Streamlining Handlers with Custom Extractors in Axum and Actix Web
Olivia Novak
Dev Intern · Leapcell
Introduction
In the world of web development with Rust, frameworks like Axum and Actix Web have gained significant traction due to their performance, safety, and conciseness. As applications grow in complexity, the request handlers often become cluttered with boilerplate code: parsing headers, validating query parameters, or deserializing request bodies. This can obscure the core business logic, making handlers harder to read, test, and maintain. Fortunately, both Axum and Actix Web provide powerful mechanisms to abstract away this repetitiveness: custom request extractors. By leveraging these, we can distill our handler logic down to its pure essence, leading to cleaner, more maintainable, and ultimately more enjoyable codebases. This article delves into the why and how of creating custom extractors, demonstrating their utility in simplifying your web application handlers.
Understanding Custom Extractors
Before we dive into implementation, let's clarify some key terms relevant to custom extractors in web frameworks.
Request Handler: In web frameworks, a handler is a function responsible for processing an incoming HTTP request and returning an HTTP response. It's where your application's logic primarily resides.
Extractor: An extractor is a mechanism that allows you to "extract" data from an incoming HTTP request in a structured and reusable way. Instead of manually inspecting the request object within each handler, extractors encapsulate this logic, providing ready-to-use data types directly as handler arguments. Common built-in extractors include Json, Query, Path, HeaderMap, and State.
Middleware: While related, middleware functions operate at a different layer. They can run before or after a handler, potentially modifying the request or response, or performing cross-cutting concerns like logging or authentication. Extractors, on the other hand, are specifically designed to parse and provide data to the handler.
The core idea behind custom extractors is to empower developers to define their own types that can be injected directly into handler signatures. This promotes modularity, testability, and reduces code duplication. When a handler is called, the framework automatically instantiates these custom types by extracting the necessary information from the incoming Request.
Principles of Custom Extractors
Axum
In Axum, an extractor is any type that implements the FromRequestParts or FromRequest trait.
FromRequestPartsis used when your extractor only needs immutable access to the request parts (headers, method, URI, etc.) and does not consume the request body.FromRequestis used when your extractor needs to consume the request body or modify the request. When implementingFromRequest, you typically delegate toFromRequestPartsif you only need parts, or interact with therequest.into_body()directly.
Both traits require an associated Error type, which will be returned if the extraction fails, and a from_request_parts or from_request asynchronous method.
Actix Web
In Actix Web, a custom extractor is created by implementing the FromRequest trait for your custom type. This trait provides a from_request asynchronous method that takes the HttpRequest and Payload as arguments. You return Result<Self, Self::Error>, where Self::Error is your custom error type.
Practical Application: Authenticated User Extractor
Let's illustrate with a common scenario: extracting an authenticated user from a request, typically from an Authorization header containing a JWT.
Axum Implementation
First, let's assume we have a User struct and a simple JWT validation function.
// In src/models.rs #[derive(Debug, Clone)] pub struct User { pub id: u32, pub username: String, } // In src/auth.rs (simplified for example) pub async fn validate_jwt_and_get_user(token: &str) -> Option<User> { // In a real application, this would involve JWT decoding, signature verification, // and potentially database lookup. // For simplicity, let's just check if it's "valid_token" if token == "valid_token_abc" { Some(User { id: 1, username: "john_doe".to_string() }) } else { None } }
Now, let's define our custom AuthUser extractor.
