Skip to main content

better_auth_core/middleware/
mod.rs

1pub mod body_limit;
2pub mod cors;
3pub mod csrf;
4pub mod rate_limit;
5
6use crate::error::AuthResult;
7use crate::types::{AuthRequest, AuthResponse};
8use async_trait::async_trait;
9
10/// Middleware trait for request/response processing.
11///
12/// Middleware runs before plugin dispatch (`before_request`) and after
13/// a response has been produced (`after_request`).
14#[async_trait]
15pub trait Middleware: Send + Sync {
16    /// Human-readable name for logging / debugging.
17    fn name(&self) -> &'static str;
18
19    /// Called before the request is dispatched to plugins.
20    ///
21    /// Return `Ok(Some(response))` to short-circuit (e.g. block the request).
22    /// Return `Ok(None)` to continue processing.
23    async fn before_request(&self, req: &AuthRequest) -> AuthResult<Option<AuthResponse>>;
24
25    /// Called after a response has been produced.
26    ///
27    /// Allows the middleware to mutate the response (e.g. add CORS headers).
28    /// The default implementation is a no-op pass-through.
29    async fn after_request(
30        &self,
31        _req: &AuthRequest,
32        response: AuthResponse,
33    ) -> AuthResult<AuthResponse> {
34        Ok(response)
35    }
36}
37
38/// Run a middleware chain on a request.
39///
40/// Returns `Ok(Some(response))` if any middleware short-circuits, otherwise `Ok(None)`.
41pub async fn run_before(
42    middlewares: &[Box<dyn Middleware>],
43    req: &AuthRequest,
44) -> AuthResult<Option<AuthResponse>> {
45    for mw in middlewares {
46        if let Some(response) = mw.before_request(req).await? {
47            return Ok(Some(response));
48        }
49    }
50    Ok(None)
51}
52
53/// Run the after-request middleware chain, applying each middleware in reverse order.
54pub async fn run_after(
55    middlewares: &[Box<dyn Middleware>],
56    req: &AuthRequest,
57    mut response: AuthResponse,
58) -> AuthResult<AuthResponse> {
59    for mw in middlewares.iter().rev() {
60        response = mw.after_request(req, response).await?;
61    }
62    Ok(response)
63}
64
65pub use body_limit::{BodyLimitConfig, BodyLimitMiddleware};
66pub use cors::{CorsConfig, CorsMiddleware};
67pub use csrf::{CsrfConfig, CsrfMiddleware};
68pub use rate_limit::{EndpointRateLimit, RateLimitConfig, RateLimitMiddleware};