11 releases (7 breaking)

0.8.0 Nov 6, 2022
0.7.0 Nov 12, 2021
0.6.1 Jul 12, 2021
0.6.0 Mar 20, 2021
0.0.1 Jul 6, 2018

#11 in #claim

MIT/Apache

575KB
10K SLoC

gotham_middleware_jwt

A middleware for the Gotham Web Framework that verifies JSON Web Tokens, returning StatusCode::UNAUTHORIZED if a request fails validation.

Usage

Create a struct you wish to deserialize into. For our example below, we've used Claims:

#[macro_use]
extern crate serde_derive;

use futures::future;
use gotham::{
  helpers::http::response::create_empty_response,
  handler::HandlerFuture,
  pipeline::{
    new_pipeline,
    set::{finalize_pipeline_set, new_pipeline_set},
  },
  router::{builder::*, Router},
  state::{State, FromState},
};
use gotham_middleware_jwt::{JwtMiddleware, AuthorizationToken};
use gotham::hyper::{Response, StatusCode};

#[derive(Deserialize, Debug)]
struct Claims {
  sub: String,
  exp: usize,
}

fn handler(state: State) -> Box<HandlerFuture> {
  {
    let token = AuthorizationToken::<Claims>::borrow_from(&state);
    // token -> TokenData
  }
  let res = create_empty_response(&state, StatusCode::OK);
  Box::new(future::ok((state, res)))
}

fn router() -> Router {
  let pipelines = new_pipeline_set();
  let (pipelines, defaults) = pipelines.add(
    new_pipeline()
      .add(JwtMiddleware::<Claims>::new("secret".as_ref()))
      .build(),
  );
  let default_chain = (defaults, ());
  let pipeline_set = finalize_pipeline_set(pipelines);
  build_router(default_chain, pipeline_set, |route| {
    route.get("/").to(handler);
  })
}

License

This middleware crate was originally created by Nicholas Young of Uptime Ventures, Ltd., and is maintained by the Gotham core team.

Licensed under your option of:

Dependencies

~15–28MB
~506K SLoC