with_state instead of Extension

2023-11-09 17:40:48 -08:00 · 2023-11-09 17:40:48 -08:00 · 429cfe04d0
parent 753cbb1b60
commit 429cfe04d0
14 changed files with 112 additions and 92 deletions
--- a/web3_proxy/src/frontend/admin.rs
+++ b/web3_proxy/src/frontend/admin.rs
@ -10,10 +10,10 @@ use crate::globals::{global_db_conn, global_db_replica_conn};
 use crate::premium::{get_user_and_tier_from_address, grant_premium_tier};
 use crate::user_token::UserBearerToken;
 use axum::{
-    extract::{Path, Query},
+    extract::{Path, Query, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_client_ip::InsecureClientIp;
 use axum_macros::debug_handler;
@ -52,7 +52,7 @@ pub struct AdminIncreaseBalancePost {
 /// - user_role_tier that is supposed to be adapted
 #[debug_handler]
 pub async fn admin_increase_balance(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Json(payload): Json<AdminIncreaseBalancePost>,
 ) -> Web3ProxyResponse {
@ -115,7 +115,7 @@ pub async fn admin_increase_balance(
 /// TODO: JSON post data instead of query params
 #[debug_handler]
 pub async fn admin_change_user_roles(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    bearer: Option<TypedHeader<Authorization<Bearer>>>,
    Query(params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -130,7 +130,7 @@ pub async fn admin_change_user_roles(
 /// We assume that the admin has already logged in, and has a bearer token ...
 #[debug_handler]
 pub async fn admin_imitate_login_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Path(mut params): Path<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -287,7 +287,7 @@ pub async fn admin_imitate_login_get(
 /// The bearer token can be used to authenticate other admin requests
 #[debug_handler]
 pub async fn admin_imitate_login_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Json(payload): Json<PostLogin>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/frontend/mod.rs
+++ b/web3_proxy/src/frontend/mod.rs
@ -1,6 +1,8 @@
 //! `frontend` contains HTTP and websocket endpoints for use by a website or web3 wallet.
 //!
 //! Important reading about axum extractors: <https://docs.rs/axum/latest/axum/extract/index.html#the-order-of-extractors>
+//!
+//! There are a lot of things in tower/axum that i should have used instead of implementing here.
 // TODO: these are only public so docs are generated. What's a better way to do this?
 pub mod admin;
 pub mod authorization;
@ -43,12 +45,8 @@ pub enum ResponseCacheKey {

 pub type ResponseCache = Cache<ResponseCacheKey, (StatusCode, &'static str, axum::body::Bytes)>;

-/// Start the frontend server.
-pub async fn serve(
-    app: Arc<App>,
-    mut shutdown_receiver: broadcast::Receiver<()>,
-    shutdown_complete_sender: broadcast::Sender<()>,
-) -> Web3ProxyResult<()> {
+/// build our axum Router
+pub fn make_router(app: Arc<App>) -> Router<()> {
    // setup caches for whatever the frontend needs
    // no need for max items since it is limited by the enum key
    // TODO: latest moka allows for different ttls for different
@ -59,9 +57,8 @@ pub async fn serve(
        .time_to_live(Duration::from_millis(200))
        .build();

-    // TODO: read config for if fastest/versus should be available publicly. default off
+    let response_cache = Arc::new(response_cache);

-    // build our axum Router
    let mut router = Router::new()
        // TODO: i think these routes could be done a lot better
        //
@ -142,10 +139,23 @@ pub async fn serve(
        //
        // System things
        //
-        .route("/health", get(status::health))
-        .route("/status", get(status::status))
-        .route("/status/backups_needed", get(status::backups_needed))
-        .route("/status/debug_request", get(status::debug_request))
+        // TODO: response_cache should probably be inside State
+        .route(
+            "/health",
+            get(status::health).route_layer(Extension(response_cache.clone())),
+        )
+        .route(
+            "/status",
+            get(status::status).route_layer(Extension(response_cache.clone())),
+        )
+        .route(
+            "/status/backups_needed",
+            get(status::backups_needed).route_layer(Extension(response_cache.clone())),
+        )
+        .route(
+            "/status/debug_request",
+            get(status::debug_request).route_layer(Extension(response_cache.clone())),
+        )
        //
        // User stuff
        //
@ -256,22 +266,17 @@ pub async fn serve(
        );
    }

