medallion/examples/custom_claims.rs

55 lines
1.7 KiB
Rust
Raw Normal View History

2018-11-18 15:46:19 +00:00
use medallion::{Header, Payload, Token};
use serde::{Deserialize, Serialize};
2017-02-13 23:40:07 +00:00
#[derive(Default, Serialize, Deserialize, PartialEq, Debug)]
2017-02-13 23:40:07 +00:00
struct Custom {
user_id: String,
// useful if you want a None to not appear in the serialized JSON
#[serde(skip_serializing_if = "Option::is_none")]
email: Option<String>,
2017-02-13 23:40:07 +00:00
rhino: bool,
}
fn new_token(user_id: &str, password: &str) -> Option<String> {
// dummy auth, in a real application using something like openidconnect, this would be some
// specific authentication scheme that takes place first then the JWT is generated as part of
// sucess and signed with the provider's private key so other services can validate trust for
// the claims in the token
2017-02-13 23:40:07 +00:00
if password != "password" {
return None;
2017-02-13 23:40:07 +00:00
}
2018-11-18 15:46:19 +00:00
let header: Header = Header::default();
let payload = Payload {
// custom claims will be application specific, they may come from open standards such as
// openidconnect where they may be referred to as registered claims
claims: Some(Custom {
user_id: user_id.into(),
rhino: true,
2018-11-18 15:46:19 +00:00
..Custom::default()
}),
2018-11-18 15:46:19 +00:00
..Payload::default()
2017-02-13 23:40:07 +00:00
};
let token = Token::new(header, payload);
2017-02-13 23:40:07 +00:00
token.sign(b"secret_key").ok()
2017-02-13 23:40:07 +00:00
}
fn login(token: &str) -> Option<String> {
let token = Token::<(), Custom>::parse(token).unwrap();
2017-02-13 23:40:07 +00:00
2017-02-17 16:53:12 +00:00
if token.verify(b"secret_key").unwrap() {
Some(token.payload.claims.unwrap().user_id)
2017-02-13 23:40:07 +00:00
} else {
None
}
}
fn main() {
let token = new_token("Random User", "password").unwrap();
2017-02-13 23:40:07 +00:00
let logged_in_user = login(&*token).unwrap();
assert_eq!(logged_in_user, "Random User");
2017-02-13 23:40:07 +00:00
}