Casbin access control hoop for salvo framework
Add dependencies to Cargo.toml
cargo add salvo
cargo add salvo-casbin
cargo add tokio --features fullCasbin only takes charge of permission control, so you need to implement an Authentication Middleware to identify user.
For example:
use casbin::function_map::key_match2;
use casbin::{CoreApi, DefaultModel, Enforcer, FileAdapter};
use salvo::prelude::*;
use salvo_casbin::{CasbinHoop, CasbinVals};
// Handler that immediately returns an empty `200 OK` response.
#[handler]
async fn handler() {}
#[tokio::main]
async fn main() {
let m = DefaultModel::from_file("examples/rbac_with_pattern_model.conf")
.await
.unwrap();
let a = FileAdapter::new("examples/rbac_with_pattern_policy.csv");
let casbin_hoop = CasbinHoop::new(Enforcer::new(m, a).await.unwrap(), false, |_req, _depot| {
Ok(Some(CasbinVals {
subject: String::from("alice"),
domain: None,
}))
});
casbin_hoop
.write()
.await
.get_role_manager()
.write()
.matching_fn(Some(key_match2), None);
let app = Router::new()
.hoop(casbin_hoop)
.push(Router::with_path("/pen/1").get(handler))
.push(Router::with_path("/pen/2").get(handler))
.push(Router::with_path("/book/<id>").get(handler));
let acceptor = TcpListener::new("127.0.0.1:5800").bind().await;
Server::new(acceptor).serve(app).await;
}This project is licensed under
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
