (parts, state);
+            Ok(OptionalCurrentUser(None))
+        }
+    }
+}
+
 /// Authenticate using JWT Bearer token
 #[cfg(feature = "auth-jwt")]
 async fn try_jwt_auth(parts: &mut Parts, state: &AppState) -> Result<User, ApiError> {