Expand description
Identity-in-context authentication.
authenticate is an additive middleware: it attaches an Identity
to the request context when a valid Authorization: Bearer token is
provided, and does nothing otherwise. Handlers enforce their own
requirement with require_auth / require_admin.
The built-in token mapping (dev-admin / dev-user) is for development
only. As a safety guard, authenticate refuses to recognize any dev
token when the RUSTIO_ENV environment variable is set to "production"
(or "prod"). In that mode the middleware is a no-op and admin routes
will return 401 — the correct fix is to register your own auth
middleware that populates Identity.
Structs§
Functions§
- authenticate
- bearer_
token - identity
- in_
production truewhenRUSTIO_ENVindicates a production deployment.- require_
admin - require_
auth