<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `actix-web-httpauth/src/middleware.rs`."><title>middleware.rs - source</title><script>if(window.location.protocol!=="file:")document.head.insertAdjacentHTML("beforeend","SourceSerif4-Regular-46f98efaafac5295.ttf.woff2,FiraSans-Regular-018c141bf0843ffd.woff2,FiraSans-Medium-8f9a781e4970d388.woff2,SourceCodePro-Regular-562dcc5011b6de7d.ttf.woff2,SourceCodePro-Semibold-d899c5a5c4aeb14a.ttf.woff2".split(",").map(f=>`<link rel="preload" as="font" type="font/woff2" crossorigin href="../../static.files/${f}">`).join(""))</script><link rel="stylesheet" href="../../static.files/normalize-76eba96aa4d2e634.css"><link rel="stylesheet" href="../../static.files/rustdoc-dd39b87e5fcfba68.css"><meta name="rustdoc-vars" data-root-path="../../" data-static-root-path="../../static.files/" data-current-crate="actix_web_httpauth" data-themes="" data-resource-suffix="" data-rustdoc-version="1.80.0-nightly (bdbbb6c6a 2024-05-26)" data-channel="nightly" data-search-js="search-d52510db62a78183.js" data-settings-js="settings-4313503d2e1961c2.js" ><script src="../../static.files/storage-118b08c4c78b968e.js"></script><script defer src="../../static.files/src-script-e66d777a5a92e9b2.js"></script><script defer src="../../src-files.js"></script><script defer src="../../static.files/main-20a3ad099b048cf2.js"></script><noscript><link rel="stylesheet" href="../../static.files/noscript-df360f571f6edeae.css"></noscript><link rel="icon" href="https://actix.rs/favicon.ico"></head><body class="rustdoc src"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><div class="src-sidebar-title"><h2>Files</h2></div></nav><div class="sidebar-resizer"></div><main><rustdoc-search></rustdoc-search><section id="main-content" class="content"><div class="example-wrap"><div data-nosnippet><pre class="src-line-numbers"><a href="#1" id="1">1</a>
<a href="#2" id="2">2</a>
<a href="#3" id="3">3</a>
<a href="#4" id="4">4</a>
<a href="#5" id="5">5</a>
<a href="#6" id="6">6</a>
<a href="#7" id="7">7</a>
<a href="#8" id="8">8</a>
<a href="#9" id="9">9</a>
<a href="#10" id="10">10</a>
<a href="#11" id="11">11</a>
<a href="#12" id="12">12</a>
<a href="#13" id="13">13</a>
<a href="#14" id="14">14</a>
<a href="#15" id="15">15</a>
<a href="#16" id="16">16</a>
<a href="#17" id="17">17</a>
<a href="#18" id="18">18</a>
<a href="#19" id="19">19</a>
<a href="#20" id="20">20</a>
<a href="#21" id="21">21</a>
<a href="#22" id="22">22</a>
<a href="#23" id="23">23</a>
<a href="#24" id="24">24</a>
<a href="#25" id="25">25</a>
<a href="#26" id="26">26</a>
<a href="#27" id="27">27</a>
<a href="#28" id="28">28</a>
<a href="#29" id="29">29</a>
<a href="#30" id="30">30</a>
<a href="#31" id="31">31</a>
<a href="#32" id="32">32</a>
<a href="#33" id="33">33</a>
<a href="#34" id="34">34</a>
<a href="#35" id="35">35</a>
<a href="#36" id="36">36</a>
<a href="#37" id="37">37</a>
<a href="#38" id="38">38</a>
<a href="#39" id="39">39</a>
<a href="#40" id="40">40</a>
<a href="#41" id="41">41</a>
<a href="#42" id="42">42</a>
<a href="#43" id="43">43</a>
<a href="#44" id="44">44</a>
<a href="#45" id="45">45</a>
<a href="#46" id="46">46</a>
<a href="#47" id="47">47</a>
<a href="#48" id="48">48</a>
<a href="#49" id="49">49</a>
<a href="#50" id="50">50</a>
<a href="#51" id="51">51</a>
<a href="#52" id="52">52</a>
<a href="#53" id="53">53</a>
<a href="#54" id="54">54</a>
<a href="#55" id="55">55</a>
<a href="#56" id="56">56</a>
<a href="#57" id="57">57</a>
<a href="#58" id="58">58</a>
<a href="#59" id="59">59</a>
<a href="#60" id="60">60</a>
<a href="#61" id="61">61</a>
<a href="#62" id="62">62</a>
<a href="#63" id="63">63</a>
<a href="#64" id="64">64</a>
<a href="#65" id="65">65</a>
<a href="#66" id="66">66</a>
