Explore how you can secure your Actix Web application by using cookies.
shuttle
CLI installed):
/public
: a route that can be called without needing any authentication./login
: a route for posting a JSON object with a username and password to get a cookie./private
: a route that will display whether you’re logged in or not, based on if you’re logged in.actix-identity
and actix-session
with a cookie store to assist with easy setup.
main.rs
should look like this:
shuttle run
. Once you’ve verified that it’s up, you’ll now be able to go to http://localhost:8000
and start trying the example out!
First, we should be able to access the public endpoint without any authentication using:
/refresh
endpoint that takes an active token and returns a new token with a refreshed expiration time.
Looking to extend this example? Here’s a couple of ideas to get you started: