[−][src]Crate actix_web_middleware_cognito
Middleware for actix-web that helps you validate Cognito tokens.
Cognito validator
Before setting up the middleware we have to create a CognitoValidator that will be built by receiving some vari ables from the environment:
- COGNITO_REGION: The region of the Cognito pool.
- COGNITO_POOLID: The Cognito pool id.
- COGNITO_CLIENTID: The client id of your app.
- COGNITO_ENABLED (optional): if not present or 0 no validation will be done.
- COGNITO_VERIFY_ACCESSTOKEN (optional): if not present or 0 idToken will be validated. If present, the accessToken will be validated instead.
Usage
Setting up the middleware:
// builidng the validator in order to be shared between all threads. let cognito_validator = Arc::new(CognitoValidator::create().expect("Error configuring the Cognito validator")); HttpServer::new(move || { // cognito middleware let cognito = Cognito::new(cognito_validator.clone()); // set up the app App::new() .wrap(cognito) .route("/", web::get().to(index)) }) .bind(format!("0.0.0.0:{}", PORT)) .unwrap_or_else(|_| panic!("🔥 Couldn't start the server at port {}", PORT)) .run() .await
Extracting the token from the request
The library provides a CognitoInfo extractor for you to get information about the Cognito token. If the token is invalid or you disable the middleware (by omitting the COGNITO_ENABLED environment variable) you will always get a disabled CognitoInfo, i.e. a CognitoInfo with no token.
async fn index(auth: CognitoInfo) -> impl Responder { let msg = format!( "User with id {} made this call with token {}", auth.user.unwrap(), auth.token.unwrap() ); HttpResponse::Ok().body(msg) }
Structs
| Cognito | Middleware to use in your Actix-web services |
| CognitoInfo | This extractor will only work if you have enabled the Cognito middleware. It will provide information about the token and the user id |
| CognitoValidator | Helper to validate the Cognito token. It relies on environment variables and will check the token against Amazon servers. |