Expand description

An experimental middleware for jwt-based login for nickel.

When the SessionMiddleware is invoked, it checks if there is a “jwt” cookie or Authorization: Bearer header, depending on configuration. If it finds a valid, properly signed jwt token, data from the token is added to the request.

Basic usage supports setting and clearing a username with the set_jwt_user() and clear_jwt() methods on SessionResponseExtensions, and accessing an authorized user’s username through the SessionRequestExtensions method authorized_user().

If, instead of a username, you would like to store arbitrary data in the jwt claims payload, use the set_jwt_custom_claims() and clear_jwt() methods on SessionResponseExtensions, and access the data on a valid token using the SessionRequestExtensions method valid_custom_claims().

Working usage examples exist in [the examples directory] (https://github.com/kaj/nickel-jwt-session/tree/master/examples).

Structs

The middleware itself.

Enums

Places the token could be located.

Traits

Extension trait for the request.

Extension trait for the response.