Skip to main content

IDynamicAuthorizer

Trait IDynamicAuthorizer 

Source
pub trait IDynamicAuthorizer: Send + Sync {
    // Required method
    fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>(
        &'life0 self,
        claims: &'life1 dyn IClaims,
        route_pattern: &'life2 str,
        method: &'life3 str,
    ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + 'async_trait>>
       where 'life0: 'async_trait,
             'life1: 'async_trait,
             'life2: 'async_trait,
             'life3: 'async_trait,
             Self: 'async_trait;
}
Expand description

Dynamic authorizer interface — pluggable authorization for protected routes.

Implement this trait and register it in the DI container:

svc.singleton::<dyn IDynamicAuthorizer>(|_| Arc::new(MyAuthorizer::default()))

The framework automatically detects registered IDynamicAuthorizer implementations and invokes them on every route that has #[authorize]. If no implementations are registered, authorization is pass-through (no dynamic checks).

§Method

  • authorize — receives the user’s claims, matched route pattern, and HTTP method. Returns Ok(()) if allowed, or Err with details if denied.

Required Methods§

Source

fn authorize<'life0, 'life1, 'life2, 'life3, 'async_trait>( &'life0 self, claims: &'life1 dyn IClaims, route_pattern: &'life2 str, method: &'life3 str, ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + 'async_trait>>
where 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait, 'life3: 'async_trait, Self: 'async_trait,

Validate whether the authenticated user can access the resource.

Dyn Compatibility§

This trait is dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§