Crate actix_middleware_ed25519_authentication

Source
Expand description

Actix-web middleware for ed25519 signature validation of incoming requests.

Provides a middleware that can be used to validate the signature of incoming requests. Offering these features:

  • Signature validation via public key
  • Customizable header names for signature and timestamp
  • Authentication status is available in the request extensions.
  • Optional automatic rejection of invalid requests

§Example

use actix_middleware_ed25519_authentication::AuthenticatorBuilder;
use actix_web::{web, App, HttpResponse, HttpServer};

HttpServer::new(move || {
        App::new()
            .wrap(
                AuthenticatorBuilder::new()
                .public_key(&public_key)
                .signature_header("X-Signature-Ed25519")
                .timestamp_header("X-Signature-Timestamp")
                .reject()
                .build()
            )    
            .route("/", web::post().to(HttpResponse::Ok))
 })
.bind(("127.0.0.1", 3000))?
.run()
.await

Structs§

AuthenticationInfo
AuthenticationInfo is a struct that holds information about the authentication of a request. This struct is added to the request extensions.
AuthenticatorBuilder
AuthenticatorBuilder is a builder struct that holds the public key, signature header, timestamp header, and a boolean value that indicates whether or not to reject requests.
Ed25519Authenticator
Ed25519Authenticator is a middleware factory that generates Ed25519AuthenticatorMiddleware, which verifies the signature of incoming request. It is created through the AuthenticatorBuilder and consumed by actix-web’s wrap function.
Ed25519AuthenticatorMiddleware
Ed25519AuthenticatorMiddleware is a middleware that verifies the signature of incoming request. It is generated by the Ed25519Authenticator middleware factory and not intended to be used directly.
MiddlewareData
MiddlewareData is a struct that holds the public key, signature header name, timestamp header name, and a boolean value that indicates whether or not to reject requests. When used with the authenticate_request function, the rejection boolean is ignored.

Functions§

authenticate_request
authenticate_request is a function that verifies the signature of an incoming request. Intended to allow for manual handling of authentication, or for use with other middleware.