#[secured]Expand description
§🔐 Secured Macro
The Secured macro protects actix-web endpoints by attaching an authentication middleware.
When applied to an endpoint, it validates:
- JWT presence in the request.
- JWT signature.
- JWT expiration time (
expclaim). - JWT issuer (
issclaim). - Required roles from the
authorizeexpression.
§Attribute Reference
Macro usage format:
#[secured(method = "...", path = "...", authorize = "...")]§method
Defines the HTTP method used to map the endpoint in Actix-Web.
Supported values:
getpostputdeleteheadconnectoptionstracepatch
§path
Defines the endpoint path to be registered by Actix-Web.
Example:
path = "/v1/user/{id}"
§authorize
Defines the required role rule that must be satisfied by roles present in the JWT.
Supported formats:
Single role: validates one role in the token.
authorize = "ROLE_ADMIN"
hasAnyRole: validates that at least one role in the list exists in the token.
authorize = "hasAnyRole(ROLE_ADMIN, ROLE_USER)"
hasAllRoles: validates that all roles in the list exist in the token.
authorize = "hasAllRoles(ROLE_ADMIN, ROLE_USER)"
§Examples
§Single role:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(method = "post", path = "/v1/user", authorize = "ROLE_ADMIN")]
pub async fn create_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}§Any role:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(
method = "get",
path = "/v1/user/{id}",
authorize = "hasAnyRole(ROLE_ADMIN, ROLE_USER)"
)]
pub async fn get_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}§All roles:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(
method = "delete",
path = "/v1/user/{id}",
authorize = "hasAllRoles(ROLE_ADMIN, ROLE_AUDITOR)"
)]
pub async fn delete_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}§🔐 Secured Macro
The Secured macro protects actix-web endpoints by attaching an authentication middleware.
When applied to an endpoint, it validates:
- JWT presence in the request.
- JWT signature.
- JWT expiration time (
expclaim). - JWT issuer (
issclaim). - Required roles from the
authorizeexpression.
§Attribute Reference
Macro usage format:
#[secured(method = "...", path = "...", authorize = "...")]§method
Defines the HTTP method used to map the endpoint in Actix-Web.
Supported values:
getpostputdeleteheadconnectoptionstracepatch
§path
Defines the endpoint path to be registered by Actix-Web.
Example:
path = "/v1/user/{id}"
§authorize
Defines the required role rule that must be satisfied by roles present in the JWT.
Supported formats:
Single role: validates one role in the token.
authorize = "ROLE_ADMIN"
hasAnyRole: validates that at least one role in the list exists in the token.
authorize = "hasAnyRole(ROLE_ADMIN, ROLE_USER)"
hasAllRoles: validates that all roles in the list exist in the token.
authorize = "hasAllRoles(ROLE_ADMIN, ROLE_USER)"
§Examples
§Single role:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(method = "post", path = "/v1/user", authorize = "ROLE_ADMIN")]
pub async fn create_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}§Any role:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(
method = "get",
path = "/v1/user/{id}",
authorize = "hasAnyRole(ROLE_ADMIN, ROLE_USER)"
)]
pub async fn get_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}§All roles:
use rust_microservice::secured;
use actix_web::{HttpResponse, delete, get, http::StatusCode, post, put, web};
#[secured(
method = "delete",
path = "/v1/user/{id}",
authorize = "hasAllRoles(ROLE_ADMIN, ROLE_AUDITOR)"
)]
pub async fn delete_user_endpoint() -> HttpResponse {
// handler body
HttpResponse::Ok().finish()
}