1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
//! The credentials extraction and authentication can be limited to specific endpoints or applied //! to all endpoints. A `EndpointMatcher` must be instantiated. There are two default implementations //! available: `AllEndpointsMatcher` to protect all endpoints and `SpecificUrlsMatcher` to protect //! the URS with the exact matching URLs. Custom ones can be implemented if the defaults are not //! applicable for the use-case. use actix_web::dev::ServiceRequest; /// An `EndpointMatcher` is an implementation that takes a `actix_web::dev::ServiceRequest` instance and /// decides whether the request must be authenticated or not. pub trait EndpointMatcher: Send + Sync { /// Checks whether the `actix_web::dev::ServiceRequest` must be authenticated or not. /// Returns **true** if the request must be authenticated, **false** otherwise. fn do_match(&self, req: &ServiceRequest) -> bool; } /// The `AllEndpointsMatcher` protects all endpoints. Valid credentials / token are required for all requests. #[derive(Clone)] pub struct AllEndpointsMatcher {} impl AllEndpointsMatcher { pub fn new() -> AllEndpointsMatcher { AllEndpointsMatcher {} } } impl Default for AllEndpointsMatcher { fn default() -> Self { Self::new() } } impl EndpointMatcher for AllEndpointsMatcher { fn do_match(&self, _req: &ServiceRequest) -> bool { true } } /// The `SpecificUrlsMatcher` can be used to protect endpoints with specific URLs. /// Endpoints that do not match the given URLS are unprotected. /// Valid credentials / token are required for all requests. #[derive(Clone)] pub struct SpecificUrlsMatcher { paths: Vec<String>, } impl SpecificUrlsMatcher { pub fn new(paths: Vec<String>) -> SpecificUrlsMatcher { SpecificUrlsMatcher { paths } } } impl EndpointMatcher for SpecificUrlsMatcher { fn do_match(&self, req: &ServiceRequest) -> bool { let request_path = req.uri().path().to_string(); for path in &self.paths { if *path == request_path { return true; } } false } }