<a href="#67" id="67">67</a>
<a href="#68" id="68">68</a>
<a href="#69" id="69">69</a>
<a href="#70" id="70">70</a>
<a href="#71" id="71">71</a>
<a href="#72" id="72">72</a>
<a href="#73" id="73">73</a>
<a href="#74" id="74">74</a>
<a href="#75" id="75">75</a>
<a href="#76" id="76">76</a>
<a href="#77" id="77">77</a>
<a href="#78" id="78">78</a>
<a href="#79" id="79">79</a>
<a href="#80" id="80">80</a>
<a href="#81" id="81">81</a>
<a href="#82" id="82">82</a>
<a href="#83" id="83">83</a>
<a href="#84" id="84">84</a>
<a href="#85" id="85">85</a>
<a href="#86" id="86">86</a>
<a href="#87" id="87">87</a>
<a href="#88" id="88">88</a>
<a href="#89" id="89">89</a>
<a href="#90" id="90">90</a>
<a href="#91" id="91">91</a>
<a href="#92" id="92">92</a>
<a href="#93" id="93">93</a>
<a href="#94" id="94">94</a>
<a href="#95" id="95">95</a>
<a href="#96" id="96">96</a>
<a href="#97" id="97">97</a>
<a href="#98" id="98">98</a>
<a href="#99" id="99">99</a>
<a href="#100" id="100">100</a>
<a href="#101" id="101">101</a>
<a href="#102" id="102">102</a>
<a href="#103" id="103">103</a>
<a href="#104" id="104">104</a>
<a href="#105" id="105">105</a>
<a href="#106" id="106">106</a>
<a href="#107" id="107">107</a>
<a href="#108" id="108">108</a>
<a href="#109" id="109">109</a>
<a href="#110" id="110">110</a>
<a href="#111" id="111">111</a>
<a href="#112" id="112">112</a>
<a href="#113" id="113">113</a>
<a href="#114" id="114">114</a>
<a href="#115" id="115">115</a>
<a href="#116" id="116">116</a>
<a href="#117" id="117">117</a>
<a href="#118" id="118">118</a>
<a href="#119" id="119">119</a>
<a href="#120" id="120">120</a>
<a href="#121" id="121">121</a>
<a href="#122" id="122">122</a>
<a href="#123" id="123">123</a>
<a href="#124" id="124">124</a>
<a href="#125" id="125">125</a>
<a href="#126" id="126">126</a>
<a href="#127" id="127">127</a>
<a href="#128" id="128">128</a>
<a href="#129" id="129">129</a>
<a href="#130" id="130">130</a>
<a href="#131" id="131">131</a>
<a href="#132" id="132">132</a>
<a href="#133" id="133">133</a>
<a href="#134" id="134">134</a>
<a href="#135" id="135">135</a>
<a href="#136" id="136">136</a>
<a href="#137" id="137">137</a>
<a href="#138" id="138">138</a>
<a href="#139" id="139">139</a>
<a href="#140" id="140">140</a>
<a href="#141" id="141">141</a>
<a href="#142" id="142">142</a>
<a href="#143" id="143">143</a>
<a href="#144" id="144">144</a>
<a href="#145" id="145">145</a>
<a href="#146" id="146">146</a>
<a href="#147" id="147">147</a>
<a href="#148" id="148">148</a>
<a href="#149" id="149">149</a>
<a href="#150" id="150">150</a>
<a href="#151" id="151">151</a>
<a href="#152" id="152">152</a>
<a href="#153" id="153">153</a>
<a href="#154" id="154">154</a>
<a href="#155" id="155">155</a>
<a href="#156" id="156">156</a>
<a href="#157" id="157">157</a>
<a href="#158" id="158">158</a>
<a href="#159" id="159">159</a>
<a href="#160" id="160">160</a>
<a href="#161" id="161">161</a>
<a href="#162" id="162">162</a>
<a href="#163" id="163">163</a>
<a href="#164" id="164">164</a>
<a href="#165" id="165">165</a>
<a href="#166" id="166">166</a>
<a href="#167" id="167">167</a>
<a href="#168" id="168">168</a>
<a href="#169" id="169">169</a>
<a href="#170" id="170">170</a>
<a href="#171" id="171">171</a>
<a href="#172" id="172">172</a>
<a href="#173" id="173">173</a>
<a href="#174" id="174">174</a>
<a href="#175" id="175">175</a>
<a href="#176" id="176">176</a>
<a href="#177" id="177">177</a>
<a href="#178" id="178">178</a>
<a href="#179" id="179">179</a>
<a href="#180" id="180">180</a>
<a href="#181" id="181">181</a>
<a href="#182" id="182">182</a>
<a href="#183" id="183">183</a>
<a href="#184" id="184">184</a>
<a href="#185" id="185">185</a>
<a href="#186" id="186">186</a>
