Enum axum_csrf_sync_pattern::RegenerateToken

source · 
pub enum RegenerateToken {
    PerSession,
    PerUse,
    PerRequest,
}
Expand description

This enum is used with CsrfLayer::regenerate to determine at which occurences the CSRF token should be regenerated.

You could understand these options as modes to choose a level of paranoia, depending on your application’s requirements.

This paranoia level is a trade-off between ergonomics and security; as more frequent token invalidation requires more overhead for handling and renewing tokens on the client side, as well as retrying requests with a fresh token, should they fail.

Variants§

§

PerSession

Generate one CSRF token per session and use this token until the session ends.

This is the default behavior and should work for most applications.

§

PerUse

Regenerate the CSRF token after each use. A “use” describes an unsafe HTTP method (POST, PUT, PATCH, DELETE).

CSRF tokens are not required for, and thus not invalidated by handling requests using safe HTTP methods (HEAD, GET, OPTIONS, TRACE, CONNECT).

§

PerRequest

Regenerate the CSRF token at each request, including safe HTTP methods (HEAD, GET, OPTIONS, TRACE, CONNECT).

This behavior might require elaborate token handling on the client side, as any concurrent requests mean race conditions from the client’s perspective, and each request’s response yields a new token to be used on the consecutive request.

Trait Implementations§

source§

impl Clone for RegenerateToken

source§

fn clone(&self) -> RegenerateToken

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for RegenerateToken

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for RegenerateToken

source§

fn default() -> RegenerateToken

Returns the “default value” for a type. Read more
source§

impl PartialEq<RegenerateToken> for RegenerateToken

source§

fn eq(&self, other: &RegenerateToken) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Copy for RegenerateToken

source§

impl Eq for RegenerateToken

source§

impl StructuralEq for RegenerateToken

source§

impl StructuralPartialEq for RegenerateToken

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> FromRef<T> for Twhere T: Clone,

source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more