Route Guard mechanism

[Murtuzakabul]

Middleware can be deployed for authentication. However having route guard type of mechanism can help greatly in organizing authorization code.

Implement additional guard on routes

Similar functionality is already available in Actix which helps a lot in properly organizing the authorization logic. At the point of route guard processing, the user might already have authenticated and the the guard only decides if the user can access the route based on the data in the request.

[chrislearn]

I don't quite understand the feature you said, can you give example actix code about it?

[Murtuzakabul]

https://docs.rs/actix-web/3.3.3/actix_web/guard/index.html
A guard is simply a function which returns a boolean which determines if the route could be navigated to or not. This function gets invoked before the route gets executed and if the function returns false, the route does not get executed and may return 404 or 401 as configured.

[chrislearn]

It looks like Router's filter. In salvo, Router::get, Router::post... are just filter.
https://docs.rs/salvo_core/latest/salvo_core/routing/struct.Router.html#method.filter_fn

[Murtuzakabul]

Seems like the correct solution.

[sysmat]

• filter_fn can't be async is there any other way to , let say in filter_fn must do some async validation operation
• should in async scenario to be hoop with async_trait

[sysmat]

is it possible to have routes guard/grant by roles some thing like https://crates.io/crates/actix-web-grants

[chrislearn]

Filter is not supports async in current version.
If you want to protected your router, you can use middleware.

Router::with_path("aaa").push(Router::with_hoop(check).path("bb"))

[DDtKey]

For anyone interested: https://github.com/DDtKey/protect-endpoints now supports salvo 🎉