Skip to main content

Auth

cufflink_fn

Struct Auth 

Source 
pub struct Auth {
    pub sub: String,
    pub preferred_username: Option<String>,
    pub name: Option<String>,
    pub email: Option<String>,
    pub realm_roles: Vec<String>,
    pub claims: HashMap<String, Value>,
}
Expand description

Authenticated user context, validated by the Cufflink platform.

The platform validates the JWT token (via Keycloak) and extracts claims before passing them to your handler. You never need to validate tokens yourself — the auth field is only present when the token is valid.

handler!(protected, |req: Request| {
    let auth = match req.require_auth() {
        Ok(auth) => auth,
        Err(resp) => return resp,
    };
    if !auth.has_role("admin") {
        return Response::error("Forbidden");
    }
    Response::json(&json!({"user": auth.sub}))
});

Fields§

§sub: String

Keycloak subject ID (unique user identifier).

§preferred_username: Option<String>

Preferred username from Keycloak.

§name: Option<String>

Display name.

§email: Option<String>

Email address.

§realm_roles: Vec<String>

Realm roles assigned to the user in Keycloak.

§claims: HashMap<String, Value>

All other JWT claims (custom Keycloak mappers, resource_access, etc.).

Implementations§

Source§

impl Auth

Source

pub fn has_role(&self, role: &str) -> bool

Check if the user has a specific realm role.

Source

pub fn claim(&self, key: &str) -> Option<&Value>

Get a specific claim value by key.

Trait Implementations§

Source§

impl Clone for Auth

Source§

fn clone(&self) -> Auth

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Auth

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl Freeze for Auth

§

impl RefUnwindSafe for Auth

§

impl Send for Auth

§

impl Sync for Auth

§

impl Unpin for Auth

§

impl UnsafeUnpin for Auth

§

impl UnwindSafe for Auth

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.