Hold onto authorization header with ApiToken source

Modify the `AuthenticationSource::ApiToken` variant to hold onto the
authorization header that may be used to fetch the current user.

Author: Josh Leeb-du Toit

src/middleware/current_user.rs

@@ -12,10 +12,10 @@ use crate::schema::users;
 #[derive(Debug, Clone, Copy)]
 pub struct CurrentUser;
 
-#[derive(Debug, Copy, Clone, Eq, PartialEq)]
+#[derive(Debug, Clone, Eq, PartialEq)]
 pub enum AuthenticationSource {
     SessionCookie,
-    ApiToken,
+    ApiToken { auth_header: String },
 }
 
 impl Middleware for CurrentUser {
@@ -41,15 +41,18 @@ impl Middleware for CurrentUser {
         } else {
             // Otherwise, look for an `Authorization` header on the request
             // and try to find a user in the database with a matching API token
-            let user = if let Some(headers) = req.headers().find("Authorization") {
-                User::find_by_api_token(&conn, headers[0]).ok()
-            } else {
-                None
-            };
-            if let Some(user) = user {
+            let user_auth = req.headers().find("Authorization").and_then(|headers| {
+                let auth_header = headers[0].to_string();
+
+                User::find_by_api_token(&conn, &auth_header)
+                    .ok()
+                    .map(|user| (AuthenticationSource::ApiToken { auth_header }, user))
+            });
+
+            if let Some((api_token, user)) = user_auth {
                 // Attach the `User` model from the database to the request
                 req.mut_extensions().insert(user);
-                req.mut_extensions().insert(AuthenticationSource::ApiToken);
+                req.mut_extensions().insert(api_token);
             }
         }