pub struct CsrfSynchronizerTokenMiddleware<S> { /* private fields */ }Expand description
This middleware is created by axum by applying the CsrfSynchronizerTokenLayer.
It verifies the CSRF token header on incoming requests, regenerates tokens as configured,
and attaches the current token to the outgoing response.
In detail, this middleware receives a CSRF token as X-CSRF-TOKEN (if not custom configured
with a different name) HTTP request header value
and compares it to the token stored in the session.
Upon response from the inner service, the session token is returned to the
client via the X-CSRF-TOKEN response header.
Make sure to expose this header in your CORS configuration if necessary!
Requires and uses axum_sessions.
Optionally regenerates the token from the session after successful verification,
to ensure a new token is used for each writing (POST, PUT, DELETE) request.
Enable with RegenerateToken::PerUse.
For maximum security, but severely reduced ergonomics, optionally regenerates the
token from the session after each request, to keep the token validity as short as
possible. Enable with RegenerateToken::PerRequest.
Implementations
sourceimpl<S> CsrfSynchronizerTokenMiddleware<S>
impl<S> CsrfSynchronizerTokenMiddleware<S>
sourcepub fn new(inner: S, layer: CsrfSynchronizerTokenLayer) -> Self
pub fn new(inner: S, layer: CsrfSynchronizerTokenLayer) -> Self
Create a new middleware from an inner [tower::Service] (axum-specific bounds, such as Infallible errors apply!) and a CsrfSynchronizerTokenLayer.
Commonly, the middleware is created by the [tower::Layer] - and never manually.
Trait Implementations
sourceimpl<S: Clone> Clone for CsrfSynchronizerTokenMiddleware<S>
impl<S: Clone> Clone for CsrfSynchronizerTokenMiddleware<S>
sourcefn clone(&self) -> CsrfSynchronizerTokenMiddleware<S>
fn clone(&self) -> CsrfSynchronizerTokenMiddleware<S>
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moresourceimpl<S: Debug> Debug for CsrfSynchronizerTokenMiddleware<S>
impl<S: Debug> Debug for CsrfSynchronizerTokenMiddleware<S>
sourceimpl<S, B: Send + 'static> Service<Request<B>> for CsrfSynchronizerTokenMiddleware<S>where
S: Service<Request<B>, Response = Response, Error = Infallible> + Send + Clone + 'static,
S::Future: Send,
impl<S, B: Send + 'static> Service<Request<B>> for CsrfSynchronizerTokenMiddleware<S>where
S: Service<Request<B>, Response = Response, Error = Infallible> + Send + Clone + 'static,
S::Future: Send,
type Error = Infallible
type Error = Infallible
Errors produced by the service.
type Future = Pin<Box<dyn Future<Output = Result<<CsrfSynchronizerTokenMiddleware<S> as Service<Request<B>>>::Response, <CsrfSynchronizerTokenMiddleware<S> as Service<Request<B>>>::Error>> + Send + 'static, Global>>
type Future = Pin<Box<dyn Future<Output = Result<<CsrfSynchronizerTokenMiddleware<S> as Service<Request<B>>>::Response, <CsrfSynchronizerTokenMiddleware<S> as Service<Request<B>>>::Error>> + Send + 'static, Global>>
The future response value.
Auto Trait Implementations
impl<S> RefUnwindSafe for CsrfSynchronizerTokenMiddleware<S>where
S: RefUnwindSafe,
impl<S> Send for CsrfSynchronizerTokenMiddleware<S>where
S: Send,
impl<S> Sync for CsrfSynchronizerTokenMiddleware<S>where
S: Sync,
impl<S> Unpin for CsrfSynchronizerTokenMiddleware<S>where
S: Unpin,
impl<S> UnwindSafe for CsrfSynchronizerTokenMiddleware<S>where
S: UnwindSafe,
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<M, S, Target, Request> MakeService<Target, Request> for Mwhere
M: Service<Target, Response = S>,
S: Service<Request>,
impl<M, S, Target, Request> MakeService<Target, Request> for Mwhere
M: Service<Target, Response = S>,
S: Service<Request>,
type Response = <S as Service<Request>>::Response
type Response = <S as Service<Request>>::Response
Responses given by the service
type Error = <S as Service<Request>>::Error
type Error = <S as Service<Request>>::Error
Errors produced by the service
type Service = S
type Service = S
The [
Service] value created by this factorytype MakeError = <M as Service<Target>>::Error
type MakeError = <M as Service<Target>>::Error
Errors produced while building a service.
type Future = <M as Service<Target>>::Future
type Future = <M as Service<Target>>::Future
The future of the [
Service] instance.sourcefn poll_ready(
&mut self,
cx: &mut Context<'_>
) -> Poll<Result<(), <M as MakeService<Target, Request>>::MakeError>>
fn poll_ready(
&mut self,
cx: &mut Context<'_>
) -> Poll<Result<(), <M as MakeService<Target, Request>>::MakeError>>
Returns
Poll::Ready when the factory is able to create more services. Read moresourcefn make_service(
&mut self,
target: Target
) -> <M as MakeService<Target, Request>>::Future
fn make_service(
&mut self,
target: Target
) -> <M as MakeService<Target, Request>>::Future
Create and return a new service value asynchronously.
