Expand description
Actix-web middleware for ed25519 signature validation of incoming requests.
Provides a middleware that can be used to validate the signature of incoming requests. Offering these features:
- Signature validation via public key
- Customizable header names for signature and timestamp
- Authentication status is available in the request extensions.
- Optional automatic rejection of invalid requests
Example
use actix_middleware_ed25519_authentication::AuthenticatorBuilder;
use actix_web::{web, App, HttpResponse, HttpServer};
HttpServer::new(move || {
App::new()
.wrap(
AuthenticatorBuilder::new()
.public_key(&public_key)
.signature_header("X-Signature-Ed25519")
.timestamp_header("X-Signature-Timestamp")
.reject()
.build()
)
.route("/", web::post().to(HttpResponse::Ok))
})
.bind(("127.0.0.1", 3000))?
.run()
.awaitStructs
AuthenticationInfo is a struct that holds information about the authentication of a request. This struct is added to the request extensions.
AuthenticatorBuilder is a builder struct that holds the public key, signature header, timestamp header,
and a boolean value that indicates whether or not to reject requests.Ed25519Authenticator is a middleware factory that generates
Ed25519AuthenticatorMiddleware,
which verifies the signature of incoming request.
It is created through the AuthenticatorBuilder and consumed by actix-web’s wrap function.Ed25519AuthenticatorMiddleware is a middleware that verifies the signature of incoming request.
It is generated by the
Ed25519Authenticator middleware factory and not intended to be used directly.MiddlewareData is a struct that holds the public key, signature header name, timestamp header name, and a boolean value that indicates whether or not to reject requests.
When used with the
authenticate_request function, the rejection boolean is ignored.Functions
authenticate_request is a function that verifies the signature of an incoming request.
Intended to allow for manual handling of authentication, or for use with other middleware.