Book Image

Rust Web Development with Rocket

By : Karuna Murti
Book Image

Rust Web Development with Rocket

By: Karuna Murti

Overview of this book

Looking for a fast, powerful, and intuitive framework to build web applications? This Rust book will help you kickstart your web development journey and take your Rust programming skills to the next level as you uncover the power of Rocket - a fast, flexible, and fun framework powered by Rust. Rust Web Development with Rocket wastes no time in getting you up to speed with what Rust is and how to use it. You’ll discover what makes it so productive and reliable, eventually mastering all of the concepts you need to play with the Rocket framework while developing a wide set of web development skills. Throughout this book, you'll be able to walk through a hands-on project, covering everything that goes into making advanced web applications, and get to grips with the ins and outs of Rocket development, including error handling, Rust vectors, and wrappers. You'll also learn how to use synchronous and asynchronous programming to improve application performance and make processing user content easy. By the end of the book, you'll have answers to all your questions about creating a web application using the Rust language and the Rocket web framework.
Table of Contents (20 chapters)
1
Part 1: An Introduction to the Rust Programming Language and the Rocket Web Framework
7
Part 2: An In-Depth Look at Rocket Web Application Development
14
Part 3: Finishing the Rust Web Application Development

Securing HTML forms from CSRF

One of the most common security attacks is CSRF, where a malicious third party tricks a user into sending a web form with different values than intended. One way to mitigate this attack is by sending a one-time token along with the form content. The web server then checks the token validity to ensure the request comes from the correct web browser.

We can create such a token in a Rocket application by creating a fairing that will generate a token and check the form value sent back. Let's look at the steps:

  1. First, we need to add the dependencies for this. We are going to need a base64 crate to encode and decode binary values into a string. We also need the secrets feature from Rocket to store and retrieve private cookies. Private cookies are just like regular cookies, but they are encrypted by the key we configured in the Rocket.toml file with secret_key.

For dependencies, we also need to add time as a dependency. Add the following...