Enum axum_csrf_sync_pattern::RegenerateToken

source · 
pub enum RegenerateToken {
    PerSession,
    PerUse,
    PerRequest,
}
Expand description

This enum is used with CsrfLayer::regenerate to determine at which occurences the CSRF token should be regenerated.

You could understand these options as modes to choose a level of paranoia, depending on your application’s requirements.

This paranoia level is a trade-off between ergonomics and security; as more frequent token invalidation requires more overhead for handling and renewing tokens on the client side, as well as retrying requests with a fresh token, should they fail.

Variants§

§

PerSession

Generate one CSRF token per session and use this token until the session ends.

This is the default behavior and should work for most applications.

§

PerUse

Regenerate the CSRF token after each use. A “use” describes an unsafe HTTP method (POST, PUT, PATCH, DELETE).

CSRF tokens are not required for, and thus not invalidated by handling requests using safe HTTP methods (HEAD, GET, OPTIONS, TRACE, CONNECT).

§

PerRequest

Regenerate the CSRF token at each request, including safe HTTP methods (HEAD, GET, OPTIONS, TRACE, CONNECT).

This behavior might require elaborate token handling on the client side, as any concurrent requests mean race conditions from the client’s perspective, and each request’s response yields a new token to be used on the consecutive request.

Trait Implementations§

Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Formats the value using the given formatter. Read more
Returns the “default value” for a type. Read more
This method tests for self and other values to be equal, and is used by ==. Read more
This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason. Read more

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Converts to this type from a reference to the input type.
Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more