Crate nickel_jwt_session [] [src]

An experimental middleware for jwt-based login for nickel.

When the SessionMiddleware is invoked, it checks if there is a "jwt" cookie or Authorization: Bearer header, depending on configuration. If it finds a valid, properly signed jwt token, data from the token is added to the request.

Basic usage supports setting and clearing a username with the set_jwt_user() and clear_jwt() methods on SessionResponseExtensions, and accessing an authorized user's username through the SessionRequestExtensions method authorized_user().

If, instead of a username, you would like to store arbitrary data in the jwt claims payload, use the set_jwt_custom_claims() and clear_jwt() methods on SessionResponseExtensions, and access the data on a valid token using the SessionRequestExtensions method valid_custom_claims().

Working usage examples exist in the examples directory.



The middleware itself.



Places the token could be located.



Extension trait for the request.


Extension trait for the response.