🪪 User identification, authentication, and authorization for Axum.
This crate provides user identification, authentication, and authorization
as a tower middleware for axum.
If offers:
- User Identification, Authentication, and Authorization: Leverage
AuthSessionto easily manage authentication and authorization. This is also an extractor, so it can be used directly in youraxumhandlers. - Support for Arbitrary Users and Backends: Applications implement a
couple of traits,
AuthUserandAuthnBackend, allowing for any user type and any user management backend. Your database? Yep. LDAP? Sure. An auth provider? You bet. - User and Group Permissions: Authorization is supported via the
AuthzBackendtrait, which allows applications to define custom permissions. Both user and group permissions are supported. - Convenient Route Protection: Middleware for protecting access to
routes are provided via the
login_requiredandpermission_requiredmacros. Or bring your own by usingAuthSessiondirectly withfrom_fn. - Rock-solid Session Management: Uses
tower-sessionsfor high-performing and ergonomic session management. Look ma, no deadlocks!
To use the crate in your project, add the following to your Cargo.toml file:
[dependencies]
axum-login = "0.7.2"We recommend reviewing our sqlite example.
Note
See the crate documentation for usage information.
This crate uses #![forbid(unsafe_code)] to ensure everything is implemented in 100% safe Rust.
We've put together a number of examples to help get you started. You're also welcome to open a discussion and ask additional questions you might have.
We appreciate all kinds of contributions, thank you!