<a href="#187" id="187">187</a>
<a href="#188" id="188">188</a>
<a href="#189" id="189">189</a>
<a href="#190" id="190">190</a>
<a href="#191" id="191">191</a>
<a href="#192" id="192">192</a>
<a href="#193" id="193">193</a>
<a href="#194" id="194">194</a>
<a href="#195" id="195">195</a>
<a href="#196" id="196">196</a>
<a href="#197" id="197">197</a>
<a href="#198" id="198">198</a>
<a href="#199" id="199">199</a>
<a href="#200" id="200">200</a>
<a href="#201" id="201">201</a>
<a href="#202" id="202">202</a>
<a href="#203" id="203">203</a>
<a href="#204" id="204">204</a>
<a href="#205" id="205">205</a>
<a href="#206" id="206">206</a>
<a href="#207" id="207">207</a>
<a href="#208" id="208">208</a>
<a href="#209" id="209">209</a>
<a href="#210" id="210">210</a>
<a href="#211" id="211">211</a>
<a href="#212" id="212">212</a>
<a href="#213" id="213">213</a>
<a href="#214" id="214">214</a>
<a href="#215" id="215">215</a>
<a href="#216" id="216">216</a>
<a href="#217" id="217">217</a>
<a href="#218" id="218">218</a>
<a href="#219" id="219">219</a>
<a href="#220" id="220">220</a>
<a href="#221" id="221">221</a>
<a href="#222" id="222">222</a>
<a href="#223" id="223">223</a>
<a href="#224" id="224">224</a>
<a href="#225" id="225">225</a>
<a href="#226" id="226">226</a>
<a href="#227" id="227">227</a>
<a href="#228" id="228">228</a>
<a href="#229" id="229">229</a>
<a href="#230" id="230">230</a>
<a href="#231" id="231">231</a>
<a href="#232" id="232">232</a>
<a href="#233" id="233">233</a>
<a href="#234" id="234">234</a>
<a href="#235" id="235">235</a>
<a href="#236" id="236">236</a>
<a href="#237" id="237">237</a>
<a href="#238" id="238">238</a>
<a href="#239" id="239">239</a>
<a href="#240" id="240">240</a>
<a href="#241" id="241">241</a>
<a href="#242" id="242">242</a>
<a href="#243" id="243">243</a>
<a href="#244" id="244">244</a>
<a href="#245" id="245">245</a>
<a href="#246" id="246">246</a>
<a href="#247" id="247">247</a>
<a href="#248" id="248">248</a>
<a href="#249" id="249">249</a>
<a href="#250" id="250">250</a>
<a href="#251" id="251">251</a>
<a href="#252" id="252">252</a>
<a href="#253" id="253">253</a>
<a href="#254" id="254">254</a>
<a href="#255" id="255">255</a>
<a href="#256" id="256">256</a>
<a href="#257" id="257">257</a>
<a href="#258" id="258">258</a>
<a href="#259" id="259">259</a>
<a href="#260" id="260">260</a>
<a href="#261" id="261">261</a>
<a href="#262" id="262">262</a>
<a href="#263" id="263">263</a>
<a href="#264" id="264">264</a>
<a href="#265" id="265">265</a>
<a href="#266" id="266">266</a>
<a href="#267" id="267">267</a>
<a href="#268" id="268">268</a>
<a href="#269" id="269">269</a>
<a href="#270" id="270">270</a>
<a href="#271" id="271">271</a>
<a href="#272" id="272">272</a>
<a href="#273" id="273">273</a>
<a href="#274" id="274">274</a>
<a href="#275" id="275">275</a>
<a href="#276" id="276">276</a>
<a href="#277" id="277">277</a>
<a href="#278" id="278">278</a>
<a href="#279" id="279">279</a>
<a href="#280" id="280">280</a>
<a href="#281" id="281">281</a>
<a href="#282" id="282">282</a>
<a href="#283" id="283">283</a>
<a href="#284" id="284">284</a>
<a href="#285" id="285">285</a>
<a href="#286" id="286">286</a>
<a href="#287" id="287">287</a>
<a href="#288" id="288">288</a>
<a href="#289" id="289">289</a>
<a href="#290" id="290">290</a>
<a href="#291" id="291">291</a>
<a href="#292" id="292">292</a>
<a href="#293" id="293">293</a>
<a href="#294" id="294">294</a>
<a href="#295" id="295">295</a>
<a href="#296" id="296">296</a>
<a href="#297" id="297">297</a>
<a href="#298" id="298">298</a>
<a href="#299" id="299">299</a>
<a href="#300" id="300">300</a>
<a href="#301" id="301">301</a>
<a href="#302" id="302">302</a>
