spring_sa_token/
config.rs

1//! Sa-Token configuration module
2//!
3//! This module defines the configuration for spring-sa-token plugin.
4
5use serde::{Deserialize, Serialize};
6use spring::config::Configurable;
7use schemars::JsonSchema;
8// Re-export CoreConfig from upstream
9pub use sa_token_core::config::SaTokenConfig as CoreConfig;
10
11spring::submit_config_schema!("sa-token", SaTokenConfig);
12
13/// Token style for spring-sa-token
14///
15/// This is a local wrapper around the upstream TokenStyle to support JsonSchema
16#[derive(Debug, Clone, Copy, Serialize, Deserialize, JsonSchema)]
17#[serde(rename_all = "PascalCase")]
18pub enum TokenStyle {
19    /// UUID style
20    Uuid,
21    /// Simple UUID (without hyphens)
22    SimpleUuid,
23    /// 32-character random string
24    Random32,
25    /// 64-character random string
26    Random64,
27    /// 128-character random string
28    Random128,
29    /// JWT style (JSON Web Token)
30    Jwt,
31    /// Hash style (SHA256 hash)
32    Hash,
33    /// Timestamp style (millisecond timestamp + random)
34    Timestamp,
35    /// Tik style (short 8-character token)
36    Tik,
37}
38
39impl From<TokenStyle> for sa_token_core::config::TokenStyle {
40    fn from(style: TokenStyle) -> Self {
41        match style {
42            TokenStyle::Uuid => sa_token_core::config::TokenStyle::Uuid,
43            TokenStyle::SimpleUuid => sa_token_core::config::TokenStyle::SimpleUuid,
44            TokenStyle::Random32 => sa_token_core::config::TokenStyle::Random32,
45            TokenStyle::Random64 => sa_token_core::config::TokenStyle::Random64,
46            TokenStyle::Random128 => sa_token_core::config::TokenStyle::Random128,
47            TokenStyle::Jwt => sa_token_core::config::TokenStyle::Jwt,
48            TokenStyle::Hash => sa_token_core::config::TokenStyle::Hash,
49            TokenStyle::Timestamp => sa_token_core::config::TokenStyle::Timestamp,
50            TokenStyle::Tik => sa_token_core::config::TokenStyle::Tik,
51        }
52    }
53}
54
55/// Sa-Token configuration for spring-rs
56///
57/// Most fields have sensible defaults.
58///
59/// # Example
60///
61/// ```toml
62/// [sa-token]
63/// token_name = "Authorization"
64/// timeout = 86400
65/// auto_renew = true
66/// ```
67#[derive(Debug, Configurable, Clone, Deserialize, JsonSchema)]
68#[config_prefix = "sa-token"]
69pub struct SaTokenConfig {
70    /// Token name (key in header or cookie)
71    /// Default: "Authorization"
72    #[serde(default = "default_token_name")]
73    pub token_name: String,
74
75    /// Token timeout in seconds, -1 means permanent
76    /// Default: 2592000 (30 days)
77    #[serde(default = "default_timeout")]
78    pub timeout: i64,
79
80    /// Token active timeout in seconds, -1 means no limit
81    /// Default: -1
82    #[serde(default = "default_active_timeout")]
83    pub active_timeout: i64,
84
85    /// Enable auto renew
86    /// Default: false
87    #[serde(default)]
88    pub auto_renew: bool,
89
90    /// Allow concurrent login for same account
91    /// Default: true
92    #[serde(default = "default_true")]
93    pub is_concurrent: bool,
94
95    /// Share token when multiple logins
96    /// Default: true
97    #[serde(default = "default_true")]
98    pub is_share: bool,
99
100    /// Token style
101    /// Default: Uuid
102    #[serde(default = "default_token_style")]
103    pub token_style: TokenStyle,
104
105    /// Enable logging
106    /// Default: false
107    #[serde(default)]
108    pub is_log: bool,
109
110    /// Read token from cookie
111    /// Default: true
112    #[serde(default = "default_true")]
113    pub is_read_cookie: bool,
114
115    /// Read token from header
116    /// Default: true
117    #[serde(default = "default_true")]
118    pub is_read_header: bool,
119
120    /// Read token from body
121    /// Default: false
122    #[serde(default)]
123    pub is_read_body: bool,
