Struct actix_identity::CookieIdentityPolicy

pub struct CookieIdentityPolicy(_);

Use cookies for request identity storage.

See this page on MDN for details on cookie attributes.

Examples

use actix_web::App;
use actix_identity::{CookieIdentityPolicy, IdentityService};

// create cookie identity backend
let policy = CookieIdentityPolicy::new(&[0; 32])
           .domain("www.rust-lang.org")
           .name("actix_auth")
           .path("/")
           .secure(true);

let app = App::new()
    // wrap policy into identity middleware
    .wrap(IdentityService::new(policy));

Implementations

impl CookieIdentityPolicy

pub fn new(key: &[u8]) -> CookieIdentityPolicy

Create new CookieIdentityPolicy instance.

Key argument is the private key for issued cookies. If this value is changed, all issued cookie identities are invalidated.

Panics

Panics if key is less than 32 bytes in length..

pub fn name(self, value: impl Into<String>) -> CookieIdentityPolicy

Sets the name of issued cookies.

pub fn path(self, value: impl Into<String>) -> CookieIdentityPolicy

Sets the Path attribute of issued cookies.

pub fn domain(self, value: impl Into<String>) -> CookieIdentityPolicy

Sets the Domain attribute of issued cookies.

pub fn secure(self, value: bool) -> CookieIdentityPolicy

Sets the Secure attribute of issued cookies.

pub fn max_age(self, value: Duration) -> CookieIdentityPolicy

Sets the Max-Age attribute of issued cookies.

pub fn max_age_secs(self, seconds: i64) -> CookieIdentityPolicy

Sets the Max-Age attribute of issued cookies with given number of seconds.

pub fn http_only(self, http_only: bool) -> Self

Sets the HttpOnly attribute of issued cookies.

By default, the HttpOnly attribute is omitted from issued cookies.

pub fn same_site(self, same_site: SameSite) -> Self

Sets the SameSite attribute of issued cookies.

By default, the SameSite attribute is omitted from issued cookies.

pub fn visit_deadline(self, deadline: Duration) -> CookieIdentityPolicy

Accepts only users who have visited within given deadline.

In other words, invalidate a login after some amount of inactivity. Using this feature causes updated cookies to be issued on each response in order to record the user’s last visitation timestamp.

By default, visit deadline is disabled.

pub fn login_deadline(self, deadline: Duration) -> CookieIdentityPolicy

Accepts only users who authenticated within the given deadline.

In other words, invalidate a login after some amount of time, regardless of activity. While Max-Age is useful in constraining the cookie lifetime, it could be extended manually; using this feature encodes the deadline directly into the issued cookies, making it immutable to users.

By default, login deadline is disabled.

Trait Implementations

impl IdentityPolicy for CookieIdentityPolicy

type Future = Ready<Result<Option<String>, Error>>

The return type of the middleware

type ResponseFuture = Ready<Result<(), Error>>

The return type of the middleware

fn from_request(&self, req: &mut ServiceRequest) -> Self::Future

Parse the session from request and load data from a service identity.

fn to_response<B>(
    &self,
    id: Option<String>,
    changed: bool,
    res: &mut ServiceResponse<B>
) -> Self::ResponseFuture

Write changes to response