General purpose JWT session validator for actix_web
It’s designed to extract session using middleware and validate path simply by using extractors.
Examples usage:
```rust use std::boxed::Box; use std::sync::Arc; use actixjwtsession::; use actix_web::get; use actix_web::web::Data; use actix_web::{HttpResponse, App, HttpServer}; use ring::rand::SystemRandom; use ring::signature::{Ed25519KeyPair, KeyPair}; use jsonwebtoken::; use serde::{Serialize, Deserialize};
async fn main() { let redis = { use redisasyncpool::{RedisConnectionManager, RedisPool}; RedisPool::new( RedisConnectionManager::new( redis::Client::open("redis://localhost:6379").expect("Fail to connect to redis"), true, None, ), 5, ) };
let keys = JwtSigningKeys::generate().unwrap();
let factory = RedisMiddlewareFactory::<AppClaims>::new(
Arc::new(keys.encoding_key),
Arc::new(keys.decoding_key),
Algorithm::EdDSA,
redis.clone(),
vec![
// Check if header "Authorization" exists and contains Bearer with encoded JWT
Box::new(HeaderExtractor::new("Authorization")),
// Check if cookie "jwt" exists and contains encoded JWT
Box::new(CookieExtractor::new("jwt")),
]
);
HttpServer::new(move || {
let factory = factory.clone();
App::new()
.app_data(Data::new(factory.storage()))
.wrap(factory)
.app_data(Data::new(redis.clone()))
.service(storage_access)
.service(must_be_signed_in)
.service(may_be_signed_in)
})
.bind(("0.0.0.0", 8080)).unwrap()
.run()
.await.unwrap();
}
pub struct AppClaims { id: uuid::Uuid, subject: String, }
impl Claims for AppClaims { fn jti(&self) -> uuid::Uuid { self.id } fn subject(&self) -> &str { &self.subject } }
pub struct SessionData { id: uuid::Uuid, subject: String, }
async fn storageaccess(
sessionstore: Data
async fn mustbesigned_in(session: Authenticated
async fn maybesignedin(session: MaybeAuthenticated
pub struct JwtSigningKeys { encodingkey: EncodingKey, decodingkey: DecodingKey, }
impl JwtSigningKeys {
fn generate() -> Result