You're reading from Rust Web Programming A hands-on guide to developing, packaging, and deploying fully functional Rust web applications

Product type Paperback

Published in Jan 2023

Publisher Packt

ISBN-13 9781803234694

Length 666 pages

Edition 2nd Edition

Languages

Rust

Tools

Rocket

Concepts

Server Side Web Development

Author (1):

Maxwell Flitton

View More author details

Table of Contents (27) Chapters

Preface

1. Part 1:Getting Started with Rust Web Development FREE CHAPTER

2. Chapter 1: A Quick Introduction to Rust

3. Chapter 2: Designing Your Web Application in Rust

4. Part 2:Processing Data and Managing Displays

5. Chapter 3: Handling HTTP Requests

6. Chapter 4: Processing HTTP Requests

7. Chapter 5: Displaying Content in the Browser

8. Part 3:Data Persistence

9. Chapter 6: Data Persistence with PostgreSQL

10. Chapter 7: Managing User Sessions

11. Chapter 8: Building RESTful Services

12. Part 4:Testing and Deployment

13. Chapter 9: Testing Our Application Endpoints and Components

14. Chapter 10: Deploying Our Application on AWS

15. Chapter 11: Configuring HTTPS with NGINX on AWS

16. Part 5:Making Our Projects Flexible

17. Chapter 12: Recreating Our Application in Rocket

18. Chapter 13: Best Practices for a Clean Web App Repository

19. Part 6:Exploring Protocol Programming and Async Concepts with Low-Level Network Applications

20. Chapter 14: Exploring the Tokio Framework

21. Chapter 15: Accepting TCP Traffic with Tokio

22. Chapter 16: Building Protocols on Top of TCP

23. Chapter 17: Implementing Actors and Async with the Hyper Framework

24. Chapter 18: Queuing Tasks with Redis

25. Index

Why subscribe?

26. Other Books You May Enjoy

Authenticating our users

When it comes to authenticating our users, we have built a struct that extracts a message from the header of the HTTP request. We are now at the stage where we can make real use of this extraction by storing data about the user in the header. Right now, there is nothing stopping us from storing the username, ID, and password in the header of each HTTP request so that we can authenticate each one. However, this is a terrible practice. If someone intercepts the request or gets hold of the data stored in the browser to facilitate this, then the account is compromised and the hacker can do whatever they want. Instead, we are going to obfuscate the data, as shown in the following figure:

Figure 7.5 – Steps for authenticating requests

In Figure 7.5, we can see that we use a secret key to serialize the structured data that we have on the user into a token that is in bytes. We then give the token to the user to store in the browser...