Skip to main content

CsrfConfig

rune_axum_stack

Struct CsrfConfig 

Source 
pub struct CsrfConfig { /* private fields */ }
Expand description

Configuration for the CSRF protection middleware.

Build with CsrfConfig::new() and chain methods to customize the cookie name, header name, token length, rejection status, cookie path, or Secure flag. Then pass to CsrfLayer::new().

§Examples

use http::StatusCode;
use rune_axum_csrf::CsrfConfig;

let config = CsrfConfig::new()
    .cookie_name("my_csrf")
    .token_bytes(64)
    .status(StatusCode::FORBIDDEN);

Implementations§

Source§

impl CsrfConfig

Source

pub fn new() -> CsrfConfig

Creates a CsrfConfig with defaults: 32-byte token, csrf_token cookie, x-csrf-token header, 403 Forbidden rejection, Path=/.

Source

pub fn cookie_name(self, name: impl Into<String>) -> CsrfConfig

Sets the cookie name used to store the CSRF token.

Defaults to csrf_token.

Source

pub fn header_name(self, name: HeaderName) -> CsrfConfig

Sets the request header name the client must use to echo the token.

Defaults to x-csrf-token.

Source

pub fn token_bytes(self, bytes: usize) -> CsrfConfig

Sets the number of random bytes used to generate the token.

The token is hex-encoded, so the resulting string is twice as long. Defaults to 32 (a 64-character hex string).

Source

pub fn status(self, status: StatusCode) -> CsrfConfig

Sets the HTTP status code returned when CSRF validation fails.

Defaults to 403 Forbidden.

Source

pub fn cookie_path(self, path: impl Into<String>) -> CsrfConfig

Sets the Path attribute on the CSRF cookie.

Defaults to /.

Source

pub fn secure(self, secure: bool) -> CsrfConfig

Adds the Secure attribute to the CSRF cookie, restricting it to HTTPS connections.

Defaults to false. Set to true in production when serving exclusively over HTTPS.

Trait Implementations§

Source§

impl Clone for CsrfConfig

Source§

fn clone(&self) -> CsrfConfig

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for CsrfConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl Default for CsrfConfig

Source§

fn default() -> CsrfConfig

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> FromRef<T> for T
where T: Clone,

Source§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,