Casbin access control middleware for Rocket framework
Add it to Cargo.toml
rust
rocket-authz = "0.1.0"
Casbin only takes charge of permission control, so you need to implement an Authentication Middleware to identify user.
You need to put rocket_authz::CasbinVals which contains subject and domain(optional) into reqeust.local_cache() through an Authentication Middleware. You could see an example of using rocket-authz in Example.
```rust
use casbin::{DefaultModel, FileAdapter}; use rocket::{ fairing::{Fairing, Info, Kind}, get, request::Request, routes, Data, }; use rocket_authz;
struct FakeAuthFairing;
impl Fairing for FakeAuthFairing { fn info(&self) -> Info { Info { name: "Fake Auth Fairing", kind: Kind::Request | Kind::Response, } }
fn on_request(&self, request: &mut Request, _data: &Data) {
request.local_cache(|| rocket_authz::CasbinVals::new(Some("alice".to_string()), None));
}
}
fn data1(g: rocketauthz::CasbinGuard) -> &'static str { "data1" }
fn data2(g: rocketauthz::CasbinGuard) -> &'static str { "data2" }
fn rocket() -> rocket::Rocket { let rt = tokio::runtime::Runtime::new().unwrap(); let m = match rt.blockon(DefaultModel::fromfile( "examples/rbacwithpatternmodel.conf", )) { Ok(m) => m, Err() => panic!(""), }; let a = FileAdapter::new("examples/rbacwithpattern_policy.csv");
let casbin_fairing = match rt.block_on(rocket_authz::CasbinFairing::new(m, a)) {
Ok(f) => f,
Err(_) => panic!(""),
};
let fake_auth_fairing = FakeAuthFairing;
rocket::ignite()
.attach(fake_auth_fairing)
.attach(casbin_fairing)
.mount("/", routes![data1, data2])
} ```
This project is licensed under