-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for JWT handling #92
Comments
Any progress on this? I'm trying to implement JWT with cookies for my current application but would rather use a crate, because it's most likely written by people with more knowledge than me. This might also provide a good starting point for some new developers instead of using actix-identity to make the entry easier and provide a secure base for applications. |
Unfortunately, I've got side tracked and won't be able to deal with this issue in quite some time |
@GrandChaman Did you happen to start a branch with any work in progress code? This feature is now on my radar, and your description looks just like what I'm looking to find(or implement). |
@quentusrex I did start something for one of my final school projects, it's not production ready and needs a lot of rework, but maybe it'll get you started :) |
I might be interested in working on this at some point. I've implemented JWTs multiple times and know how to avoid pitfalls. However, for the next few months I will be very busy and likely won't get around to it. But I am willing to help/answer questions for anyone who does choose to work on it, if need be. |
Hi ! First of all, thank you for your amazing work !
I'm planning on adding support for JWT to the
actix-web-httpauth
crate.Is this the right place to implement such feature ? Or would it be in another crate ?
Like for the
Bearer
auth already implemented, theJWT
auth would have a config with different settings on how to validate the JWT and astruct
wrapped in anArc<RwLock<>>
in which to store, access and hot-replace theJWKS
.An extractor would also be available to extract common header fields as well as common claims. (Maybe find a way to make the claims struct dynamic, so that people could plug-in there own struct for the claims)
This features would require the following crates :
The text was updated successfully, but these errors were encountered: