mirror of
https://github.com/robertwayne/axum-htmx
synced 2024-11-26 05:09:35 +01:00
Document new guard behaviour
This commit is contained in:
parent
a07426695a
commit
19aadd8eab
2 changed files with 7 additions and 8 deletions
|
@ -54,9 +54,8 @@ present, the extractor will return `None` or `false` in most cases.
|
||||||
__Requires features `guards`.__
|
__Requires features `guards`.__
|
||||||
|
|
||||||
In addition to the extractors, there is also a route-wide layer request guard
|
In addition to the extractors, there is also a route-wide layer request guard
|
||||||
for the `HX-Request` header. This will return a `403: Forbidden` response if the
|
for the `HX-Request` header. This will redirect any requests without the header
|
||||||
header is not present, which is useful if you want to make an entire router, say
|
to "/" by default.
|
||||||
`/api`, only accessible via htmx requests.
|
|
||||||
|
|
||||||
_It should be noted that this is NOT a replacement for an auth guard. A user can
|
_It should be noted that this is NOT a replacement for an auth guard. A user can
|
||||||
trivially set the `HX-Request` header themselves. This is merely a convenience
|
trivially set the `HX-Request` header themselves. This is merely a convenience
|
||||||
|
@ -101,7 +100,7 @@ use axum_htmx::HxRequestGuardLayer;
|
||||||
|
|
||||||
fn protected_router() -> Router {
|
fn protected_router() -> Router {
|
||||||
Router::new()
|
Router::new()
|
||||||
.layer(HxRequestGuardLayer::new())
|
.layer(HxRequestGuardLayer::default())
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -17,11 +17,11 @@ use tower::{Layer, Service};
|
||||||
|
|
||||||
use crate::HX_REQUEST;
|
use crate::HX_REQUEST;
|
||||||
|
|
||||||
/// Checks if the request contains the `HX-Request` header, returning a `403:
|
/// Checks if the request contains the `HX-Request` header, redirecting to the
|
||||||
/// Forbidden` response if the header is not present.
|
/// given location if not.
|
||||||
///
|
///
|
||||||
/// This can be used to protect routes that should only be accessed via htmx
|
/// This can be useful for preventing users from accidently ending up on a route
|
||||||
/// requests.
|
/// which would otherwise return only partial HTML data.
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone)]
|
||||||
pub struct HxRequestGuardLayer<'a> {
|
pub struct HxRequestGuardLayer<'a> {
|
||||||
redirect_to: &'a str,
|
redirect_to: &'a str,
|
||||||
|
|
Loading…
Reference in a new issue