A godawful jwt implementation
[dependencies.jwt]
package="tenet"
version = "*"
features = ["HS256"]This library is slow, baldly implemented and took a total of 20 minutes to write and bug check.
You are much better off using another tried and tested JWT implementation:
Why does it exist? I got fed up with shitty API design around signing and verifying tokens.
- This library has only two separate token types.
- This library does not do any verification on a token payload.
This library has two token types:
- A unsigned token with a given type (
Token<T>) - A signed token (
SignedToken)
Token algorithms are decided by a enum: TokenAlgorithm
HS256HS512
use serde::{Serialize, Deserialize};
use jwt::{Token, TokenAlgorithm, SignedToken};
// Create a new token type.
// This uses serde's Serialize and Deserialize procedural macros.
#[derive(Serialize, Deserialize, Debug)]
struct MyToken {
foo: u8,
bar: bool,
baz: String,
}
// create a key to sign and verify tokens.
let token_key = b"VERY_SECURE_KEY".to_vec();
// create a new token, sign it, and get the string representation
let token = Token::create(
TokenAlgorithm::HS256,
MyToken { foo: 10, bar: true, baz: "Hello World".to_string() }
)
.sign(&token_key).unwrap().string();
println!("{}", token);
// verify a token input
let payload = Token::<MyToken>::verify(token, &token_key).unwrap();
println!("{:?}", payload);