-    router = router
-        //
-        // Axum layers
-        // layers are ordered bottom up
-        // the last layer is first for requests and last for responses
-        //
+    // Axum layers
+    // layers are ordered bottom up
+    // the last layer is first for requests and last for responses
+    let router = router
        // Remove trailing slashes
+        // TODO: this isn't working for me. why?
        .layer(NormalizePathLayer::trim_trailing_slash())
        // Mark the `Authorization` request header as sensitive so it doesn't show in logs
        .layer(SetSensitiveRequestHeadersLayer::new(once(AUTHORIZATION)))
        // handle cors. we expect queries from all sorts of places
        .layer(CorsLayer::very_permissive())
-        // application state
-        .layer(Extension(app.clone()))
-        // frontend caches
-        .layer(Extension(Arc::new(response_cache)))
        // request id
        .layer(
            TraceLayer::new_for_http().make_span_with(|request: &Request<Body>| {
@ -306,7 +311,20 @@ pub async fn serve(
            }), // .on_failure(|| todo!("on failure that has the request and response body so we can debug more easily")),
        )
        // 404 for any unknown routes
-        .fallback(errors::handler_404);
+        .fallback(errors::handler_404)
+        .with_state(app);
+
+    router
+}
+
+/// Start the frontend server.
+pub async fn serve(
+    app: Arc<App>,
+    mut shutdown_receiver: broadcast::Receiver<()>,
+    shutdown_complete_sender: broadcast::Sender<()>,
+) -> Web3ProxyResult<()> {
+    // TODO: read config for if fastest/versus should be available publicly. default off
+    let router = make_router(app.clone());

    // TODO: https://docs.rs/tower-http/latest/tower_http/propagate_header/index.html

--- a/web3_proxy/src/frontend/rpc_proxy_http.rs
+++ b/web3_proxy/src/frontend/rpc_proxy_http.rs
@ -5,11 +5,11 @@ use super::rpc_proxy_ws::ProxyMode;
 use crate::errors::Web3ProxyError;
 use crate::{app::App, jsonrpc::JsonRpcRequestEnum};
 use axum::extract::rejection::JsonRejection;
-use axum::extract::Path;
+use axum::extract::{Path, State};
 use axum::headers::{Origin, Referer, UserAgent};
 use axum::response::Response;
 use axum::TypedHeader;
-use axum::{response::IntoResponse, Extension, Json};
+use axum::{response::IntoResponse, Json};
 use axum_client_ip::InsecureClientIp;
 use axum_macros::debug_handler;
 use http::HeaderMap;
@ -23,7 +23,7 @@ use std::time::Duration;
 /// If possible, please use a WebSocket instead.
 #[debug_handler]
 pub async fn proxy_web3_rpc(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    payload: Result<Json<JsonRpcRequestEnum>, JsonRejection>,
@ -33,7 +33,7 @@ pub async fn proxy_web3_rpc(

 #[debug_handler]
 pub async fn fastest_proxy_web3_rpc(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    payload: Result<Json<JsonRpcRequestEnum>, JsonRejection>,
@ -45,7 +45,7 @@ pub async fn fastest_proxy_web3_rpc(

 #[debug_handler]
 pub async fn versus_proxy_web3_rpc(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    payload: Result<Json<JsonRpcRequestEnum>, JsonRejection>,
@ -126,7 +126,7 @@ async fn _proxy_web3_rpc(
 /// If possible, please use a WebSocket instead.
 #[debug_handler]
 pub async fn proxy_web3_rpc_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    referer: Option<TypedHeader<Referer>>,
@ -151,7 +151,7 @@ pub async fn proxy_web3_rpc_with_key(
 #[debug_handler]
 #[allow(clippy::too_many_arguments)]
 pub async fn debug_proxy_web3_rpc_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    referer: Option<TypedHeader<Referer>>,
@ -195,7 +195,7 @@ pub async fn debug_proxy_web3_rpc_with_key(