<a href="#303" id="303">303</a>
<a href="#304" id="304">304</a>
<a href="#305" id="305">305</a>
<a href="#306" id="306">306</a>
<a href="#307" id="307">307</a>
<a href="#308" id="308">308</a>
<a href="#309" id="309">309</a>
<a href="#310" id="310">310</a>
<a href="#311" id="311">311</a>
<a href="#312" id="312">312</a>
<a href="#313" id="313">313</a>
<a href="#314" id="314">314</a>
<a href="#315" id="315">315</a>
<a href="#316" id="316">316</a>
<a href="#317" id="317">317</a>
<a href="#318" id="318">318</a>
<a href="#319" id="319">319</a>
<a href="#320" id="320">320</a>
<a href="#321" id="321">321</a>
<a href="#322" id="322">322</a>
<a href="#323" id="323">323</a>
<a href="#324" id="324">324</a>
<a href="#325" id="325">325</a>
<a href="#326" id="326">326</a>
<a href="#327" id="327">327</a>
<a href="#328" id="328">328</a>
<a href="#329" id="329">329</a>
<a href="#330" id="330">330</a>
<a href="#331" id="331">331</a>
<a href="#332" id="332">332</a>
<a href="#333" id="333">333</a>
<a href="#334" id="334">334</a>
<a href="#335" id="335">335</a>
<a href="#336" id="336">336</a>
<a href="#337" id="337">337</a>
<a href="#338" id="338">338</a>
<a href="#339" id="339">339</a>
<a href="#340" id="340">340</a>
<a href="#341" id="341">341</a>
<a href="#342" id="342">342</a>
<a href="#343" id="343">343</a>
<a href="#344" id="344">344</a>
<a href="#345" id="345">345</a>
<a href="#346" id="346">346</a>
<a href="#347" id="347">347</a>
<a href="#348" id="348">348</a>
<a href="#349" id="349">349</a>
<a href="#350" id="350">350</a>
<a href="#351" id="351">351</a>
<a href="#352" id="352">352</a>
<a href="#353" id="353">353</a>
<a href="#354" id="354">354</a>
<a href="#355" id="355">355</a>
<a href="#356" id="356">356</a>
<a href="#357" id="357">357</a>
<a href="#358" id="358">358</a>
<a href="#359" id="359">359</a>
<a href="#360" id="360">360</a>
<a href="#361" id="361">361</a>
<a href="#362" id="362">362</a>
<a href="#363" id="363">363</a>
<a href="#364" id="364">364</a>
<a href="#365" id="365">365</a>
<a href="#366" id="366">366</a>
<a href="#367" id="367">367</a>
<a href="#368" id="368">368</a>
<a href="#369" id="369">369</a>
<a href="#370" id="370">370</a>
<a href="#371" id="371">371</a>
<a href="#372" id="372">372</a>
<a href="#373" id="373">373</a>
<a href="#374" id="374">374</a>
<a href="#375" id="375">375</a>
<a href="#376" id="376">376</a>
<a href="#377" id="377">377</a>
<a href="#378" id="378">378</a>
<a href="#379" id="379">379</a>
<a href="#380" id="380">380</a>
<a href="#381" id="381">381</a>
<a href="#382" id="382">382</a>
<a href="#383" id="383">383</a>
<a href="#384" id="384">384</a>
<a href="#385" id="385">385</a>
<a href="#386" id="386">386</a>
<a href="#387" id="387">387</a>
<a href="#388" id="388">388</a>
<a href="#389" id="389">389</a>
<a href="#390" id="390">390</a>
<a href="#391" id="391">391</a>
<a href="#392" id="392">392</a>
<a href="#393" id="393">393</a>
<a href="#394" id="394">394</a>
<a href="#395" id="395">395</a>
<a href="#396" id="396">396</a>
<a href="#397" id="397">397</a>
<a href="#398" id="398">398</a>
<a href="#399" id="399">399</a>
<a href="#400" id="400">400</a>
<a href="#401" id="401">401</a>
<a href="#402" id="402">402</a>
<a href="#403" id="403">403</a>
<a href="#404" id="404">404</a>
<a href="#405" id="405">405</a>
<a href="#406" id="406">406</a>
<a href="#407" id="407">407</a>
<a href="#408" id="408">408</a>
<a href="#409" id="409">409</a>
<a href="#410" id="410">410</a>
<a href="#411" id="411">411</a>
<a href="#412" id="412">412</a>
<a href="#413" id="413">413</a>
<a href="#414" id="414">414</a>
<a href="#415" id="415">415</a>
<a href="#416" id="416">416</a>
</pre></div><pre class="rust"><code><span class="doccomment">//! HTTP Authentication middleware.
