CookieTemplate

axum_gate::cookie_template

Struct CookieTemplate 

Source 
pub struct CookieTemplate { /* private fields */ }
Expand description

Builder for secure authentication cookies used by Gate.

Provides secure defaults that are automatically adjusted based on build configuration:

  • Production builds: Secure=true, HttpOnly=true, SameSite=Strict, session cookie
  • Debug builds: Secure=false (for localhost), SameSite=Lax, HttpOnly=true, session cookie

§Security Best Practices

The recommended approach is to start with CookieTemplate::recommended() and customize only what you need:

use axum_gate::cookie_template::CookieTemplate;
use cookie::{time::Duration, SameSite};

// Secure defaults with custom name and expiration
let template = CookieTemplate::recommended()
    .name("auth-token")
    .persistent(Duration::hours(24));

// For OAuth/redirect flows that need cross-site navigation
let oauth_template = CookieTemplate::recommended()
    .name("oauth-state")
    .same_site(SameSite::Lax);  // Allow cross-site for redirects

§Security Features

  • HttpOnly: Prevents JavaScript access to auth cookies (XSS protection)
  • Secure: HTTPS-only in production (MITM protection)
  • SameSite=Strict: Prevents CSRF attacks in production
  • Session cookies: No persistent storage by default (privacy)

§Common Customizations

  • name("my-auth-cookie") - Set custom cookie name
  • persistent(Duration::hours(24)) - Make cookie persist across browser sessions
  • same_site(SameSite::Lax) - Allow cross-site navigation (OAuth flows)
  • domain(".example.com") - Share cookies across subdomains

Convert to cookie::Cookie via CookieTemplate::builder then .build(), or use CookieTemplate::validate_and_build.

Implementations§

Source§

impl CookieTemplate

Source

pub fn recommended() -> Self

Secure recommended defaults.

Source

pub fn name(self, name: impl Into<Cow<'static, str>>) -> Self

Set / override the cookie name.

Keep names short and avoid sensitive info.

Source

pub fn value(self, value: impl Into<Cow<'static, str>>) -> Self

Provide an initial value (normally left empty – the login code will insert the JWT).

Source

pub fn path(self, path: impl Into<Cow<'static, str>>) -> Self

Set the cookie path (default /).

Source

pub fn domain(self, domain: impl Into<Cow<'static, str>>) -> Self

Set the cookie domain. Avoid setting for single‑domain apps to retain host-only semantics (slightly tighter).

Source

pub fn clear_domain(self) -> Self

Unset the previously configured domain (host-only cookie).

Source

pub fn secure(self, flag: bool) -> Self

Explicitly mark the cookie as secure (HTTPS only).

Source

pub fn insecure_dev_only(self) -> Self

Convenience: DISABLE secure flag for local dev ONLY.

In release builds this will panic to prevent accidental insecure deployment. You must call this intentionally; no environment detection is performed here.

Source

pub fn http_only(self, flag: bool) -> Self

Set / unset HttpOnly flag.

Source

pub fn same_site(self, same_site: SameSite) -> Self

Set the SameSite attribute (default Strict).

Consider Lax for some OAuth / cross-site redirect flows. Only use None when you understand the CSRF implications and the need for Secure.

Source

pub fn max_age(self, max_age: Duration) -> Self

Make persistent with a specific Max-Age.

Source

pub fn clear_max_age(self) -> Self

Remove persistence (session cookie again).

Source

pub fn persistent(self, duration: Duration) -> Self

Convenience for setting a persistent cookie lifetime.

Source

pub fn short_lived(self) -> Self

Use a short-lived cookie (e.g. 15 minutes) – explicit for readability.

Source

pub fn validate(&self) -> Result<(), CookieTemplateBuilderError>

Validate the template configuration. Returns Ok(()) if fine.

Source

pub fn builder(&self) -> CookieBuilder<'static>

Convert into the underlying cookie::CookieBuilder<'static>.

Source

pub fn validate_and_build( &self, ) -> Result<Cookie<'static>, CookieTemplateBuilderError>

Validate then build. Returns an error if invalid.

Source

pub fn build_with_name_value(&self, name: &str, value: &str) -> Cookie<'static>

Build a cookie preserving all template attributes, having the name and value.

Source

pub fn build_with_value(&self, value: &str) -> Cookie<'static>

Build a cookie preserving attributes, overriding only the value.

Source

pub fn build_with_name(&self, name: &str) -> Cookie<'static>

Build a cookie preserving attributes, overriding only the name.

Source

pub fn build_removal(&self) -> Cookie<'static>

Build a removal cookie preserving attributes, overriding the name.

Source

pub fn cookie_name_ref(&self) -> &str

Get a reference to the configured cookie name without allocating.

Prefer this on hot paths (e.g., header extraction).

Trait Implementations§

Source§

impl Clone for CookieTemplate

Source§

fn clone(&self) -> CookieTemplate

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CookieTemplate

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for CookieTemplate

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl PartialEq for CookieTemplate

Source§

fn eq(&self, other: &CookieTemplate) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for CookieTemplate

Source§

impl StructuralPartialEq for CookieTemplate

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<G1, G2> Within<G2> for G1
where G2: Contains<G1>,

Source§

fn is_within(&self, b: &G2) -> bool

Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,