Struct axum_extra::extract::cookie::SignedCookieJar

source · [−]

pub struct SignedCookieJar<K = Key> { /* private fields */ }

Available on crate feature cookie only.

Expand description

Extractor that grabs signed cookies from the request and manages the jar.

All cookies will be signed and verified with a Key. Do not use this to store private data as the values are still transmitted in plaintext.

Note that methods like SignedCookieJar::add, SignedCookieJar::remove, etc updates the SignedCookieJar and returns it. This value must be returned from the handler as part of the response for the changes to be propagated.

Example

use axum::{
    Router,
    Extension,
    routing::{post, get},
    extract::TypedHeader,
    response::{IntoResponse, Redirect},
    headers::authorization::{Authorization, Bearer},
    http::StatusCode,
};
use axum_extra::extract::cookie::{SignedCookieJar, Cookie, Key};

async fn create_session(
    TypedHeader(auth): TypedHeader<Authorization<Bearer>>,
    jar: SignedCookieJar,
) -> Result<(SignedCookieJar, Redirect), StatusCode> {
    if let Some(session_id) = authorize_and_create_session(auth.token()).await {
        Ok((
            // the updated jar must be returned for the changes
            // to be included in the response
            jar.add(Cookie::new("session_id", session_id)),
            Redirect::to("/me"),
        ))
    } else {
        Err(StatusCode::UNAUTHORIZED)
    }
}

async fn me(jar: SignedCookieJar) -> Result<(), StatusCode> {
    if let Some(session_id) = jar.get("session_id") {
        // fetch and render user...
    } else {
        Err(StatusCode::UNAUTHORIZED)
    }
}

async fn authorize_and_create_session(token: &str) -> Option<String> {
    // authorize the user and create a session...
}

// Generate a secure key
//
// You probably don't wanna generate a new one each time the app starts though
let key = Key::generate();

let app = Router::new()
    .route("/sessions", post(create_session))
    .route("/me", get(me))
    // add extension with the key so `SignedCookieJar` can access it
    .layer(Extension(key));

Implementations

source

impl<K> SignedCookieJar<K>

source

pub fn get(&self, name: &str) -> Option<Cookie<'static>>

Available on crate feature cookie-signed only.

Get a cookie from the jar.

If the cookie exists and its authenticity and integrity can be verified then it is returned in plaintext.

Example

use axum_extra::extract::cookie::SignedCookieJar;
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) {
    let value: Option<String> = jar
        .get("foo")
        .map(|cookie| cookie.value().to_owned());
}

source

pub fn remove(self, cookie: Cookie<'static>) -> Self

Available on crate feature cookie-signed only.

Remove a cookie from the jar.

Example

use axum_extra::extract::cookie::{SignedCookieJar, Cookie};
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) -> SignedCookieJar {
    jar.remove(Cookie::named("foo"))
}

source

pub fn add(self, cookie: Cookie<'static>) -> Self

Available on crate feature cookie-signed only.

Add a cookie to the jar.

The value will automatically be percent-encoded.

Example

use axum_extra::extract::cookie::{SignedCookieJar, Cookie};
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) -> SignedCookieJar {
    jar.add(Cookie::new("foo", "bar"))
}