pub struct SignedCookieJar<K = Key> { /* private fields */ }
Expand description

Extractor that grabs signed cookies from the request and manages the jar.

All cookies will be signed and verified with a Key. Do not use this to store private data as the values are still transmitted in plaintext.

Note that methods like SignedCookieJar::add, SignedCookieJar::remove, etc updates the SignedCookieJar and returns it. This value must be returned from the handler as part of the response for the changes to be propagated.

Example

use axum::{
    Router,
    Extension,
    routing::{post, get},
    extract::TypedHeader,
    response::{IntoResponse, Redirect},
    headers::authorization::{Authorization, Bearer},
    http::StatusCode,
};
use axum_extra::extract::cookie::{SignedCookieJar, Cookie, Key};

async fn create_session(
    TypedHeader(auth): TypedHeader<Authorization<Bearer>>,
    jar: SignedCookieJar,
) -> Result<(SignedCookieJar, Redirect), StatusCode> {
    if let Some(session_id) = authorize_and_create_session(auth.token()).await {
        Ok((
            // the updated jar must be returned for the changes
            // to be included in the response
            jar.add(Cookie::new("session_id", session_id)),
            Redirect::to("/me"),
        ))
    } else {
        Err(StatusCode::UNAUTHORIZED)
    }
}

async fn me(jar: SignedCookieJar) -> Result<(), StatusCode> {
    if let Some(session_id) = jar.get("session_id") {
        // fetch and render user...
    } else {
        Err(StatusCode::UNAUTHORIZED)
    }
}

async fn authorize_and_create_session(token: &str) -> Option<String> {
    // authorize the user and create a session...
}

// Generate a secure key
//
// You probably don't wanna generate a new one each time the app starts though
let key = Key::generate();

let app = Router::new()
    .route("/sessions", post(create_session))
    .route("/me", get(me))
    // add extension with the key so `SignedCookieJar` can access it
    .layer(Extension(key));

Implementations

Available on crate features cookie and cookie-signed only.

Get a cookie from the jar.

If the cookie exists and its authenticity and integrity can be verified then it is returned in plaintext.

Example
use axum_extra::extract::cookie::SignedCookieJar;
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) {
    let value: Option<String> = jar
        .get("foo")
        .map(|cookie| cookie.value().to_owned());
}
Available on crate features cookie and cookie-signed only.

Remove a cookie from the jar.

Example
use axum_extra::extract::cookie::{SignedCookieJar, Cookie};
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) -> SignedCookieJar {
    jar.remove(Cookie::named("foo"))
}
Available on crate features cookie and cookie-signed only.

Add a cookie to the jar.

The value will automatically be percent-encoded.

Example
use axum_extra::extract::cookie::{SignedCookieJar, Cookie};
use axum::response::IntoResponse;

async fn handle(jar: SignedCookieJar) -> SignedCookieJar {
    jar.add(Cookie::new("foo", "bar"))
}
Available on crate features cookie and cookie-signed only.

Verifies the authenticity and integrity of cookie, returning the plaintext version if verification succeeds or None otherwise.

Available on crate features cookie and cookie-signed only.

Get an iterator over all cookies in the jar.

Only cookies with valid authenticity and integrity are yielded by the iterator.

Trait Implementations

Formats the value using the given formatter. Read more

If the extractor fails it’ll use this “rejection” type. A rejection is a kind of error that can be converted into a response. Read more

Perform the extraction.

Create a response.

The type returned in the event of an error. Read more

Set parts of the response

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more