I created this project while learning Rust. Project shows how to handle Facebook and Google token verification in Rust using Actix-Web. Hope this helps somebody out there.
- All magic happens in this file on this line
- Next, include
AuthenticatedUserstruct in your routes like this on line 9 - Under the hood, it uses
google-jwt-verifylibrary to verify Google Sign-in token and usesreqwestto verify Facebook token. Once verified, it stores the token details in Redis with auto expiration time based on the token expiration time.
- Make sure to add Google client ID, Facebook details in .env file. Once .env file is filled, this data should seamlessly flow to the rest of the application.
- User would authenticate using Google Sign in or Facebook Login in the browser.
- Browser would submit either google or facebook token in Authorization header of the HTTP request
- Actix will verify the token and proceed depending on whether token is valid/invalid. If invalid, returns 401 error. If valid, it proceeds with rest of the steps.
- For this App, all GET requests are non-authenticated so they are allowed without any verification.