2 releases
0.1.1 | Oct 26, 2023 |
---|---|
0.1.0 | Oct 24, 2023 |
#1085 in HTTP server
18KB
71 lines
Tide (http-rs/tide) JWT Authorization Middleware
This Rust library offers a middleware for the Tide web server framework, focusing on API key authentication via JWT (JSON Web Tokens) using the tide_jsonwebtoken
crate.
Features
- Seamless API key validation using JWT.
- Direct integration with Tide routes.
- Efficient handling of protected and unprotected routes.
Quick Start
Add the required dependencies to your Cargo.toml
:
[dependencies]
tide = "0.16" # Use the latest version
tide-jsonwebtoken = "0.1.0" # Use the latest version
async-std = { version = "1.12.0", features = ["attributes"] } # Use the latest version
Usage
-
Initialize the Middleware:
First, create an instance of the
ApiKeyMiddleware
:let jwt = ApiKeyMiddleware::new("your-secret-key");
-
Set Up Tide Application:
Initialize the Tide application and apply the middleware to specific routes:
let mut app = tide::new(); app.at("/login").get(|_| async { Ok("Login route!") }); app.at("/name/:id") .with(jwt) .get(|req: Request<()>| async move { Ok(format!("Hello, {}!", req.param("id").unwrap_or("0"))) });
-
Run the Server:
app.listen("127.0.0.1:8080").await?;
Error Handling
The middleware inspects the x-api-key
header in incoming requests. If the JWT is validated, the request continues; otherwise, the middleware returns a 401 Unauthorized
status. Potential error messages include:
API key missing
: The request lacks thex-api-key
header.Invalid API key
: The supplied API key (JWT) is not valid.
Contributing
Pull requests are encouraged. For major adjustments, kindly initiate an issue first to deliberate on the desired changes.
Dependencies
~10–21MB
~326K SLoC