this post was submitted on 16 May 2025
24 points (96.2% liked)

Rust

6960 readers
7 users here now

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

[email protected]

Credits

  • The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

founded 2 years ago
MODERATORS
snowe
Ategon
EdTheLegendary
kahnclusions
torcherist
24
How do you implement API Keys? (self.rust)
submitted 2 weeks ago by ExperimentalGuy to c/rust
14 comments fedilink hide all child comments
 

So I've had this idea for an API for a while but the problem I keep coming back to is authentication. I'm using rocket to actually code it. I looked through the rocket docs and it looks like the closest thing to API key authentication it has are cookies.

I then went and looked at some other APIs to see if I can copy their layouts and it looks like a lot of them use an API key and then a secret API key for authentication. Did some more googling and stackoverflow said that it's more secure to use a pair like that.

So that leaves me with the actual question: how do you actually implement this feature? Do you just generate API keys and throw them a database to be looked up later? Should they be written/read to a file to be used later(probably not a good option I'd guess).

Just for reference I'm using rocket, sqlx and postgres.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 10 points 2 weeks ago (1 children)

I'd recommend switching away from Rocket if you can. It is not very actively maintained and Axum has become the better choice.

[โ€“] ExperimentalGuy 4 points 2 weeks ago

Thanks for the update, I wrote using rocket a few years ago so I figured everyone was still using that!