This crate builds upon the jwt-compact crate
to provide a jwt authentication middleware for the actix-web framework.
The jwt implementation supports the revocation for tokens via access and refresh tokens.
It provides multiple cryptographic signing and verifying algorithms such as HS256, HS384, HS512, EdDSA and ES256.
For more infos on that mater please refer to the Supported algorithms section of the jwt-compact crate.
public key required)access token (customizable)access and refresh tokensUseJWT trait for protecting a App, Resource or Scope (experimental #91611)It tightly integrates into the actix-web ecosystem, this makes it easy to Automatic extract the jwt claims from a valid token.
```rust
struct UserClaims { id: u32, role: Role, }
enum Role { Admin, RegularUser, }
async fn hello(userclaims: UserClaims) -> impl Responder { format!( "Hello user with id: {}, i see you are a {:?}!", userclaims.id, user_claims.role ) } ```
For this your custom claim type has to implement the FromRequest trait
or it has to be annotated with the #[derive(actix-jwt-auth-middleware::FromRequest)] macro which implements this trait for your type.
```rust
struct User { id: u32, }
async fn main() -> Result<(), Box
let cookie_signer = CookieSigner::new()
.signing_key(key_pair.secret_key().clone())
.algorithm(Ed25519)
.build()?;
let authority = Authority::<User, _, _, _>::new()
.refresh_authorizer(|| async move { Ok(()) })
.cookie_signer(Some(cookie_signer.clone()))
.verifying_key(key_pair.public_key().clone())
.build()?;
Ok(HttpServer::new(move || {
App::new()
.service(login)
.app_data(Data::new(cookie_signer.clone()))
.service(
web::scope("")
.service(hello)
.use_jwt(authority.clone())
)
})
.bind(("127.0.0.1", 8080))?
.run()
.await?)
}
async fn login(cookiesigner: web::Data
async fn hello(user: User) -> impl Responder { format!("Hello there, i see your user id is {}.", user.id) } ```
For more example please referee to the examples directory.
License: MIT