actix-web-grants
Extension for
actix-web
to validate user permissions.
To check user access to specific services, you can use built-in proc-macro
, PermissionGuard
or manual.
The library can also be integrated with third-party solutions (like actix-web-httpauth
).
Example of proc-macro
way protection
use ;
async
Example of Guard
way protection
use ;
new
.wrap
.service
.service
Since Guard
is intended only for routing, if the user doesn't have permissions, it returns a 404
HTTP code. But you can override the behavior like this:
use ;
use header;
new
.wrap
.service.service
When Guard
lets you in the Scope
(meaning you have "ROLE_ADMIN_ACCESS"
), the redirect will be unreachable for you. Even if you will request /admin/some_undefined_page
.
Note: regex
is a Path
variable containing passed link.
Example of manual way protection
use ;
async
You can find more examples
in the git repository folder and documentation
.