1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70
//! Middleware for [actix-web](https://github.com/actix/actix-web) that helps you validate Cognito tokens. //! //! ## Cognito validator //! //! Before setting up the middleware we have to create a `CognitoValidator` that will be built by receiving some vari ables from the environment: //! //! - **COGNITO_REGION**: The region of the Cognito pool. //! - **COGNITO_POOLID**: The Cognito pool id. //! - **COGNITO_CLIENTID**: The client id of your app. //! - **COGNITO_ENABLED** (optional): if not present or 0 no validation will be done. //! - **COGNITO_VERIFY_ACCESSTOKEN** (optional): if not present or 0 idToken will be validated. If present, the accessToken will be validated instead. //! //! ## Usage //! //! Setting up the middleware: //! //! ```rust,no_run //! # use actix_web::{web, App, HttpServer}; //! # use actix_web_middleware_cognito::{Cognito, CognitoValidator}; //! # use std::sync::Arc; //! # const PORT: &str = "3000"; //! # async fn index() -> &'static str { //! # "Hello world" //! # } //! # #[actix_rt::main] //! # async fn main() -> std::io::Result<()> { //! // builidng the validator in order to be shared between all threads. //! let cognito_validator = //! Arc::new(CognitoValidator::create().expect("Error configuring the Cognito validator")); //! //! HttpServer::new(move || { //! // cognito middleware //! let cognito = Cognito::new(cognito_validator.clone()); //! //! // set up the app //! App::new() //! .wrap(cognito) //! .route("/", web::get().to(index)) //! }) //! .bind(format!("0.0.0.0:{}", PORT)) //! .unwrap_or_else(|_| panic!("🔥 Couldn't start the server at port {}", PORT)) //! .run() //! .await //! # } //! ``` //! //! ## Extracting the token from the request //! //! The library provides a `CognitoInfo` extractor for you to get information about the Cognito token. If the token is invalid or you disable the middleware (by omitting the `COGNITO_ENABLED` environment variable) you will always get a disabled `CognitoInfo`, i.e. a `CognitoInfo` with no `token`. //! //! ```rust,no_run //! # use actix_web::{Responder, HttpResponse}; //! # use actix_web_middleware_cognito::CognitoInfo; //! async fn index(auth: CognitoInfo) -> impl Responder { //! let msg = format!( //! "User with id {} made this call with token {}", //! auth.user.unwrap(), //! auth.token.unwrap() //! ); //! HttpResponse::Ok().body(msg) //! } //! ``` mod extractor; mod middleware; mod validator; pub use extractor::CognitoInfo; pub use middleware::Cognito; pub use validator::CognitoValidator;