-
Notifications
You must be signed in to change notification settings - Fork 125
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #296 from uptimeventures/middleware/jwt
Import JWT Authentication middleware
- Loading branch information
Showing
7 changed files
with
463 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
[package] | ||
name = "gotham_middleware_jwt" | ||
version = "0.3.1" | ||
authors = ["Nicholas Young <nyoung@uptime.ventures>", | ||
"Colin Bankier <colinbankier@gmail.com>", | ||
"Isaac Whitfield <iw@whitfin.io>", | ||
"Judson Lester <nyarly@gmail.com>", | ||
"Bradley Beddoes <bradleybeddoes@gmail.com>"] | ||
description = "JWT middleware for the Gotham web framework." | ||
repository = "https://github.com/gotham-rs/gotham" | ||
keywords = ["gotham-middleware", "jwt", "jsonwebtoken", "authentication"] | ||
homepage = "https://gotham.rs" | ||
readme = "README.md" | ||
license = "MIT/Apache-2.0" | ||
edition = "2018" | ||
|
||
[dependencies] | ||
futures = "0.1" | ||
gotham = "0.3" | ||
gotham_derive = "0.3" | ||
serde = "1.0" | ||
serde_derive = "1.0" | ||
hyper = "0.12" | ||
jsonwebtoken = "5.0" | ||
log = "0.4" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
# gotham_middleware_jwt | ||
|
||
A middleware for the [Gotham](https://gotham.rs) Web | ||
Framework that verifies JSON Web Tokens, returning | ||
`StatusCode::UNAUTHORIZED` if a request fails validation. | ||
|
||
## Usage | ||
|
||
First, ensure you're using at least Gotham version `0.3`. Then, add the | ||
following to your `Cargo.toml`: `gotham_middleware_jwt = "0.3"`. | ||
|
||
Second, create a struct you wish to deserialize into. For our example below, | ||
we've used `Claims`: | ||
|
||
```rust | ||
extern crate futures; | ||
extern crate gotham; | ||
extern crate gotham_middleware_jwt; | ||
extern crate hyper; | ||
extern crate serde; | ||
#[macro_use] | ||
extern crate serde_derive; | ||
|
||
use futures::future; | ||
use gotham::{ | ||
helpers::http::response::create_empty_response, | ||
handler::HandlerFuture, | ||
pipeline::{ | ||
new_pipeline, | ||
set::{finalize_pipeline_set, new_pipeline_set}, | ||
}, | ||
router::{builder::*, Router}, | ||
state::{State, FromState}, | ||
}; | ||
use gotham_middleware_jwt::{JWTMiddleware, AuthorizationToken}; | ||
use hyper::{Response, StatusCode}; | ||
|
||
#[derive(Deserialize, Debug)] | ||
struct Claims { | ||
sub: String, | ||
exp: usize, | ||
} | ||
|
||
fn handler(state: State) -> Box<HandlerFuture> { | ||
{ | ||
let token = AuthorizationToken::<Claims>::borrow_from(&state); | ||
// token -> TokenData | ||
} | ||
let res = create_empty_response(&state, StatusCode::OK); | ||
Box::new(future::ok((state, res))) | ||
} | ||
|
||
fn router() -> Router { | ||
let pipelines = new_pipeline_set(); | ||
let (pipelines, defaults) = pipelines.add( | ||
new_pipeline() | ||
.add(JWTMiddleware::<Claims>::new("secret".as_ref())) | ||
.build(), | ||
); | ||
let default_chain = (defaults, ()); | ||
let pipeline_set = finalize_pipeline_set(pipelines); | ||
build_router(default_chain, pipeline_set, |route| { | ||
route.get("/").to(handler); | ||
}) | ||
} | ||
``` | ||
## License | ||
|
||
This middleware crate was originally created by [Nicholas | ||
Young](https://www.secretfader.com) of Uptime Ventures, Ltd., | ||
and is maintained by the [Gotham](https://gotham.rs) core | ||
team. | ||
|
||
Licensed under your option of: | ||
|
||
* [MIT License](../../LICENSE-MIT) | ||
* [Apache License, Version 2.0](../../LICENSE-APACHE) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
//! Ensures that only requests with valid JSON Web Tokens | ||
//! included in the HTTP `Authorization` header are allowed | ||
//! to pass. | ||
//! | ||
//! Requests that lack a token are returned with the | ||
//! Status Code `400: Bad Request`. Tokens that fail | ||
//! validation cause the middleware to return Status Code | ||
//! `401: Unauthorized`. | ||
#![warn(missing_docs, deprecated)] | ||
extern crate futures; | ||
extern crate gotham; | ||
#[macro_use] | ||
extern crate gotham_derive; | ||
extern crate hyper; | ||
extern crate jsonwebtoken; | ||
extern crate serde; | ||
#[macro_use] | ||
extern crate log; | ||
#[cfg(test)] | ||
#[macro_use] | ||
extern crate serde_derive; | ||
|
||
mod middleware; | ||
mod state_data; | ||
|
||
pub use self::middleware::JWTMiddleware; | ||
pub use self::state_data::AuthorizationToken; |
Oops, something went wrong.