Authentication in Rocket

Last week we enhanced our Rocket web server. We combined our server with our Diesel schema to enable a series of basic CRUD endpoints. This week, we’ll continue this integration, but bring in some more cool Rocket features. We’ll explore two different methods of authentication. First, we’ll create a “Request Guard” to allow a form of Basic Authentication. Then we’ll also explore Rocket’s amazingly simple Cookies integration.

As always, you can explore the code for this series by heading to our Github repository. For this article specifically, you’ll want to take a look at the rocket_auth.rs file

If you’re just starting your Rust journey, feel free to check out our Beginners Series as well!

New Data Types

To start off, let’s make a few new types to help us. First, we’ll need a new database table, auth_infos, based on this struct:

#[derive(Insertable)]
pub struct AuthInfo {
  pub user_id: i32,
  pub password_hash: String
}

When the user creates their account, they’ll provide a password. We’ll store a hash of that password in our database table. Of course, you’ll want to run through all the normal steps we did with Diesel to create this table. This includes having the corresponding Entity type.