ascendingcreations / axumsessionauth Goto Github PK
View Code? Open in Web Editor NEWLibrary to Provide a User Authentication and privilege Token Checks.
License: MIT License
Library to Provide a User Authentication and privilege Token Checks.
License: MIT License
The trait with load()... should probably be Authentication, not SQLxSessionAuth.
I think the link is supposed to be this https://crates.io/crates/axum_session_redispool
while the readme has https://crates.io/crates/axum_session_redisspool. There is a an extra s
in redispool in the URL
Hello,
Where there any surrealdb integration examples?
Specifically, this line does not compile:
.layer(AuthSessionLayer::<User, i64, SessionPgPool, PgPool>::new(Some(poll)).with_config(auth_config));
When swapped out for surreal session pool and surreal client.
Maybe that was supposed to be auth.current_user ? There is also a section inside that if where auth.current_user is retrieved again though.
The greet handler in general is hard to follow.
What is isActive
meant for?
Also, I understand what isAnonymous
and isAuthenticated
mean, although I'm a bit confused why we need both. Is there any scenario where the following equality is not true?
isAnonymous() == ! isAuthenticated()
I'm using leptos_sse after user login to generate a server-to-client stream that keeps pushing server side events to the client without the client having to explicitly poll them. Because there is no poll, there is also no call to axum that would re-verify that the user is still logged in. But once the user logs out (or a different user logs in), I would like the SSE stream to end.
Currently, I've added AuthSession
as a parameter to the handle_sse
function, but that means the user auth session is only checked once when the stream is established. Is there a way for me to re-verify the session? Something like AuthSession::is_still_logged_in()
? Or maybe better something like AuthSession::reverify()
that checks the session data again and updates AuthSession::current_user
if necessary?
The examples all just return id != anonymous
from isAuthenticated
. But I assume isAuthenticated
is meant to allow for a scenario where we know who a user is but they're currently not logged in? How would that be represented?
If I understand the implementation correctly, then the user object is not persisted in the session, only the user id is, so adding a bool
field to the user object won't actually do anything. So how am I supposed to use this? Or did I misunderstand what isAuthenticated
is for?
I am writing a web application that uses sqlite in developer builds and postgres in production builds. The decision between the databases is made at runtime based on an environment variable. This currently does not work with axum-session-auth
, because the generic parameter on AuthSession
requires a choice between postgres and sqlite. I think it would make sense to impl DatabasePool for Box<dyn DatabasePool>
, then I could just use Box<dyn DatabasePool>
as the generic parameter for an AuthSession
and have it decide at runtime which database to use.
Hello.
How create object SessionAnyPool if use "Pool<Any>"?
sqlx::any::install_default_drivers();
let any_pool = AnyPoolOptions::new()
.max_connections(10)
.connect("sqlite://test.db").await.unwrap();
let session_any_pool = axum_session_auth::SessionAnyPool::new(any_pool);
We need to update the Documents to show all the newest changes that had to occur to support the newer changes in AxumDatabaseSessions.
[INFO] running `Command { std: "docker" "create" "-v" "/home/cratesfyi/workspace-builder/builds/axum_session_auth-0.10.0/target:/opt/rustwide/target:rw,Z" "-v" "/home/cratesfyi/workspace-builder/builds/axum_session_auth-0.10.0/source:/opt/rustwide/workdir:ro,Z" "-v" "/home/cratesfyi/workspace-builder/cargo-home:/opt/rustwide/cargo-home:ro,Z" "-v" "/home/cratesfyi/workspace-builder/rustup-home:/opt/rustwide/rustup-home:ro,Z" "-e" "SOURCE_DIR=/opt/rustwide/workdir" "-e" "CARGO_TARGET_DIR=/opt/rustwide/target" "-e" "DOCS_RS=1" "-e" "CARGO_HOME=/opt/rustwide/cargo-home" "-e" "RUSTUP_HOME=/opt/rustwide/rustup-home" "-w" "/opt/rustwide/workdir" "-m" "6442450944" "--cpus" "6" "--user" "1001:1001" "--network" "none" "ghcr.io/rust-lang/crates-build-env/linux@sha256:2788e3201cd34a07e3172128adcd8b3090168a8e3bcc40d7c032b9dda1df7d1c" "/opt/rustwide/cargo-home/bin/cargo" "+nightly" "rustdoc" "--lib" "-Zrustdoc-map" "--features" "sqlite-rustls mysql-rustls redis-db surrealdb-rocksdb surrealdb-mem advanced" "-Z" "unstable-options" "--config" "build.rustdocflags=[\"--document-private-items\", \"-Z\", \"unstable-options\", \"--emit=invocation-specific\", \"--resource-suffix\", \"-20231126-1.76.0-nightly-6cf088810\", \"--static-root-path\", \"/-/rustdoc.static/\", \"--cap-lints\", \"warn\", \"--extern-html-root-takes-precedence\"]" "--offline" "-Zunstable-options" "--config=doc.extern-map.registries.crates-io=\"https://docs.rs/{pkg_name}/{version}/x86_64-unknown-linux-gnu\"" "-Zrustdoc-scrape-examples" "-j6" "--target" "x86_64-unknown-linux-gnu", kill_on_drop: false }`
[INFO] [stderr] WARNING: Your kernel does not support swap limit capabilities or the cgroup is not mounted. Memory limited without swap.
[INFO] [stdout] 1d38cec993b7fc9eaa099a1d57a1426bcda8b6c0cdab4da111ad72e517245e4c
[INFO] running `Command { std: "docker" "start" "-a" "1d38cec993b7fc9eaa099a1d57a1426bcda8b6c0cdab4da111ad72e517245e4c", kill_on_drop: false }`
[INFO] [stderr] error: none of the selected packages contains these features: surrealdb-mem, surrealdb-rocksdb
[INFO] running `Command { std: "docker" "inspect" "1d38cec993b7fc9eaa099a1d57a1426bcda8b6c0cdab4da111ad72e517245e4c", kill_on_drop: false }`
[INFO] running `Command { std: "docker" "rm" "-f" "1d38cec993b7fc9eaa099a1d57a1426bcda8b6c0cdab4da111ad72e517245e4c", kill_on_drop: false }`
[INFO] [stdout] 1d38cec993b7fc9eaa099a1d57a1426bcda8b6c0cdab4da111ad72e517245e4c
regarding [INFO] [stderr] error: none of the selected packages contains these features: surrealdb-mem, surrealdb-rocksdb
the features according to surrealdb docs are kv-mem and kv-rocksb
The HasPermission
trait is not imported or declared in the example:
use sqlx::{PgPool, ConnectOptions, postgres::{PgPoolOptions, PgConnectOptions}};
use std::net::SocketAddr;
use axum_session::{SessionPgPool, Session, SessionConfig, SessionLayer, DatabasePool};
use axum_session_auth::{AuthSession, AuthSessionLayer, Authentication, AuthConfig};
use axum::{
Router,
routing::get,
};
// ...
which is implemented on the User
:
// This is only used if you want to use Token based Authentication checks
#[async_trait]
impl HasPermission<PgPool> for User {
async fn has(&self, perm: &String, _pool: &Option<&PgPool>) -> bool {
match &perm[..] {
"Token::UseAdmin" => true,
"Token::ModifyUser" => true,
_ => false,
}
}
}
where is this trait from? I guess it is use axum_session_auth::HasPermission;
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.