pub struct CsrfMiddleware<S> { /* private fields */ }
Expand description
This middleware is created by axum by applying the CsrfLayer
.
It verifies the CSRF token header on incoming requests, regenerates tokens as configured,
and attaches the current token to the outgoing response.
In detail, this middleware receives a CSRF token as X-CSRF-TOKEN
(if not custom configured
with a different name) HTTP request header value
and compares it to the token stored in the session.
Upon response from the inner service, the session token is returned to the
client via the X-CSRF-TOKEN
response header.
Make sure to expose this header in your CORS configuration if necessary!
Requires and uses axum_sessions
.
Optionally regenerates the token from the session after successful verification,
to ensure a new token is used for each writing (POST
, PUT
, DELETE
) request.
Enable with RegenerateToken::PerUse
.
For maximum security, but severely reduced ergonomics, optionally regenerates the
token from the session after each request, to keep the token validity as short as
possible. Enable with RegenerateToken::PerRequest
.
Implementations§
Source§impl<S> CsrfMiddleware<S>
impl<S> CsrfMiddleware<S>
Sourcepub fn new(inner: S, layer: CsrfLayer) -> Self
pub fn new(inner: S, layer: CsrfLayer) -> Self
Create a new middleware from an inner tower::Service
(axum-specific bounds, such as Infallible
errors apply!) and a CsrfLayer
.
Commonly, the middleware is created by the tower::Layer
- and never manually.
Sourcepub fn layer() -> CsrfLayer
pub fn layer() -> CsrfLayer
Create a new CSRF synchronizer token layer.
Equivalent to calling CsrfLayer::new()
.
Trait Implementations§
Source§impl<S: Clone> Clone for CsrfMiddleware<S>
impl<S: Clone> Clone for CsrfMiddleware<S>
Source§fn clone(&self) -> CsrfMiddleware<S>
fn clone(&self) -> CsrfMiddleware<S>
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moreSource§impl<S: Debug> Debug for CsrfMiddleware<S>
impl<S: Debug> Debug for CsrfMiddleware<S>
Source§impl<S, B: Send + 'static> Service<Request<B>> for CsrfMiddleware<S>
impl<S, B: Send + 'static> Service<Request<B>> for CsrfMiddleware<S>
Source§type Error = Infallible
type Error = Infallible
Source§type Future = Pin<Box<dyn Future<Output = Result<<CsrfMiddleware<S> as Service<Request<B>>>::Response, <CsrfMiddleware<S> as Service<Request<B>>>::Error>> + Send>>
type Future = Pin<Box<dyn Future<Output = Result<<CsrfMiddleware<S> as Service<Request<B>>>::Response, <CsrfMiddleware<S> as Service<Request<B>>>::Error>> + Send>>
Auto Trait Implementations§
impl<S> Freeze for CsrfMiddleware<S>where
S: Freeze,
impl<S> RefUnwindSafe for CsrfMiddleware<S>where
S: RefUnwindSafe,
impl<S> Send for CsrfMiddleware<S>where
S: Send,
impl<S> Sync for CsrfMiddleware<S>where
S: Sync,
impl<S> Unpin for CsrfMiddleware<S>where
S: Unpin,
impl<S> UnwindSafe for CsrfMiddleware<S>where
S: UnwindSafe,
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<M, S, Target, Request> MakeService<Target, Request> for M
impl<M, S, Target, Request> MakeService<Target, Request> for M
Source§fn poll_ready(
&mut self,
cx: &mut Context<'_>,
) -> Poll<Result<(), <M as MakeService<Target, Request>>::MakeError>>
fn poll_ready( &mut self, cx: &mut Context<'_>, ) -> Poll<Result<(), <M as MakeService<Target, Request>>::MakeError>>
Poll::Ready
when the factory is able to create more services. Read moreSource§fn make_service(
&mut self,
target: Target,
) -> <M as MakeService<Target, Request>>::Future
fn make_service( &mut self, target: Target, ) -> <M as MakeService<Target, Request>>::Future
Source§fn into_service(self) -> IntoService<Self, Request>where
Self: Sized,
fn into_service(self) -> IntoService<Self, Request>where
Self: Sized,
Source§fn as_service(&mut self) -> AsService<'_, Self, Request>where
Self: Sized,
fn as_service(&mut self) -> AsService<'_, Self, Request>where
Self: Sized,
Source§impl<S, R> ServiceExt<R> for Swhere
S: Service<R>,
impl<S, R> ServiceExt<R> for Swhere
S: Service<R>,
Source§fn into_make_service(self) -> IntoMakeService<S>
fn into_make_service(self) -> IntoMakeService<S>
MakeService
, that is a Service
whose
response is another service. Read moreSource§fn into_make_service_with_connect_info<C>(
self,
) -> IntoMakeServiceWithConnectInfo<S, C>
fn into_make_service_with_connect_info<C>( self, ) -> IntoMakeServiceWithConnectInfo<S, C>
MakeService
, that will store C
’s
associated ConnectInfo
in a request extension such that ConnectInfo
can extract it. Read moreSource§impl<T, Request> ServiceExt<Request> for T
impl<T, Request> ServiceExt<Request> for T
Source§fn ready(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
fn ready(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
Source§fn ready_and(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
fn ready_and(&mut self) -> Ready<'_, Self, Request>where
Self: Sized,
ServiceExt::ready
method insteadSource§fn ready_oneshot(self) -> ReadyOneshot<Self, Request>where
Self: Sized,
fn ready_oneshot(self) -> ReadyOneshot<Self, Request>where
Self: Sized,
Source§fn oneshot(self, req: Request) -> Oneshot<Self, Request>where
Self: Sized,
fn oneshot(self, req: Request) -> Oneshot<Self, Request>where
Self: Sized,
Service
, calling with the providing request once it is ready.Source§fn and_then<F>(self, f: F) -> AndThen<Self, F>
fn and_then<F>(self, f: F) -> AndThen<Self, F>
poll_ready
method. Read moreSource§fn map_response<F, Response>(self, f: F) -> MapResponse<Self, F>
fn map_response<F, Response>(self, f: F) -> MapResponse<Self, F>
poll_ready
method. Read moreSource§fn map_err<F, Error>(self, f: F) -> MapErr<Self, F>
fn map_err<F, Error>(self, f: F) -> MapErr<Self, F>
poll_ready
method. Read moreSource§fn map_result<F, Response, Error>(self, f: F) -> MapResult<Self, F>
fn map_result<F, Response, Error>(self, f: F) -> MapResult<Self, F>
Result<Self::Response, Self::Error>
)
to a different value, regardless of whether the future succeeds or
fails. Read more