Expand description
Actix-web middleware for ed25519 signature validation of incoming requests.
Provides a middleware that can be used to validate the signature of incoming requests. Offering these features:
- Signature validation via public key
- Customizable header names for signature and timestamp
- Authentication status is available in the request extensions.
- Optional automatic rejection of invalid requests
§Example
use actix_middleware_ed25519_authentication::AuthenticatorBuilder;
use actix_web::{web, App, HttpResponse, HttpServer};
HttpServer::new(move || {
App::new()
.wrap(
AuthenticatorBuilder::new()
.public_key(&public_key)
.signature_header("X-Signature-Ed25519")
.timestamp_header("X-Signature-Timestamp")
.reject()
.build()
)
.route("/", web::post().to(HttpResponse::Ok))
})
.bind(("127.0.0.1", 3000))?
.run()
.await
Structs§
- Authentication
Info - AuthenticationInfo is a struct that holds information about the authentication of a request. This struct is added to the request extensions.
- Authenticator
Builder AuthenticatorBuilder
is a builder struct that holds the public key, signature header, timestamp header, and a boolean value that indicates whether or not to reject requests.- Ed25519
Authenticator - Ed25519Authenticator is a middleware factory that generates
Ed25519AuthenticatorMiddleware
, which verifies the signature of incoming request. It is created through theAuthenticatorBuilder
and consumed by actix-web’swrap
function. - Ed25519
Authenticator Middleware - Ed25519AuthenticatorMiddleware is a middleware that verifies the signature of incoming request.
It is generated by the
Ed25519Authenticator
middleware factory and not intended to be used directly. - Middleware
Data - MiddlewareData is a struct that holds the public key, signature header name, timestamp header name, and a boolean value that indicates whether or not to reject requests.
When used with the
authenticate_request
function, the rejection boolean is ignored.
Functions§
- authenticate_
request - authenticate_request is a function that verifies the signature of an incoming request. Intended to allow for manual handling of authentication, or for use with other middleware.