nidus-http 1.0.3

Axum and Tower HTTP integration, controllers, middleware, health, metrics, and server defaults for Nidus.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

//! Tower middleware helpers.

use std::{borrow::Cow, time::Duration};

use http::{HeaderValue, Method, Request};
use tower::{limit::RateLimitLayer as TowerRateLimitLayer, timeout::TimeoutLayer};
use tower_http::compression::CompressionLayer;
use tower_http::cors::{Any, CorsLayer};
use tower_http::trace::{HttpMakeClassifier, MakeSpan, TraceLayer};
use tracing::{Level, Span};

mod api_defaults;
mod catch_panic;
mod metrics;
mod rate_limit;
mod request_context;
mod request_id;
mod request_scope;
mod security;

pub use crate::context::{
    ClientKind, IdentityExtractor, RequestContext, RequestIdentity, api_key_identity,
    client_ip_identity, context_identity, trusted_proxy_client_ip_identity,
};
pub use api_defaults::ApiDefaults;
pub use catch_panic::{CatchPanicLayer, CatchPanicService, catch_panic_layer};
pub use metrics::{
    HttpMetricsHook, MetricsLayer, MetricsService, PrometheusMetrics, metrics_layer,
    route_metrics_layer,
};
pub use rate_limit::{
    InMemoryRateLimitStore, RateLimitConfig, RateLimitDecision, RateLimitError, RateLimitLayer,
    RateLimitService, RateLimitStore,
};
pub use request_context::{RequestContextLayer, RequestContextService, request_context_layer};
pub use request_id::{
    RequestIdConfig, RequestIdLayer, RequestIdMode, RequestIdPolicy, RequestIdService,
    ValidatedRequestIdLayer, ValidatedRequestIdService, validated_request_id_layer,
};
pub use request_scope::{RequestScopeLayer, RequestScopeService, request_scope_layer};
pub use security::{
    BodyLimitLayer, BodyLimitService, SecurityHeadersLayer, SecurityHeadersService,
    TimeoutResponseLayer, TimeoutResponseService, body_limit_layer, security_headers_layer,
    streaming_body_limit_layer, timeout_response_layer, webhook_body_limit_layer,
};

/// Creates a Tower timeout layer.
pub fn timeout_layer(timeout: Duration) -> TimeoutLayer {
    TimeoutLayer::new(timeout)
}

/// Creates a Tower rate limit layer.
pub fn rate_limit_layer(num: u64, per: Duration) -> TowerRateLimitLayer {
    TowerRateLimitLayer::new(num, per)
}

/// Creates the legacy response-only request-id layer.
///
/// This helper mirrors any inbound `x-request-id` to the response or generates
/// a `nidus-<timestamp>` value when absent. It does not validate IDs or insert
/// [`RequestContext`]. Use [`validated_request_id_layer`] for production UUID
/// v4 request IDs and request context population.
pub fn request_id_layer() -> RequestIdLayer {
    RequestIdLayer
}

/// Creates a permissive CORS layer for API development and examples.
pub fn cors_layer() -> CorsLayer {
    CorsLayer::new()
        .allow_origin(Any)
        .allow_methods([
            Method::GET,
            Method::POST,
            Method::PUT,
            Method::PATCH,
            Method::DELETE,
            Method::OPTIONS,
        ])
        .allow_headers(Any)
}

/// Creates a CORS layer for a single explicit API origin.
pub fn cors_origin_layer(origin: HeaderValue) -> CorsLayer {
    CorsLayer::new()
        .allow_origin(origin)
        .allow_methods([
            Method::GET,
            Method::POST,
            Method::PUT,
            Method::PATCH,
            Method::DELETE,
            Method::OPTIONS,
        ])
        .allow_headers(Any)
}

/// Creates a gzip response compression layer.
pub fn compression_layer() -> CompressionLayer {
    CompressionLayer::new()
}

/// Creates an HTTP tracing layer for requests and responses.
pub fn trace_layer() -> TraceLayer<HttpMakeClassifier> {
    TraceLayer::new_for_http()
}

/// Creates an HTTP tracing layer that records a stable route label.
pub fn route_trace_layer(
    route: impl Into<Cow<'static, str>>,
) -> TraceLayer<HttpMakeClassifier, RouteMakeSpan> {
    TraceLayer::new_for_http().make_span_with(RouteMakeSpan::new(route))
}

/// Span maker that records request method, URI, and a stable route label.
#[derive(Clone, Debug)]
pub struct RouteMakeSpan {
    route: Cow<'static, str>,
}

impl RouteMakeSpan {
    /// Creates a route-labelled span maker.
    pub fn new(route: impl Into<Cow<'static, str>>) -> Self {
        Self {
            route: route.into(),
        }
    }
}

impl<B> MakeSpan<B> for RouteMakeSpan {
    fn make_span(&mut self, request: &Request<B>) -> Span {
        tracing::span!(
            Level::DEBUG,
            "request",
            method = %request.method(),
            uri = %request.uri(),
            route = %self.route,
        )
    }
}