Auth for axum

High-level http auth extractors for axum

Usage

Bearer Authentication:

```rust use axum_auth::AuthBearer;

/// Handler for a typical axum route, takes a token and returns it async fn handler(AuthBearer(token): AuthBearer) -> String { format!("Found a bearer token: {}", token) } ```

Basic Authentication:

```rust use axum_auth::AuthBasic;

/// Takes basic auth details and shows a message async fn handler(AuthBasic((id, password)): AuthBasic) -> String { if let Some(password) = password { format!("User '{}' with password '{}'", id, password) } else { format!("User '{}' without password", id) } } ```

You can also define custom extractors, letting you return custom extractors, status codes, and messages to users if the auth fails. Check out the crate documentation for more in-depth information into how everything works!

Installation

Simply place the following inside of your Cargo.toml file for axum 0.6:

toml [dependencies] axum-auth = "0.4"

If you're still on axum 0.5, you can use the 0.3 version. You can also enable just basic/bearer auth via features. To enable just basic auth, you can add this to the Cargo.toml file instead:

toml [dependencies] axum-auth = { version = "0.4", default-features = false, features = ["auth-basic"] }

Security

Some essential security considerations to take into account are the following:

• This crate has not been audited by any security professionals. If you are willing to do or have already done an audit on this crate, please create an issue as it would help out enormously! 😊
• This crate purposefully does not limit the maximum length of headers arriving so please ensure your webserver configurations are set properly.

Licensing

This project is dual-licensed under both the MIT and Apache, so feel free to use either at your discretion.