</span><span class="kw">use </span>std::{
future::Future,
marker::PhantomData,
pin::Pin,
rc::Rc,
sync::Arc,
task::{Context, Poll},
};
<span class="kw">use </span>actix_web::{
body::{EitherBody, MessageBody},
dev::{Service, ServiceRequest, ServiceResponse, Transform},
Error, FromRequest,
};
<span class="kw">use </span>futures_core::ready;
<span class="kw">use </span>futures_util::future::{<span class="self">self</span>, LocalBoxFuture, TryFutureExt <span class="kw">as _</span>};
<span class="kw">use </span><span class="kw">crate</span>::extractors::{basic, bearer};
<span class="doccomment">/// Middleware for checking HTTP authentication.
///
/// If there is no `Authorization` header in the request, this middleware returns an error
/// immediately, without calling the `F` callback.
///
/// Otherwise, it will pass both the request and the parsed credentials into it. In case of
/// successful validation `F` callback is required to return the `ServiceRequest` back.
</span><span class="attr">#[derive(Debug, Clone)]
</span><span class="kw">pub struct </span>HttpAuthentication<T, F>
<span class="kw">where
</span>T: FromRequest,
{
process_fn: Arc<F>,
_extractor: PhantomData<T>,
}
<span class="kw">impl</span><T, F, O> HttpAuthentication<T, F>
<span class="kw">where
</span>T: FromRequest,
F: Fn(ServiceRequest, T) -> O,
O: Future<Output = <span class="prelude-ty">Result</span><ServiceRequest, (Error, ServiceRequest)>>,
{
<span class="doccomment">/// Construct `HttpAuthentication` middleware with the provided auth extractor `T` and
/// validation callback `F`.
</span><span class="kw">pub fn </span>with_fn(process_fn: F) -> HttpAuthentication<T, F> {
HttpAuthentication {
process_fn: Arc::new(process_fn),
_extractor: PhantomData,
}
}
}
<span class="kw">impl</span><F, O> HttpAuthentication<basic::BasicAuth, F>
<span class="kw">where
</span>F: Fn(ServiceRequest, basic::BasicAuth) -> O,
O: Future<Output = <span class="prelude-ty">Result</span><ServiceRequest, (Error, ServiceRequest)>>,
{
<span class="doccomment">/// Construct `HttpAuthentication` middleware for the HTTP "Basic" authentication scheme.
///
/// # Examples
/// ```
/// # use actix_web::{Error, dev::ServiceRequest};
/// # use actix_web_httpauth::{extractors::basic::BasicAuth, middleware::HttpAuthentication};
/// // In this example validator returns immediately, but since it is required to return
/// // anything that implements `IntoFuture` trait, it can be extended to query database or to
/// // do something else in a async manner.
/// async fn validator(
/// req: ServiceRequest,
/// credentials: BasicAuth,
/// ) -> Result<ServiceRequest, (Error, ServiceRequest)> {
/// // All users are great and more than welcome!
/// Ok(req)
/// }
///
/// let middleware = HttpAuthentication::basic(validator);
/// ```
</span><span class="kw">pub fn </span>basic(process_fn: F) -> <span class="self">Self </span>{
<span class="self">Self</span>::with_fn(process_fn)
}
}
<span class="kw">impl</span><F, O> HttpAuthentication<bearer::BearerAuth, F>
<span class="kw">where
</span>F: Fn(ServiceRequest, bearer::BearerAuth) -> O,
O: Future<Output = <span class="prelude-ty">Result</span><ServiceRequest, (Error, ServiceRequest)>>,
{
<span class="doccomment">/// Construct `HttpAuthentication` middleware for the HTTP "Bearer" authentication scheme.
