Expand description
HTTP middleware layers for the API server.
Collects the request-pipeline concerns mounted by the router: client-address resolution, CORS and security headers, bot detection and IP banning, rate limiting, JWT and session context establishment, request-context flavours, content negotiation, authorization gating, analytics, and tracing.
Re-exports§
pub use authz::AuthzPolicy;pub use authz::authz_gate;pub use context::A2AContextMiddleware;pub use context::ContextExtractor;pub use context::McpContextMiddleware;pub use context::PublicContextMiddleware;pub use context::UserOnlyContextMiddleware;pub use negotiation::AcceptedFormat;pub use negotiation::AcceptedMediaType;pub use negotiation::content_negotiation_middleware;pub use negotiation::parse_accept_header;pub use analytics::*;pub use bot_detector::*;pub use cors::*;pub use ip_ban::*;pub use jwt::*;pub use rate_limit::*;pub use security_headers::*;pub use served_by::*;pub use session::*;pub use site_auth::*;pub use trace::*;pub use trailing_slash::*;
Modules§
- analytics
- Request analytics middleware.
- authz
- Static, compile-time-enforced per-route authorization.
- bot_
detector - Early bot-classification middleware.
- client_
addr - Client-address resolution that does not blindly trust hop headers.
- context
- Request-context middleware: establishing the per-request execution identity.
- cors
- ip_ban
- jwt
- JWT request-context extraction.
- negotiation
- Content-negotiation middleware.
- rate_
limit - Router extension traits for rate limiting and authenticated route groups.
- security_
headers - served_
by - session
- Session-establishment middleware.
- site_
auth - trace
- trailing_
slash