Skip to main content

Claims

modo::auth::session::jwt

Struct Claims 

Source 
pub struct Claims {
    pub iss: Option<String>,
    pub sub: Option<String>,
    pub aud: Option<String>,
    pub exp: Option<u64>,
    pub nbf: Option<u64>,
    pub iat: Option<u64>,
    pub jti: Option<String>,
}
Expand description

JWT claim payload used by the system auth flow.

Contains the seven registered JWT claims (iss, sub, aud, exp, nbf, iat, jti). All fields are optional — None values are omitted from the serialized token.

Custom auth flows that need extra payload fields should define their own struct and pass it directly to [JwtEncoder::encode<T>] / [JwtDecoder::decode<T>].

§Example

use modo::auth::session::jwt::Claims;

let claims = Claims::new()
    .with_sub("user_123")
    .with_aud("my-app")
    .with_iat_now()
    .with_exp_in(std::time::Duration::from_secs(3600));

Fields§

§iss: Option<String>

Issuer (iss).

§sub: Option<String>

Subject (sub) — typically the user identifier.

§aud: Option<String>

Audience (aud).

§exp: Option<u64>

Expiration time (exp) as a Unix timestamp in seconds.

§nbf: Option<u64>

Not-before time (nbf) as a Unix timestamp in seconds.

§iat: Option<u64>

Issued-at time (iat) as a Unix timestamp in seconds.

§jti: Option<String>

JWT ID (jti) — unique identifier for the token.

Implementations§

Source§

impl Claims

Source

pub fn new() -> Self

Creates a new Claims with all registered fields set to None.

Source

pub fn with_iss(self, iss: impl Into<String>) -> Self

Sets the issuer (iss) claim.

Source

pub fn with_sub(self, sub: impl Into<String>) -> Self

Sets the subject (sub) claim.

Source

pub fn with_aud(self, aud: impl Into<String>) -> Self

Sets the audience (aud) claim.

Source

pub fn with_exp(self, exp: u64) -> Self

Sets the expiration time (exp) as an absolute Unix timestamp in seconds.

Source

pub fn with_exp_in(self, duration: Duration) -> Self

Sets the expiration time (exp) relative to the current time.

Source

pub fn with_nbf(self, nbf: u64) -> Self

Sets the not-before time (nbf) as an absolute Unix timestamp in seconds.

Source

pub fn with_iat_now(self) -> Self

Sets the issued-at time (iat) to the current time.

Source

pub fn with_jti(self, jti: impl Into<String>) -> Self

Sets the JWT ID (jti).

Source

pub fn is_expired(&self) -> bool

Returns true if the token has an exp claim that is in the past. Returns false when exp is absent.

Source

pub fn is_not_yet_valid(&self) -> bool

Returns true if the token has an nbf claim that is in the future. Returns false when nbf is absent.

Source

pub fn subject(&self) -> Option<&str>

Returns the subject claim (sub) as a string slice, if present.

Source

pub fn token_id(&self) -> Option<&str>

Returns the JWT ID (jti) as a string slice, if present.

Source

pub fn issuer(&self) -> Option<&str>

Returns the issuer claim (iss) as a string slice, if present.

Source

pub fn audience(&self) -> Option<&str>

Returns the audience claim (aud) as a string slice, if present.

Trait Implementations§

Source§

impl Clone for Claims

Source§

fn clone(&self) -> Claims

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Claims

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Claims

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for Claims

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl<S: Send + Sync> FromRequestParts<S> for Claims

Extracts Claims from request extensions.

JwtLayer must be applied to the route — the middleware decodes the token and inserts Claims into extensions before the handler is called. Returns 401 Unauthorized when claims are not present in extensions.

Source§

type Rejection = Error

If the extractor fails it’ll use this “rejection” type. A rejection is a kind of error that can be converted into a response.
Source§

async fn from_request_parts( parts: &mut Parts, _state: &S, ) -> Result<Self, Self::Rejection>

Perform the extraction.
Source§

impl<S: Send + Sync> OptionalFromRequestParts<S> for Claims

Optionally extracts Claims from request extensions.

Returns Ok(None) when JwtLayer is not applied or the token is missing/invalid, allowing routes to serve both authenticated and unauthenticated users.

Source§

type Rejection = Error

If the extractor fails, it will use this “rejection” type. Read more
Source§

async fn from_request_parts( parts: &mut Parts, _state: &S, ) -> Result<Option<Self>, Self::Rejection>

Perform the extraction.
Source§

impl Serialize for Claims

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<S, T> FromRequest<S, ViaParts> for T
where S: Send + Sync, T: FromRequestParts<S>,

Source§

type Rejection = <T as FromRequestParts<S>>::Rejection

If the extractor fails it’ll use this “rejection” type. A rejection is a kind of error that can be converted into a response.
Source§

fn from_request( req: Request<Body>, state: &S, ) -> impl Future<Output = Result<T, <T as FromRequest<S, ViaParts>>::Rejection>>

Perform the extraction.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,