pub struct AuthState { /* private fields */ }Expand description
Helper struct to store authentication state in request extensions.
This struct is used by authentication middleware to communicate the authenticated user’s information to downstream handlers.
The struct contains a private field to prevent external construction via struct literal syntax. Use the provided constructors instead.
§Security Note
If this state is serialized and sent to client-side code (e.g., in
a WASM SPA), the permission checks (is_authenticated(),
is_admin(), is_active()) should only be used for UI display
purposes (showing/hiding elements). An attacker can modify
client-side state, so all authorization decisions must be enforced
server-side through authentication middleware and permission
classes (see reinhardt-auth).
§Example
// In middleware (after authentication)
request.extensions.insert(AuthState::authenticated("123", false, true));
// In handler (via CurrentUser or directly)
let auth_state: Option<AuthState> = request.extensions.get();Implementations§
Source§impl AuthState
impl AuthState
Sourcepub fn authenticated(
user_id: impl Into<String>,
is_admin: bool,
is_active: bool,
) -> Self
pub fn authenticated( user_id: impl Into<String>, is_admin: bool, is_active: bool, ) -> Self
Creates a new authenticated state.
§Arguments
user_id- The authenticated user’s IDis_admin- Whether the user has admin privilegesis_active- Whether the user’s account is active
Sourcepub fn from_extensions(extensions: &Extensions) -> Option<Self>
pub fn from_extensions(extensions: &Extensions) -> Option<Self>
Create auth state from request extensions.
This method first attempts to retrieve an AuthState object that was
inserted directly into extensions (e.g., by custom middleware). If no
AuthState object is found, it falls back to reconstructing one from
individual newtype-wrapped entries (IsAuthenticated, IsAdmin,
IsActive) stored in extensions by legacy middleware.
§Returns
Returns Some(AuthState) if an AuthState object is found or if both
user_id and IsAuthenticated individual entries exist, None otherwise.
Sourcepub fn is_authenticated(&self) -> bool
pub fn is_authenticated(&self) -> bool
Check if the user is authenticated.
Sourcepub fn is_anonymous(&self) -> bool
pub fn is_anonymous(&self) -> bool
Check if user is anonymous (not authenticated).
Trait Implementations§
impl Eq for AuthState
impl StructuralPartialEq for AuthState
Auto Trait Implementations§
impl Freeze for AuthState
impl RefUnwindSafe for AuthState
impl Send for AuthState
impl Sync for AuthState
impl Unpin for AuthState
impl UnsafeUnpin for AuthState
impl UnwindSafe for AuthState
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key and return true if they are equal.