Expand description
§Rocket Authentication Guard
Because the sessions
module of this crate is already able to verify access tokens,
it was not much more work to turn this into a Rocket 0.4+ Guard.
The implemented Guard (enabled by the feature “rocket_support”) allows access to http paths if the provided http “Authorization” header contains a valid “Bearer” token. The above mentioned validations on the token are performed.
Example:
use firestore_db_and_auth::{Credentials, rocket::FirestoreAuthSessionGuard};
use rocket::get;
fn main() {
use rocket::routes;
let credentials = Credentials::from_file("firebase-service-account.json").unwrap();
rocket::build().ignite().manage(credentials).mount("/", routes![hello, hello_not_logged_in]).launch();
}
/// And an example route could be:
#[get("/hello")]
fn hello<'r>(auth: FirestoreAuthSessionGuard) -> String {
// ApiKey is a single value tuple with a sessions::user::Session object inside
format!("you are logged in. user_id: {}", auth.0.user_id)
}
#[get("/hello")]
fn hello_not_logged_in<'r>() -> &'r str {
"you are not logged in"
}
Structs§
- Firestore
Auth Session Guard - Use this Rocket guard to secure a route for authenticated users only. Will return the associated session, that contains the used access token for further use and access to the Firestore database.