actix-jwt-auth-middleware
This crate builds upon the jwt-compact
crate
to provide a jwt authentication middleware for the actix-web
framework.
The jwt implementation supports the revocation for tokens via access
and refresh
tokens.
It provides multiple cryptographic signing and verifying algorithms such as HS256
, HS384
, HS512
, EdDSA
and ES256
.
For more infos on that mater please refer to the Supported algorithms
section of the jwt-compact
crate.
Features
- easy use of custom jwt claims
- automatic extraction of the custom claims
- extraction of tokens from
query
parameters,HTTP
headers,Authorization
header andcookies
- verify only mode (
public key
only) - automatic renewal of
access
token (very customizable) - easy way to set expiration time of
access
andrefresh
tokens - simple
UseJWT
trait for protecting aApp
orScope
(Resource
is currently experimental #91611) - refresh authorizer function that has access to application state
Automatic Extraction of Claims
This crate tightly integrates into the actix-web ecosystem, this makes it easy to Automatic extract the jwt claims from a valid token.
async
For this your custom claim type has to implement the FromRequest
trait
or it has to be annotated with the #[derive(actix-jwt-auth-middleware::FromRequest)]
macro which implements this trait for your type.
Simple Example
async
async
async
For more examples please referee to the examples
directory.
License: MIT