sourcefn into_service(self) -> IntoService<Self, Request>where
Self: Sized,
fn into_service(self) -> IntoService<Self, Request>where
Self: Sized,
sourcefn as_service(&mut self) -> AsService<'_, Self, Request>where
Self: Sized,
fn as_service(&mut self) -> AsService<'_, Self, Request>where
Self: Sized,
sourceimpl<T, Request> ServiceExt<Request> for Twhere
T: Service<Request> + ?Sized,
impl<T, Request> ServiceExt<Request> for Twhere
T: Service<Request> + ?Sized,
sourcefn ready(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
fn ready(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
Yields a mutable reference to the service when it is ready to accept a request.
sourcefn ready_and(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
fn ready_and(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
👎Deprecated since 0.4.6: please use the
ServiceExt::ready method insteadYields a mutable reference to the service when it is ready to accept a request.
sourcefn ready_oneshot(self) -> ReadyOneshot<Self, Request>where
Self: Sized,
fn ready_oneshot(self) -> ReadyOneshot<Self, Request>where
Self: Sized,
Yields the service when it is ready to accept a request.
sourcefn oneshot(self, req: Request) -> Oneshot<Self, Request>where
Self: Sized,
fn oneshot(self, req: Request) -> Oneshot<Self, Request>where
Self: Sized,
Consume this
Service, calling with the providing request once it is ready.sourcefn call_all<S>(self, reqs: S) -> CallAll<Self, S>where
Self: Sized,
Self::Error: Into<Box<dyn Error + Sync + Send + 'static, Global>>,
S: Stream<Item = Request>,
fn call_all<S>(self, reqs: S) -> CallAll<Self, S>where
Self: Sized,
Self::Error: Into<Box<dyn Error + Sync + Send + 'static, Global>>,
S: Stream<Item = Request>,
sourcefn and_then<F>(self, f: F) -> AndThen<Self, F>where
Self: Sized,
F: Clone,
fn and_then<F>(self, f: F) -> AndThen<Self, F>where
Self: Sized,
F: Clone,
Executes a new future after this service’s future resolves. This does
not alter the behaviour of the
poll_ready method. Read moresourcefn map_response<F, Response>(self, f: F) -> MapResponse<Self, F>where
Self: Sized,
F: FnOnce(Self::Response) -> Response + Clone,
fn map_response<F, Response>(self, f: F) -> MapResponse<Self, F>where
Self: Sized,
F: FnOnce(Self::Response) -> Response + Clone,
Maps this service’s response value to a different value. This does not
alter the behaviour of the
poll_ready method. Read moresourcefn map_err<F, Error>(self, f: F) -> MapErr<Self, F>where
Self: Sized,
F: FnOnce(Self::Error) -> Error + Clone,
fn map_err<F, Error>(self, f: F) -> MapErr<Self, F>where
Self: Sized,
F: FnOnce(Self::Error) -> Error + Clone,
Maps this service’s error value to a different value. This does not
alter the behaviour of the
poll_ready method. Read moresourcefn map_result<F, Response, Error>(self, f: F) -> MapResult<Self, F>where
Self: Sized,
Error: From<Self::Error>,
F: FnOnce(Result<Self::Response, Self::Error>) -> Result<Response, Error> + Clone,
fn map_result<F, Response, Error>(self, f: F) -> MapResult<Self, F>where
Self: Sized,
Error: From<Self::Error>,
F: FnOnce(Result<Self::Response, Self::Error>) -> Result<Response, Error> + Clone,
Maps this service’s result type (
Result<Self::Response, Self::Error>)
to a different value, regardless of whether the future succeeds or
fails. Read moresourcefn map_request<F, NewRequest>(self, f: F) -> MapRequest<Self, F>where
Self: Sized,
F: FnMut(NewRequest) -> Request,
fn map_request<F, NewRequest>(self, f: F) -> MapRequest<Self, F>where
Self: Sized,
F: FnMut(NewRequest) -> Request,
Composes a function in front of the service. Read more
sourcefn then<F, Response, Error, Fut>(self, f: F) -> Then<Self, F>where
Self: Sized,
Error: From<Self::Error>,
F: FnOnce(Result<Self::Response, Self::Error>) -> Fut + Clone,
Fut: Future<Output = Result<Response, Error>>,
fn then<F, Response, Error, Fut>(self, f: F) -> Then<Self, F>where
Self: Sized,
Error: From<Self::Error>,
F: FnOnce(Result<Self::Response, Self::Error>) -> Fut + Clone,
Fut: Future<Output = Result<Response, Error>>,
Composes an asynchronous function after this service. Read more
sourcefn map_future<F, Fut, Response, Error>(self, f: F) -> MapFuture<Self, F>where
Self: Sized,
F: FnMut(Self::Future) -> Fut,
Error: From<Self::Error>,
Fut: Future<Output = Result<Response, Error>>,
fn map_future<F, Fut, Response, Error>(self, f: F) -> MapFuture<Self, F>where
Self: Sized,
F: FnMut(Self::Future) -> Fut,
Error: From<Self::Error>,
Fut: Future<Output = Result<Response, Error>>,
Composes a function that transforms futures produced by the service. Read more