pub struct JWTMiddleware<T> { /* fields omitted */ }
This middleware verifies that JSON Web Token
credentials, provided via the HTTP Authorization
header, are extracted, parsed, and validated
according to best practices before passing control
to middleware beneath this middleware for a given
mount point.
Requests that lack the Authorization
header are
returned with the Status Code 400: Bad Request
.
Tokens that fail validation cause the middleware
to return Status Code 401: Unauthorized
.
Example:
extern crate futures;
extern crate gotham;
extern crate gotham_middleware_jwt;
extern crate hyper;
extern crate serde;
#[macro_use]
extern crate serde_derive;
use futures::future;
use gotham::{
helpers::http::response::create_empty_response,
handler::HandlerFuture,
pipeline::{
new_pipeline,
set::{finalize_pipeline_set, new_pipeline_set},
},
router::{builder::*, Router},
state::{State, FromState},
};
use gotham_middleware_jwt::{JWTMiddleware, AuthorizationToken};
use hyper::{Response, StatusCode};
#[derive(Deserialize, Debug)]
struct Claims {
sub: String,
exp: usize,
}
fn handler(state: State) -> Box<HandlerFuture> {
{
let token = AuthorizationToken::<Claims>::borrow_from(&state);
}
let res = create_empty_response(&state, StatusCode::OK);
Box::new(future::ok((state, res)))
}
fn router() -> Router {
let pipelines = new_pipeline_set();
let (pipelines, defaults) = pipelines.add(
new_pipeline()
.add(JWTMiddleware::<Claims>::new("secret".as_ref()))
.build(),
);
let default_chain = (defaults, ());
let pipeline_set = finalize_pipeline_set(pipelines);
build_router(default_chain, pipeline_set, |route| {
route.get("/").to(handler);
})
}
Creates a JWTMiddleware instance from the provided secret,
which, by default, uses HS256 as the crypto scheme.
Create a new instance of the middleware by appending new
validation constraints.
The type of Middleware
created by the NewMiddleware
.
Create and return a new Middleware
value.
Entry point to the middleware. To pass the request on to the application, the middleware invokes the chain
function with the provided state
. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
🔬 This is a nightly-only experimental API. (get_type_id
)
this method will likely be replaced by an associated static