///
/// # Examples
/// ```
/// # use actix_web::{Error, dev::ServiceRequest};
/// # use actix_web_httpauth::{
/// # extractors::{AuthenticationError, AuthExtractorConfig, bearer::{self, BearerAuth}},
/// # middleware::HttpAuthentication,
/// # };
/// async fn validator(
/// req: ServiceRequest,
/// credentials: BearerAuth
/// ) -> Result<ServiceRequest, (Error, ServiceRequest)> {
/// if credentials.token() == "mF_9.B5f-4.1JqM" {
/// Ok(req)
/// } else {
/// let config = req.app_data::<bearer::Config>()
/// .cloned()
/// .unwrap_or_default()
/// .scope("urn:example:channel=HBO&urn:example:rating=G,PG-13");
///
/// Err((AuthenticationError::from(config).into(), req))
/// }
/// }
///
/// let middleware = HttpAuthentication::bearer(validator);
/// ```
</span><span class="kw">pub fn </span>bearer(process_fn: F) -> <span class="self">Self </span>{
<span class="self">Self</span>::with_fn(process_fn)
}
}
<span class="kw">impl</span><S, B, T, F, O> Transform<S, ServiceRequest> <span class="kw">for </span>HttpAuthentication<T, F>
<span class="kw">where
</span>S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + <span class="lifetime">'static</span>,
S::Future: <span class="lifetime">'static</span>,
F: Fn(ServiceRequest, T) -> O + <span class="lifetime">'static</span>,
O: Future<Output = <span class="prelude-ty">Result</span><ServiceRequest, (Error, ServiceRequest)>> + <span class="lifetime">'static</span>,
T: FromRequest + <span class="lifetime">'static</span>,
B: MessageBody + <span class="lifetime">'static</span>,
{
<span class="kw">type </span>Response = ServiceResponse<EitherBody<B>>;
<span class="kw">type </span>Error = Error;
<span class="kw">type </span>Transform = AuthenticationMiddleware<S, F, T>;
<span class="kw">type </span>InitError = ();
<span class="kw">type </span>Future = future::Ready<<span class="prelude-ty">Result</span><<span class="self">Self</span>::Transform, <span class="self">Self</span>::InitError>>;
<span class="kw">fn </span>new_transform(<span class="kw-2">&</span><span class="self">self</span>, service: S) -> <span class="self">Self</span>::Future {
future::ok(AuthenticationMiddleware {
service: Rc::new(service),
process_fn: <span class="self">self</span>.process_fn.clone(),
_extractor: PhantomData,
})
}
}
<span class="attr">#[doc(hidden)]
</span><span class="kw">pub struct </span>AuthenticationMiddleware<S, F, T>
<span class="kw">where
</span>T: FromRequest,
{
service: Rc<S>,
process_fn: Arc<F>,
_extractor: PhantomData<T>,
}
<span class="kw">impl</span><S, B, F, T, O> Service<ServiceRequest> <span class="kw">for </span>AuthenticationMiddleware<S, F, T>
<span class="kw">where
</span>S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + <span class="lifetime">'static</span>,
S::Future: <span class="lifetime">'static</span>,
F: Fn(ServiceRequest, T) -> O + <span class="lifetime">'static</span>,
O: Future<Output = <span class="prelude-ty">Result</span><ServiceRequest, (Error, ServiceRequest)>> + <span class="lifetime">'static</span>,
T: FromRequest + <span class="lifetime">'static</span>,
B: MessageBody + <span class="lifetime">'static</span>,
{
<span class="kw">type </span>Response = ServiceResponse<EitherBody<B>>;
<span class="kw">type </span>Error = S::Error;
<span class="kw">type </span>Future = LocalBoxFuture<<span class="lifetime">'static</span>, <span class="prelude-ty">Result</span><<span class="self">Self</span>::Response, <span class="self">Self</span>::Error>>;
<span class="macro">actix_web::dev::forward_ready!</span>(service);
<span class="kw">fn </span>call(<span class="kw-2">&</span><span class="self">self</span>, req: ServiceRequest) -> <span class="self">Self</span>::Future {
<span class="kw">let </span>process_fn = Arc::clone(<span class="kw-2">&</span><span class="self">self</span>.process_fn);
<span class="kw">let </span>service = Rc::clone(<span class="kw-2">&</span><span class="self">self</span>.service);
Box::pin(<span class="kw">async move </span>{
<span class="kw">let </span>(req, credentials) = <span class="kw">match </span>Extract::<T>::new(req).<span class="kw">await </span>{
<span class="prelude-val">Ok</span>(req) => req,
<span class="prelude-val">Err</span>((err, req)) => {
<span class="kw">return </span><span class="prelude-val">Ok</span>(req.error_response(err).map_into_right_body());
}
};
<span class="kw">let </span>req = <span class="kw">match </span>process_fn(req, credentials).<span class="kw">await </span>{
<span class="prelude-val">Ok</span>(req) => req,
<span class="prelude-val">Err</span>((err, req)) => {
<span class="kw">return </span><span class="prelude-val">Ok</span>(req.error_response(err).map_into_right_body());
}
};
service.call(req).<span class="kw">await</span>.map(|res| res.map_into_left_body())
})
}
}
<span class="kw">struct </span>Extract<T> {
req: <span class="prelude-ty">Option</span><ServiceRequest>,