 #[debug_handler]
 pub async fn fastest_proxy_web3_rpc_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    referer: Option<TypedHeader<Referer>>,
@ -218,7 +218,7 @@ pub async fn fastest_proxy_web3_rpc_with_key(

 #[debug_handler]
 pub async fn versus_proxy_web3_rpc_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    referer: Option<TypedHeader<Referer>>,
--- a/web3_proxy/src/frontend/rpc_proxy_ws.rs
+++ b/web3_proxy/src/frontend/rpc_proxy_ws.rs
@ -9,9 +9,9 @@ use crate::{app::App, errors::Web3ProxyResult, jsonrpc::SingleRequest};
 use axum::headers::{Origin, Referer, UserAgent};
 use axum::{
    extract::ws::{Message, WebSocket, WebSocketUpgrade},
-    extract::Path,
+    extract::{Path, State},
    response::{IntoResponse, Redirect},
-    Extension, TypedHeader,
+    TypedHeader,
 };
 use axum_client_ip::InsecureClientIp;
 use axum_macros::debug_handler;
@ -54,7 +54,7 @@ pub enum ProxyMode {
 /// Queries a single server at a time
 #[debug_handler]
 pub async fn websocket_handler(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    ws_upgrade: Option<WebSocketUpgrade>,
@ -66,7 +66,7 @@ pub async fn websocket_handler(
 /// Queries all synced backends with every request! This might get expensive!
 // #[debug_handler]
 pub async fn fastest_websocket_handler(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    ws_upgrade: Option<WebSocketUpgrade>,
@ -87,7 +87,7 @@ pub async fn fastest_websocket_handler(
 /// Queries **all** backends with every request! This might get expensive!
 #[debug_handler]
 pub async fn versus_websocket_handler(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    origin: Option<TypedHeader<Origin>>,
    ws_upgrade: Option<WebSocketUpgrade>,
@ -127,7 +127,7 @@ async fn _websocket_handler(
 /// Can optionally authorized based on origin, referer, or user agent.
 #[debug_handler]
 pub async fn websocket_handler_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Path(rpc_key): Path<String>,
    origin: Option<TypedHeader<Origin>>,
@ -151,7 +151,7 @@ pub async fn websocket_handler_with_key(
 #[debug_handler]
 #[allow(clippy::too_many_arguments)]
 pub async fn debug_websocket_handler_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Path(rpc_key): Path<String>,
    origin: Option<TypedHeader<Origin>>,
@ -190,7 +190,7 @@ pub async fn debug_websocket_handler_with_key(

 #[debug_handler]
 pub async fn fastest_websocket_handler_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Path(rpc_key): Path<String>,
    origin: Option<TypedHeader<Origin>>,
@ -214,7 +214,7 @@ pub async fn fastest_websocket_handler_with_key(

 #[debug_handler]
 pub async fn versus_websocket_handler_with_key(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Path(rpc_key): Path<String>,
    origin: Option<TypedHeader<Origin>>,
--- a/web3_proxy/src/frontend/status.rs
+++ b/web3_proxy/src/frontend/status.rs
@ -10,6 +10,7 @@ use crate::{
 };
 use axum::{
    body::{Bytes, Full},
+    extract::State,
    http::StatusCode,
    response::{IntoResponse, Response},
    Extension, Json,
@ -37,7 +38,7 @@ static CONTENT_TYPE_PLAIN: &str = "text/plain";

