novel sapphire
Is there an example somewhere where routes are dependent/guarded on a header in a somewhat concise way?
For example, I'd love to be able to have /auth go to an API flow if the Accept header is application/json but go to a web flow if the Accept header is text/html.
I've searched through the examples but didn't end up no something I thought was "elegant".
mossy vale
I'd think the solution presented in the guards example was pretty similar?
https://github.com/actix/examples/blob/master/guards/src/main.rs
novel sapphire
Uuuh. Apologies, I don't know how I missed that.
mossy vale
No stress.
I'm definitely interested in providing nice primitives for achieving this sort of routing.
https://docs.rs/actix-web/latest/actix_web/guard/struct.GuardContext.html#method.header
could be easy with a tiny custom guard, there's some very nice methods on Accept that'll help for variants of the json accept header; matching on a string value might be wrong-ish sometimes like application/json; charset=utf-8
novel sapphire
Is it also possible to do kinda the reverse? So here's what I'm thinking:
I have an api with a dozen endpoints. Some of those, respond to text/html and application/json, others only to text/html.
Now I want to set specific security headers depending on that, instead of repeating the set up for each "scope"/"resource". This is because some of the response security headers only really make sense to browser requests, others only to api requests.
mossy vale
sounds like middleware territory
if you're using guards to do part of this routing, you can add a piece of data to the request extensions and use that later in a middleware to add appropriate response headers
novel sapphire
you can add a piece of data to the request extensions and use that later in a middleware to add appropriate response headers
Oh yes, I'll give this a go. Thank you!
