Google Git
Sign in
apache/casbin-rust-rocket-authz

Casbin Rocket access control middleware

Mirrored from https://github.com/apache/casbin-rust-rocket-authz.git
Clone this repo:

Branches

Tags

  1. 4fbb616 fix: fix broken links (#7) by YunShu · 2 years, 9 months ago master
  2. 165175a Merge pull request #6 from hackerchai/master by Eason Chai · 5 years ago v0.1.0
  3. cf0bb79 feat: add README badges by hackerchai · 5 years ago
  4. 4759d06 Merge pull request #5 from RobotHuang/master by Eason Chai · 5 years ago
  5. be06589 docs: Add README.md by RobotHuang · 5 years ago

Rocket Casbin Middleware

Crates.io Docs CI codecov

Casbin access control middleware for Rocket framework

Install

Add it to Cargo.toml

rocket-authz = "0.1.0"

Requirement

Casbin only takes charge of permission control, so you need to implement an Authentication Middleware to identify user. You need to put rocket_authz::CasbinVals which contains subject and domain(optional) into reqeust.local_cache() through an Authentication Middleware. You could see an example of using rocket-authz in Example.

Example

#![feature(proc_macro_hygiene, decl_macro)]
use casbin::{DefaultModel, FileAdapter};
use rocket::{
    fairing::{Fairing, Info, Kind},
    get,
    request::Request,
    routes, Data,
};
use rocket_authz;

struct FakeAuthFairing;

impl Fairing for FakeAuthFairing {
    fn info(&self) -> Info {
        Info {
            name: "Fake Auth Fairing",
            kind: Kind::Request | Kind::Response,
        }
    }

    fn on_request(&self, request: &mut Request, _data: &Data) {
        request.local_cache(|| rocket_authz::CasbinVals::new(Some("alice".to_string()), None));
    }
}

#[get("/data1")]
fn data1(_g: rocket_authz::CasbinGuard) -> &'static str {
    "data1"
}

#[get("/data2")]
fn data2(_g: rocket_authz::CasbinGuard) -> &'static str {
    "data2"
}

fn rocket() -> rocket::Rocket {
    let rt = tokio::runtime::Runtime::new().unwrap();
    let m = match rt.block_on(DefaultModel::from_file(
        "examples/rbac_with_pattern_model.conf",
    )) {
        Ok(m) => m,
        Err(_) => panic!(""),
    };
    let a = FileAdapter::new("examples/rbac_with_pattern_policy.csv");

    let casbin_fairing = match rt.block_on(rocket_authz::CasbinFairing::new(m, a)) {
        Ok(f) => f,
        Err(_) => panic!(""),
    };
    let fake_auth_fairing = FakeAuthFairing;
    rocket::ignite()
        .attach(fake_auth_fairing)
        .attach(casbin_fairing)
        .mount("/", routes![data1, data2])
}

License

This project is licensed under