 #[debug_handler]
 pub async fn debug_request(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    ip: InsecureClientIp,
    headers: HeaderMap,
 ) -> impl IntoResponse {
@ -76,7 +77,7 @@ pub async fn debug_request(
 /// Health check page for load balancers to use.
 #[debug_handler]
 pub async fn health(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    Extension(cache): Extension<Arc<ResponseCache>>,
 ) -> Result<impl IntoResponse, Web3ProxyError> {
    let (code, content_type, body) = timeout(
@ -113,7 +114,7 @@ async fn _health(app: Arc<App>) -> (StatusCode, &'static str, Bytes) {
 /// Easy alerting if backup servers are in use.
 #[debug_handler]
 pub async fn backups_needed(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    Extension(cache): Extension<Arc<ResponseCache>>,
 ) -> Result<impl IntoResponse, Web3ProxyError> {
    let (code, content_type, body) = timeout(
@ -164,7 +165,7 @@ async fn _backups_needed(app: Arc<App>) -> (StatusCode, &'static str, Bytes) {
 /// TODO: replace this with proper stats and monitoring. frontend uses it for their public dashboards though
 #[debug_handler]
 pub async fn status(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    Extension(cache): Extension<Arc<ResponseCache>>,
 ) -> Result<impl IntoResponse, Web3ProxyError> {
    let (code, content_type, body) = timeout(
--- a/web3_proxy/src/frontend/users/authentication.rs
+++ b/web3_proxy/src/frontend/users/authentication.rs
@ -6,10 +6,10 @@ use crate::globals::{global_db_conn, global_db_replica_conn};
 use crate::secrets::RpcSecretKey;
 use crate::user_token::UserBearerToken;
 use axum::{
-    extract::{Path, Query},
+    extract::{Path, Query, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_client_ip::InsecureClientIp;
 use axum_macros::debug_handler;
@ -76,7 +76,7 @@ pub struct LoginPostResponse {
 /// We can prompt for an email and and payment after they log in.
 #[debug_handler]
 pub async fn user_login_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    // TODO: what does axum's error handling look like if the path fails to parse?
    Path(mut params): Path<HashMap<String, String>>,
@ -224,7 +224,7 @@ pub async fn register_new_user(
 /// The bearer token can be used to authenticate other requests, such as getting the user's stats or modifying the user's profile.
 #[debug_handler]
 pub async fn user_login_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    InsecureClientIp(ip): InsecureClientIp,
    Query(query): Query<PostLoginQuery>,
    Json(payload): Json<PostLogin>,
--- a/web3_proxy/src/frontend/users/mod.rs
+++ b/web3_proxy/src/frontend/users/mod.rs
@ -13,9 +13,10 @@ use crate::app::App;
 use crate::errors::{Web3ProxyError, Web3ProxyErrorContext, Web3ProxyResponse};
 use crate::globals::global_db_transaction;
 use axum::{
+    extract::State,
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_macros::debug_handler;
 use entities::{self, referee, referrer, user};
@ -32,7 +33,7 @@ use std::sync::Arc;
 /// TODO: this will change as we add better support for secondary users.
 #[debug_handler]
 pub async fn user_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer_token)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer_token).await?;
@ -51,7 +52,7 @@ pub struct UserPost {
 /// `POST /user` -- modify the account connected to the bearer token in the `Authentication` header.
 #[debug_handler]
 pub async fn user_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer_token)): TypedHeader<Authorization<Bearer>>,
    Json(payload): Json<UserPost>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/frontend/users/payment.rs
+++ b/web3_proxy/src/frontend/users/payment.rs
@ -7,10 +7,10 @@ use crate::globals::{global_db_conn, global_db_replica_conn};
 use crate::premium::{get_user_and_tier_from_address, grant_premium_tier};
 use anyhow::Context;
 use axum::{
-    extract::Path,
+    extract::{Path, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_client_ip::InsecureClientIp;
 use axum_macros::debug_handler;
@ -41,7 +41,7 @@ use tracing::{debug, error, info, trace, warn};
 /// - show deposits history (currency, amounts, transaction id)
 #[debug_handler]
 pub async fn user_balance_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -61,7 +61,7 @@ pub async fn user_balance_get(
 /// - shows a list of all deposits, including their chain-id, amount and tx-hash
 #[debug_handler]
 pub async fn user_chain_deposits_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -100,7 +100,7 @@ pub async fn user_chain_deposits_get(
 /// - shows a list of all deposits done through stripe
 #[debug_handler]
 pub async fn user_stripe_deposits_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -143,7 +143,7 @@ pub async fn user_stripe_deposits_get(
 /// - shows a list of all deposits done by admins
 #[debug_handler]
 pub async fn user_admin_deposits_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -181,7 +181,7 @@ pub async fn user_admin_deposits_get(
 /// `POST /user/balance/:tx_hash` -- Process a confirmed txid to update a user's balance.
 #[debug_handler]
 pub async fn user_balance_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    ip: Option<InsecureClientIp>,
    Path(mut params): Path<HashMap<String, String>>,
    bearer: Option<TypedHeader<Authorization<Bearer>>>,
@ -441,7 +441,7 @@ pub async fn user_balance_post(
 /// `POST /user/balance_uncle/:uncle_hash` -- Process an uncle block to potentially update a user's balance.
 #[debug_handler]
 pub async fn user_balance_uncle_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    ip: Option<InsecureClientIp>,
    Path(mut params): Path<HashMap<String, String>>,
    bearer: Option<TypedHeader<Authorization<Bearer>>>,
--- a/web3_proxy/src/frontend/users/payment_stripe.rs
+++ b/web3_proxy/src/frontend/users/payment_stripe.rs
@ -19,7 +19,7 @@ use tracing::{debug, error, warn};
 /// this endpoint is called from the webhook with the user_id parameter in the request
 #[debug_handler]
 pub async fn user_balance_stripe_post(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    // InsecureClientIp(ip): InsecureClientIp,
    headers: HeaderMap,
    payload: String,
--- a/web3_proxy/src/frontend/users/referral.rs
+++ b/web3_proxy/src/frontend/users/referral.rs
@ -5,10 +5,10 @@ use crate::referral_code::ReferralCode;
 use crate::{app::App, globals::global_db_replica_conn};
 use anyhow::Context;
 use axum::{
-    extract::Query,
+    extract::{Query, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_macros::debug_handler;
 use entities::{referee, referrer, user};
@ -29,7 +29,7 @@ use std::sync::Arc;
 /// This is the link that the user can share to third parties, and get credits.
 #[debug_handler]
 pub async fn user_referral_link_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(_params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -74,7 +74,7 @@ pub async fn user_referral_link_get(

