Description
This example shows how to use authentication within actix-web with cookies, assisted by actix-identity and actix-session. The idea is that all requests authenticate first at the login route to get a cookie, then the cookie is sent with all requests requiring authentication using the HTTP cookie header. You can clone the example below by running the following (you’ll needshuttle
CLI installed):
/public
: a route that can be called without needing any authentication./login
: a route for posting a JSON object with a username and password to get a cookie./private
: a route that will display whether you’re logged in or not, based on if you’re logged in.
actix-identity
and actix-session
with a cookie store to assist with easy setup.
Code
Cargo.toml
main.rs
should look like this:
main.rs
Usage
Once you’ve cloned this example, launch it locally by usingshuttle run
. Once you’ve verified that it’s up, you’ll now be able to go to http://localhost:8000
and start trying the example out!
First, we should be able to access the public endpoint without any authentication using:
/refresh
endpoint that takes an active token and returns a new token with a refreshed expiration time.
Looking to extend this example? Here’s a couple of ideas to get you started:
- Create a frontend to host the login
- Add a route for registering
- Use a database to check login credentials
If you want to explore other frameworks, we have more examples with popular ones like Tower and Warp. You can find them right here.
Be sure to check out the examples repo for many more examples!