124
125    /// Token prefix (e.g., "Bearer ")
126    #[serde(default)]
127    pub token_prefix: Option<String>,
128
129    /// JWT secret key
130    #[serde(default)]
131    pub jwt_secret_key: Option<String>,
132
133    /// JWT algorithm
134    /// Default: "HS256"
135    #[serde(default = "default_jwt_algorithm")]
136    pub jwt_algorithm: Option<String>,
137
138    /// JWT issuer
139    #[serde(default)]
140    pub jwt_issuer: Option<String>,
141
142    /// JWT audience
143    #[serde(default)]
144    pub jwt_audience: Option<String>,
145
146    /// Enable nonce for replay attack prevention
147    /// Default: false
148    #[serde(default)]
149    pub enable_nonce: bool,
150
151    /// Nonce timeout in seconds, -1 means use token timeout
152    /// Default: -1
153    #[serde(default = "default_nonce_timeout")]
154    pub nonce_timeout: i64,
155
156    /// Enable refresh token
157    /// Default: false
158    #[serde(default)]
159    pub enable_refresh_token: bool,
160
161    /// Refresh token timeout in seconds
162    /// Default: 604800 (7 days)
163    #[serde(default = "default_refresh_token_timeout")]
164    pub refresh_token_timeout: i64,
165}
166
167impl Default for SaTokenConfig {
168    fn default() -> Self {
169        Self {
170            token_name: default_token_name(),
171            timeout: default_timeout(),
172            active_timeout: default_active_timeout(),
173            auto_renew: false,
174            is_concurrent: true,
175            is_share: true,
176            token_style: TokenStyle::Uuid,
177            is_log: false,
178            is_read_cookie: true,
179            is_read_header: true,
180            is_read_body: false,
181            token_prefix: None,
182            jwt_secret_key: None,
183            jwt_algorithm: default_jwt_algorithm(),
184            jwt_issuer: None,
185            jwt_audience: None,
186            enable_nonce: false,
187            nonce_timeout: default_nonce_timeout(),
188            enable_refresh_token: false,
189            refresh_token_timeout: default_refresh_token_timeout(),
190        }
191    }
192}
193
194impl From<SaTokenConfig> for CoreConfig {
195    fn from(config: SaTokenConfig) -> Self {
196        CoreConfig {
197            token_name: config.token_name,
198            timeout: config.timeout,
199            active_timeout: config.active_timeout,
200            auto_renew: config.auto_renew,
201            is_concurrent: config.is_concurrent,
202            is_share: config.is_share,
203            token_style: config.token_style.into(),
204            is_log: config.is_log,
205            is_read_cookie: config.is_read_cookie,
206            is_read_header: config.is_read_header,
207            is_read_body: config.is_read_body,
208            token_prefix: config.token_prefix,
209            jwt_secret_key: config.jwt_secret_key,
210            jwt_algorithm: config.jwt_algorithm,
211            jwt_issuer: config.jwt_issuer,
212            jwt_audience: config.jwt_audience,
213            enable_nonce: config.enable_nonce,
214            nonce_timeout: config.nonce_timeout,
215            enable_refresh_token: config.enable_refresh_token,
216            refresh_token_timeout: config.refresh_token_timeout,
217        }
218    }
219}
220
221// Default value functions
222fn default_token_name() -> String {
223    "Authorization".to_string()
224}
225
226fn default_timeout() -> i64 {
227    2592000 // 30 days
228}
229
230fn default_active_timeout() -> i64 {
231    -1
232}
233
234fn default_true() -> bool {
235    true
236}
237
238fn default_jwt_algorithm() -> Option<String> {
239    Some("HS256".to_string())
240}
241
242fn default_nonce_timeout() -> i64 {
243    -1
244}
245
246fn default_refresh_token_timeout() -> i64 {
247    604800 // 7 days
248}
249
250fn default_token_style() -> TokenStyle {
251    TokenStyle::Uuid
252}