fut: <span class="prelude-ty">Option</span><LocalBoxFuture<<span class="lifetime">'static</span>, <span class="prelude-ty">Result</span><T, Error>>>,
_extractor: PhantomData<<span class="kw">fn</span>() -> T>,
}
<span class="kw">impl</span><T> Extract<T> {
<span class="kw">pub fn </span>new(req: ServiceRequest) -> <span class="self">Self </span>{
Extract {
req: <span class="prelude-val">Some</span>(req),
fut: <span class="prelude-val">None</span>,
_extractor: PhantomData,
}
}
}
<span class="kw">impl</span><T> Future <span class="kw">for </span>Extract<T>
<span class="kw">where
</span>T: FromRequest,
T::Future: <span class="lifetime">'static</span>,
T::Error: <span class="lifetime">'static</span>,
{
<span class="kw">type </span>Output = <span class="prelude-ty">Result</span><(ServiceRequest, T), (Error, ServiceRequest)>;
<span class="kw">fn </span>poll(<span class="kw-2">mut </span><span class="self">self</span>: Pin<<span class="kw-2">&mut </span><span class="self">Self</span>>, ctx: <span class="kw-2">&mut </span>Context<<span class="lifetime">'_</span>>) -> Poll<<span class="self">Self</span>::Output> {
<span class="kw">if </span><span class="self">self</span>.fut.is_none() {
<span class="kw">let </span>req = <span class="self">self</span>.req.as_mut().expect(<span class="string">"Extract future was polled twice!"</span>);
<span class="kw">let </span>fut = req.extract::<T>().map_err(Into::into);
<span class="self">self</span>.fut = <span class="prelude-val">Some</span>(Box::pin(fut));
}
<span class="kw">let </span>fut = <span class="self">self
</span>.fut
.as_mut()
.expect(<span class="string">"Extraction future should be initialized at this point"</span>);
<span class="kw">let </span>credentials = <span class="macro">ready!</span>(fut.as_mut().poll(ctx)).map_err(|err| {
(
err,
<span class="comment">// returning request allows a proper error response to be created
</span><span class="self">self</span>.req.take().expect(<span class="string">"Extract future was polled twice!"</span>),
)
})<span class="question-mark">?</span>;
<span class="kw">let </span>req = <span class="self">self</span>.req.take().expect(<span class="string">"Extract future was polled twice!"</span>);
Poll::Ready(<span class="prelude-val">Ok</span>((req, credentials)))
}
}
<span class="attr">#[cfg(test)]
</span><span class="kw">mod </span>tests {
<span class="kw">use </span>actix_service::into_service;
<span class="kw">use </span>actix_web::{
error::{<span class="self">self</span>, ErrorForbidden},
http::StatusCode,
test::TestRequest,
web, App, HttpResponse,
};
<span class="kw">use super</span>::<span class="kw-2">*</span>;
<span class="kw">use </span><span class="kw">crate</span>::extractors::{basic::BasicAuth, bearer::BearerAuth};
<span class="doccomment">/// This is a test for https://github.com/actix/actix-extras/issues/10
</span><span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_panic() {
<span class="kw">let </span>middleware = AuthenticationMiddleware {
service: Rc::new(into_service(|<span class="kw">_</span>: ServiceRequest| <span class="kw">async move </span>{
actix_web::rt::time::sleep(std::time::Duration::from_secs(<span class="number">1</span>)).<span class="kw">await</span>;
<span class="prelude-val">Err</span>::<ServiceResponse, <span class="kw">_</span>>(error::ErrorBadRequest(<span class="string">"error"</span>))
})),
process_fn: Arc::new(|req, <span class="kw">_</span>: BearerAuth| <span class="kw">async </span>{ <span class="prelude-val">Ok</span>(req) }),
_extractor: PhantomData,
};
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Bearer 1"</span>))
.to_srv_request();
<span class="kw">let </span>f = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>_res = futures_util::future::lazy(|cx| middleware.poll_ready(cx)).<span class="kw">await</span>;
<span class="macro">assert!</span>(f.is_err());
}
<span class="doccomment">/// This is a test for https://github.com/actix/actix-extras/issues/10
</span><span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_panic_several_orders() {
<span class="kw">let </span>middleware = AuthenticationMiddleware {
service: Rc::new(into_service(|<span class="kw">_</span>: ServiceRequest| <span class="kw">async move </span>{
actix_web::rt::time::sleep(std::time::Duration::from_secs(<span class="number">1</span>)).<span class="kw">await</span>;
<span class="prelude-val">Err</span>::<ServiceResponse, <span class="kw">_</span>>(error::ErrorBadRequest(<span class="string">"error"</span>))
})),
process_fn: Arc::new(|req, <span class="kw">_</span>: BearerAuth| <span class="kw">async </span>{ <span class="prelude-val">Ok</span>(req) }),
_extractor: PhantomData,
};
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Bearer 1"</span>))
.to_srv_request();
