snazzyfellas-public-libs/sf-auth-middleware-axum
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor middleware and make auth_callback redirect instead of success message

Browse source
This commit is contained in:
Jonathan Cooper 2026-02-01 18:06:57 -08:00
parent 0d26e9326a
commit 3ec4360039
6 changed files with 383 additions and 185 deletions
Download patch file Download diff file Expand all files Collapse all files

27
examples/basic.rs
View file

@ -1,5 +1,5 @@
use axum::{middleware, response::Html, routing::get, Router};
use sf_auth_middleware_axum::{auth_callback, sf_auth_middleware, SfAuthConfig, SfUser};
use axum::{response::Html, routing::get, Router};
use sf_auth_middleware_axum::{create_auth_callback, SfAuthLayer, SfUser};
use tower_sessions::{MemoryStore, SessionManagerLayer};
#[tokio::main]
@ -7,10 +7,6 @@ async fn main() {
// Set up tracing for debugging
tracing_subscriber::fmt::init();
// Configure the SF authentication middleware
// The redirect_uri should point to where users should land after authentication
let config = SfAuthConfig::new("http://localhost:3000/dashboard");
// Set up session store using in-memory storage
// In production, you'd want to use a persistent store like Redis or PostgreSQL
let session_store = MemoryStore::default();
@ -22,13 +18,17 @@ async fn main() {
.route("/", get(home))
// Authentication callback route - must be publicly accessible
// This is where the SF auth server redirects users after authentication
.route("/auth/callback", get(auth_callback))
// After validation, users will be redirected to /dashboard
.route("/auth/callback", get(create_auth_callback("/dashboard")))
// Protected routes - require authentication
.route("/dashboard", get(dashboard))
.route("/profile", get(profile))
// Apply authentication middleware to protected routes
.layer(middleware::from_fn(move |session, req, next| {
sf_auth_middleware(config.clone(), session, req, next)
// Apply authentication middleware
// The redirect URI should point to the callback route in your app
// This is where the SF auth server will send users after they authenticate
.layer(SfAuthLayer::new(|_req| {
// Point to the auth callback route defined above
"http://localhost:3000/auth/callback".to_string()
}))
// Apply session layer (must be after the routes)
.layer(session_layer);
@ -43,6 +43,13 @@ async fn main() {
println!(" - http://localhost:3000/ (public)");
println!(" - http://localhost:3000/dashboard (protected, will redirect to SF auth)");
println!(" - http://localhost:3000/profile (protected, will redirect to SF auth)");
println!();
println!("Authentication flow:");
println!(" 1. Access /dashboard (protected)");
println!(" 2. Redirect to SF auth with redirect_uri=http://localhost:3000/auth/callback");
println!(" 3. SF auth validates and redirects to /auth/callback with credentials");
println!(" 4. Callback validates credentials and redirects to /dashboard");
println!(" 5. Access granted to /dashboard");
axum::serve(listener, app).await.unwrap();
}