 #[debug_handler]
 pub async fn user_used_referral_stats(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(_params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -132,7 +132,7 @@ pub async fn user_used_referral_stats(

 #[debug_handler]
 pub async fn user_shared_referral_stats(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(_params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/frontend/users/rpc_keys.rs
+++ b/web3_proxy/src/frontend/users/rpc_keys.rs
@ -5,9 +5,10 @@ use crate::globals::{global_db_conn, global_db_replica_conn};
 use crate::secrets::RpcSecretKey;
 use axum::headers::{Header, Origin, Referer, UserAgent};
 use axum::{
+    extract::State,
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_macros::debug_handler;
 use entities;
@ -27,7 +28,7 @@ use std::sync::Arc;
 /// `GET /user/keys` -- Use a bearer token to get the user's api keys and their settings.
 #[debug_handler]
 pub async fn rpc_keys_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -123,7 +124,7 @@ pub async fn rpc_keys_get(
 /// `DELETE /user/keys` -- Use a bearer token to delete an existing key.
 #[debug_handler]
 pub async fn rpc_keys_delete(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let _user = app.bearer_is_authorized(bearer).await?;
@ -153,7 +154,7 @@ pub struct UserKeyManagement {
 /// `POST /user/keys` or `PUT /user/keys` -- Use a bearer token to create or update an existing key.
 #[debug_handler]
 pub async fn rpc_keys_management(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Json(payload): Json<UserKeyManagement>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/frontend/users/stats.rs
+++ b/web3_proxy/src/frontend/users/stats.rs
@ -8,10 +8,10 @@ use crate::http_params::{
 use crate::stats::influxdb_queries::query_user_influx_stats;
 use crate::stats::StatType;
 use axum::{
-    extract::Query,
+    extract::{Query, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_macros::debug_handler;
 use entities;
@ -28,7 +28,7 @@ use tracing::info;
 /// `GET /user/revert_logs` -- Use a bearer token to get the user's revert logs.
 #[debug_handler]
 pub async fn user_revert_logs_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -125,7 +125,7 @@ pub async fn user_revert_logs_get(
 /// `GET /user/stats/aggregate` -- Public endpoint for aggregate stats such as bandwidth used and methods requested.
 #[debug_handler]
 pub async fn user_influx_stats_aggregated_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    bearer: Option<TypedHeader<Authorization<Bearer>>>,
    Query(params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -137,7 +137,7 @@ pub async fn user_influx_stats_aggregated_get(
 /// `GET /user/stats/accounting` -- Use a bearer token to get the user's revert logs.
 #[debug_handler]
 pub async fn user_mysql_stats_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
 ) -> Web3ProxyResponse {
    let user = app.bearer_is_authorized(bearer).await?;
@ -171,7 +171,7 @@ pub async fn user_mysql_stats_get(
 /// TODO: this will change as we add better support for secondary users.
 #[debug_handler]
 pub async fn user_influx_stats_detailed_get(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    bearer: Option<TypedHeader<Authorization<Bearer>>>,
    Query(params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/frontend/users/subuser.rs
+++ b/web3_proxy/src/frontend/users/subuser.rs
@ -5,10 +5,10 @@ use crate::globals::{global_db_conn, global_db_replica_conn};
 use crate::secrets::RpcSecretKey;
 use anyhow::Context;
 use axum::{
-    extract::Query,
+    extract::{Query, State},
    headers::{authorization::Bearer, Authorization},
    response::IntoResponse,
-    Extension, Json, TypedHeader,
+    Json, TypedHeader,
 };
 use axum_macros::debug_handler;
 use entities::sea_orm_active_enums::Role;
@ -29,7 +29,7 @@ use tracing::trace;
 use ulid::{self, Ulid};

 pub async fn get_keys_as_subuser(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(_params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -94,7 +94,7 @@ pub async fn get_keys_as_subuser(
 }

 pub async fn get_subusers(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(mut params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
@ -166,7 +166,7 @@ pub async fn get_subusers(

 #[debug_handler]
 pub async fn modify_subuser(
-    Extension(app): Extension<Arc<App>>,
+    State(app): State<Arc<App>>,
    TypedHeader(Authorization(bearer)): TypedHeader<Authorization<Bearer>>,
    Query(mut params): Query<HashMap<String, String>>,
 ) -> Web3ProxyResponse {
--- a/web3_proxy/src/prometheus.rs
+++ b/web3_proxy/src/prometheus.rs
@ -1,7 +1,8 @@
+use axum::extract::State;
 use axum::headers::HeaderName;
 use axum::http::HeaderValue;
 use axum::response::{IntoResponse, Response};
-use axum::{routing::get, Extension, Router};
+use axum::{routing::get, Router};
 use std::net::SocketAddr;
 use std::sync::atomic::Ordering;
 use std::sync::Arc;
@ -17,9 +18,7 @@ pub async fn serve(
    mut shutdown_receiver: broadcast::Receiver<()>,
 ) -> Web3ProxyResult<()> {
    // routes should be ordered most to least common
-    let router = Router::new()
-        .route("/", get(root))
-        .layer(Extension(app.clone()));
+    let router = Router::new().route("/", get(root)).with_state(app.clone());

    // note: the port here might be 0
    let port = app.prometheus_port.load(Ordering::SeqCst);
@ -44,7 +43,7 @@ pub async fn serve(
        .map_err(Into::into)
 }

-async fn root(Extension(app): Extension<Arc<App>>) -> Response {
+async fn root(State(app): State<Arc<App>>) -> Response {
    let serialized = app.prometheus_metrics().await;

    let mut r = serialized.into_response();