<span class="kw">let </span>f1 = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Bearer 1"</span>))
.to_srv_request();
<span class="kw">let </span>f2 = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Bearer 1"</span>))
.to_srv_request();
<span class="kw">let </span>f3 = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>_res = futures_util::future::lazy(|cx| middleware.poll_ready(cx)).<span class="kw">await</span>;
<span class="macro">assert!</span>(f1.is_err());
<span class="macro">assert!</span>(f2.is_err());
<span class="macro">assert!</span>(f3.is_err());
}
<span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_opt_extractor() {
<span class="kw">let </span>middleware = AuthenticationMiddleware {
service: Rc::new(into_service(|req: ServiceRequest| <span class="kw">async move </span>{
<span class="prelude-val">Ok</span>::<ServiceResponse, <span class="kw">_</span>>(req.into_response(HttpResponse::Ok().finish()))
})),
process_fn: Arc::new(|req, auth: <span class="prelude-ty">Option</span><BearerAuth>| {
<span class="macro">assert!</span>(auth.is_none());
<span class="kw">async </span>{ <span class="prelude-val">Ok</span>(req) }
}),
_extractor: PhantomData,
};
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization996"</span>, <span class="string">"Bearer 1"</span>))
.to_srv_request();
<span class="kw">let </span>f = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>_res = futures_util::future::lazy(|cx| middleware.poll_ready(cx)).<span class="kw">await</span>;
<span class="macro">assert!</span>(f.is_ok());
}
<span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_res_extractor() {
<span class="kw">let </span>middleware = AuthenticationMiddleware {
service: Rc::new(into_service(|req: ServiceRequest| <span class="kw">async move </span>{
<span class="prelude-val">Ok</span>::<ServiceResponse, <span class="kw">_</span>>(req.into_response(HttpResponse::Ok().finish()))
})),
process_fn: Arc::new(
|req, auth: <span class="prelude-ty">Result</span><BearerAuth, <BearerAuth <span class="kw">as </span>FromRequest>::Error>| {
<span class="macro">assert!</span>(auth.is_err());
<span class="kw">async </span>{ <span class="prelude-val">Ok</span>(req) }
},
),
_extractor: PhantomData,
};
<span class="kw">let </span>req = TestRequest::get()
.append_header((<span class="string">"Authorization"</span>, <span class="string">"BearerLOL"</span>))
.to_srv_request();
<span class="kw">let </span>f = middleware.call(req).<span class="kw">await</span>;
<span class="kw">let </span>_res = futures_util::future::lazy(|cx| middleware.poll_ready(cx)).<span class="kw">await</span>;
<span class="macro">assert!</span>(f.is_ok());
}
<span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_works_with_app() {
<span class="kw">async fn </span>validator(
req: ServiceRequest,
_credentials: BasicAuth,
) -> <span class="prelude-ty">Result</span><ServiceRequest, (actix_web::Error, ServiceRequest)> {
<span class="prelude-val">Err</span>((ErrorForbidden(<span class="string">"You are not welcome!"</span>), req))
}
<span class="kw">let </span>middleware = HttpAuthentication::basic(validator);
<span class="kw">let </span>srv = actix_web::test::init_service(
App::new()
.wrap(middleware)
.route(<span class="string">"/"</span>, web::get().to(HttpResponse::Ok)),
)
.<span class="kw">await</span>;
<span class="kw">let </span>req = actix_web::test::TestRequest::with_uri(<span class="string">"/"</span>)
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Basic DontCare"</span>))
.to_request();
<span class="kw">let </span>resp = srv.call(req).<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(resp.status(), StatusCode::UNAUTHORIZED);
}
<span class="attr">#[actix_web::test]
</span><span class="kw">async fn </span>test_middleware_works_with_scope() {
<span class="kw">async fn </span>validator(
req: ServiceRequest,
_credentials: BasicAuth,
) -> <span class="prelude-ty">Result</span><ServiceRequest, (actix_web::Error, ServiceRequest)> {
<span class="prelude-val">Err</span>((ErrorForbidden(<span class="string">"You are not welcome!"</span>), req))
}
<span class="kw">let </span>middleware = actix_web::middleware::Compat::new(HttpAuthentication::basic(validator));
<span class="kw">let </span>srv = actix_web::test::init_service(
App::new().service(
web::scope(<span class="string">"/"</span>)
.wrap(middleware)
.route(<span class="string">"/"</span>, web::get().to(HttpResponse::Ok)),
),
)
.<span class="kw">await</span>;
<span class="kw">let </span>req = actix_web::test::TestRequest::with_uri(<span class="string">"/"</span>)
.append_header((<span class="string">"Authorization"</span>, <span class="string">"Basic DontCare"</span>))
.to_request();
<span class="kw">let </span>resp = srv.call(req).<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(resp.status(), StatusCode::UNAUTHORIZED);
}
}
</code></pre></div></section></main></body></html>