axum-login

🪪 User identification, authentication, and authorization for Axum.

🎨 Overview

This crate provides user identification, authentication, and authorization as a tower middleware for axum.

It offers:

• User Identification, Authentication, and Authorization: Leverage AuthSession to easily manage authentication and authorization. This is also an extractor, so it can be used directly in your axum handlers.
• Support for Arbitrary Users and Backends: Applications implement a couple of traits, AuthUser and AuthnBackend, allowing for any user type and any user management backend. Your database? Yep. LDAP? Sure. An auth provider? You bet.
• User and Group Permissions: Authorization is supported via the AuthzBackend trait, which allows applications to define custom permissions. Both user and group permissions are supported.
• Convenient Route Protection: Middleware for protecting access to routes are provided via the login_required and permission_required macros. Or bring your own by using AuthSession directly with from_fn.
• Rock-solid Session Management: Uses tower-sessions for high-performing and ergonomic session management. Look ma, no deadlocks!

📦 Install

To use the crate in your project, add the following to your Cargo.toml file:

[dependencies]
axum-login = "0.16.0"

🤸 Usage

We recommend reviewing our sqlite example. There is also a template for cargo-generate using postgres.

[!NOTE] See the crate documentation for usage information.

🦺 Safety

This crate uses #![forbid(unsafe_code)] to ensure everything is implemented in 100% safe Rust.

🛟 Getting Help

We've put together a number of examples to help get you started. You're also welcome to open a discussion and ask additional questions you might have.

👯 Contributing

We appreciate all kinds of contributions, thank you!