Lib.rs

Authentication | Web programming
#rocket #access-control #cookies #server-client

nightly cosmodrome

Access control for your rocket application

by Lewin Probst, M.Sc.

1 unstable release

0.2.0 Aug 23, 2024

#244 in Authentication

Download history 121/week @ 2024-08-19 9/week @ 2024-08-26

130 downloads per month

MIT/Apache

32KB
695 lines

Authentication and authorization library for rocket.

Introduction and purpose

cosmodrome provides a customizable and extendable way to secure your rocket application from unauthorized access to your resources/routes. This crate contains the required data structures for usage on server and client side.

By default, both features server and client are enabled which are required to use this library on the server side.

Client usage

For the use on the client side (eg. WASM), use default-features = false and features = ["client"]. This will only include the Ticket model.

How does it work?

cosmodrome in the broadest sense follows the idea of a boarding and traveling process using an airplane. To get access to the airplane, you need to pass the gate. This gate is able to log you in and out from our application. If you want to buy a [Ticket] it is required that you have a valid passport. This passport contains details about yourself and is usually referred to as "account". Your application requires a passport register that holds all passports/accounts. To successfully pass the gate you need to have a valid passport as well as [Ticket] that you bought earlier. In our case, the [Ticket] is a combination of an id and a secret, where id matches the passport's id. Now the gate can verify wether your [Ticket] is correct and, on success, provide you with a boarding pass that enables access to all airplanes (aka webservice routes) you require to reach your final destination airport.

Additional information

To be able to verify that you do have a correct boarding pass while traveling, it is required that you store it in a storage which is usually your hand luggage. cosmodrome brings build in support for bearer token as well as cookie. Both of them do have a JWT payload that contains your passport. It is also possible that you implement your own [auth_type] and a custom payload by implementing BoardingPassStorage.

Features

The following methods are currently provided:

  • Bearer
  • Cookie

Both methods are using JWT as payload.

Examples

Examples are provided in the examples folder in the repository.

Attributions

Many thanks to the creator of the logo image:

Cosmodrome icons created by Kalashnyk - Flaticon - https://www.flaticon.com/free-icons/cosmodrome

Dependencies

~1–33MB
~530K SLoC