Expand description
A very simple API Authorization module for Rocket web applications
§Overview
This module provides a simple token-based authorization system for Rocket web applications. It supports both enabled and disabled states, and validates Bearer tokens against a predefined set.
§Usage Example
use rocket;
use rocket_apitoken::{ApiToken, Authorized};
#[post("/<method>?<json>", data = "<data>")]
async fn protected_endpoint(_auth: Authorized, /* other params */) {
// If this executes, the request was authorized
// ...
}
#[launch]
fn rocket() -> _ {
let tokens = vec!["secret-token".to_string()];
rocket::build()
.manage(ApiToken::new(tokens, true))
.mount("/api", routes![protected_endpoint])
}§Configuration
- Create an
ApiTokeninstance with a list of valid tokens and enabled state - Add it to Rocket’s state using
.manage() - Use the
Authorizedguard in your route handlers
When enabled, requests must include a valid token in the Authorization header. When disabled, all requests are authorized automatically.
Structs§
- ApiToken
- Configuration for API token authorization
- Authorized
- Request guard that ensures requests are authorized