https://github.com/casbin-rs/actix-casbin-auth

Casbin Actix-web access control middleware
https://github.com/casbin-rs/actix-casbin-auth

abac acl actix actix-web auth authentication casbin casbin-rs middleware permission rbac rust

Last synced: 3 months ago
JSON representation

Casbin Actix-web access control middleware

• Host: GitHub
• URL: https://github.com/casbin-rs/actix-casbin-auth
• Owner: casbin-rs
• Created: 2020-04-08T08:56:51.000Z (about 5 years ago)
• Default Branch: master
• Last Pushed: 2024-05-06T01:01:31.000Z (about 1 year ago)
• Last Synced: 2024-08-08T19:41:18.037Z (10 months ago)
• Topics: abac, acl, actix, actix-web, auth, authentication, casbin, casbin-rs, middleware, permission, rbac, rust
• Language: Rust
• Homepage: https://github.com/casbin/casbin-rs
• Size: 88.9 KB
• Stars: 55
• Watchers: 5
• Forks: 16
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Actix Casbin Middleware

[![Crates.io](https://img.shields.io/crates/d/actix-casbin-auth)](https://crates.io/crates/actix-casbin-auth)

[![Docs](https://docs.rs/actix-casbin-auth/badge.svg)](https://docs.rs/actix-casbin-auth)

[![CI](https://github.com/casbin-rs/actix-casbin-auth/actions/workflows/ci.yml/badge.svg)](https://github.com/casbin-rs/actix-casbin-auth/actions/workflows/ci.yml)

[![codecov](https://codecov.io/gh/casbin-rs/actix-casbin-auth/branch/master/graph/badge.svg)](https://codecov.io/gh/casbin-rs/actix-casbin-auth)

[Casbin](https://github.com/casbin/casbin-rs) access control middleware for [actix-web](https://github.com/actix/actix-web) framework

## Install

Add dependencies

```bash

cargo add actix-rt

cargo add actix-web

cargo add actix-casbin --no-default-features --features runtime-async-std

cargo add actix-casbin-auth --no-default-features --features runtime-async-std

```

## Requirement

**Casbin only takes charge of permission control**, so you need to implement an `Authentication Middleware` to identify user.

You should put `actix_casbin_auth::CasbinVals` which contains `subject`(username) and `domain`(optional) into [Extension](https://docs.rs/actix-web/2.0.0/actix_web/dev/struct.Extensions.html).

For example:

```rust

use std::cell::RefCell;

use std::pin::Pin;

use std::rc::Rc;

use std::task::{Context, Poll};

use actix_service::{Service, Transform};

use actix_web::{dev::ServiceRequest, dev::ServiceResponse, Error, HttpMessage};

use futures::future::{ok, Future, Ready};

use actix_casbin_auth::CasbinVals;

pub struct FakeAuth;

impl Transform for FakeAuth

    where

        S: Service, Error = Error>,

        S::Future: 'static,

        B: 'static,

{

    type Response = ServiceResponse;

    type Error = Error;

    type InitError = ();

    type Transform = FakeAuthMiddleware;

    type Future = Ready>;


    fn new_transform(&self, service: S) -> Self::Future {

        ok(FakeAuthMiddleware {

            service: Rc::new(RefCell::new(service)),

        })

    }

}

pub struct FakeAuthMiddleware {

    service: Rc>,

}

impl Service for FakeAuthMiddleware

    where

        S: Service, Error = Error> + 'static,

        S::Future: 'static,

        B: 'static,

{

    type Response = ServiceResponse;

    type Error = Error;

    type Future = Pin>>>;


    fn poll_ready(&mut self, cx: &mut Context) -> Poll> {

        self.service.poll_ready(cx)

    }

    fn call(&mut self, req: ServiceRequest) -> Self::Future {

        let mut svc = self.service.clone();

        Box::pin(async move {

            let vals = CasbinVals {

                subject: String::from("alice"),

                domain: None,

            };

            req.extensions_mut().insert(vals);

            svc.call(req).await

        })

    }

}

````

## Example

```rust

use actix_casbin_auth::casbin::{DefaultModel, FileAdapter, Result};

use actix_casbin_auth::CasbinService;

use actix_web::{web, App, HttpResponse, HttpServer};

use actix_casbin_auth::casbin::function_map::key_match2;

#[allow(dead_code)]

mod fake_auth;

#[actix_rt::main]

async fn main() -> Result<()> {

    let m = DefaultModel::from_file("examples/rbac_with_pattern_model.conf")

        .await

        .unwrap();

    let a = FileAdapter::new("examples/rbac_with_pattern_policy.csv");  //You can also use diesel-adapter or sqlx-adapter

    let casbin_middleware = CasbinService::new(m, a).await?;

    casbin_middleware

        .write()

        .await

        .get_role_manager()

        .write()

        .unwrap()

        .matching_fn(Some(key_match2), None);

    HttpServer::new(move || {

        App::new()

            .wrap(casbin_middleware.clone())

            .wrap(FakeAuth)          

            .route("/pen/1", web::get().to(|| HttpResponse::Ok()))

            .route("/book/{id}", web::get().to(|| HttpResponse::Ok()))

    })

    .bind("127.0.0.1:8080")?

    .run()

    .await?;

    Ok(())

}

```

## License

This project is licensed under

* Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0))