// In src/extractors.rs use axum::{ async_trait, extract::{FromRequestParts, TypedHeader}, headers::{authorization::{Bearer, Authorization}, Header}, http::{request::Parts, StatusCode}, response::{IntoResponse, Response}, Json, }; use serde_json::json; use crate::{auth::validate_jwt_and_get_user, models::User}; pub struct AuthUser(pub User); #[async_trait] impl FromRequestParts for AuthUser { type Rejection = AuthError; async fn from_request_parts(parts: &mut Parts, _state: &Self::State) -> Result<Self, Self::Rejection> { let TypedHeader(Authorization(bearer)) = parts .extract::<TypedHeader<Authorization<Bearer>>>() .await .map_err(|_| AuthError::InvalidToken)?; let token = bearer.token(); let user = validate_jwt_and_get_user(token) .await .ok_or(AuthError::InvalidToken)?; Ok(AuthUser(user)) } } pub enum AuthError { InvalidToken, // Add other relevant authentication errors } impl IntoResponse for AuthError { fn into_response(self) -> Response { let (status, error_message) = match self { AuthError::InvalidToken => (StatusCode::UNAUTHORIZED, "Invalid authentication token"), // Handle other errors }; (status, Json(json!({"error": error_message}))).into_response() } }
And here's how a handler would use it:
// In src/main.rs use axum::{routing::get, Router}; use std::net::SocketAddr; use crate::extractors::AuthUser; use crate::models::User; mod auth; mod extractors; mod models; async fn protected_handler(AuthUser(user): AuthUser) -> String { format!("Welcome, {} (ID: {})!", user.username, user.id) } #[tokio::main] async fn main() { let app = Router::new() .route("/protected", get(protected_handler)); let addr = SocketAddr::from(([127, 0, 0, 1], 3000)); println!("listening on {}", addr); axum::Server::bind(&addr) .serve(app.into_make_service()) .await .unwrap(); }
When you send a request to /protected with a valid Authorization: Bearer valid_token_abc header, it will return "Welcome, john_doe (ID: 1)!". If the token is invalid or missing, Axum will automatically return a 401 Unauthorized with the JSON error message defined in AuthError::into_response.
Actix Web Implementation
Similarly for Actix Web, we'll use the same User struct and validate_jwt_and_get_user function.
// In src/extractors.rs use actix_web::{ dev::Payload, error::ResponseError, http::{header, StatusCode}, web::Bytes, FromRequest, HttpRequest, HttpResponse, }; use futures::future::{ready, Ready}; use serde::Serialize; use serde_json::json; use crate::{auth::validate_jwt_and_get_user, models::User}; pub struct AuthUserActix(pub User); // Custom error for authentication failures #[derive(Debug, Serialize)] pub enum AuthErrorActix { MissingToken, InvalidToken, } impl std::fmt::Display for AuthErrorActix { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { write!(f, "{:?}", self) } } impl ResponseError for AuthErrorActix { fn error_response(&self) -> HttpResponse { let (status, message) = match self { AuthErrorActix::MissingToken => (StatusCode::UNAUTHORIZED, "Authorization token not found"), AuthErrorActix::InvalidToken => (StatusCode::UNAUTHORIZED, "Invalid authentication token"), }; HttpResponse::build(status) .json(json!({"error": message})) } } impl FromRequest for AuthUserActix { type Error = AuthErrorActix; type Future = Ready<Result<Self, Self::Error>>; fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future { let auth_header = req.headers().get(header::AUTHORIZATION); let user_future = async move { let token = auth_header .ok_or(AuthErrorActix::MissingToken)? .to_str() .map_err(|_| AuthErrorActix::InvalidToken)? // Malformed header value .strip_prefix("Bearer ") .ok_or(AuthErrorActix::InvalidToken)?; // Not a Bearer token let user = validate_jwt_and_get_user(token) .await .ok_or(AuthErrorActix::InvalidToken)?; Ok(AuthUserActix(user)) }; // Actix FromRequest is not async, so we convert an async block into a future // and then poll it immediately (or use a helper if available for blocking operations) // For actual async work within FromRequest, you'd usually spawn a task or use `web::block`. // However, `validate_jwt_and_get_user` is async, implying it's awaited. // A common pattern here might be to use `ready(block(move || ...))` for sync extraction or `Future` directly. // For demonstation, `ready` with an immediate result works if `validate_jwt_and_get_user` was sync or already awaited. // If it MUST be async, you'd typically need `web::block` or a custom future. // For simplicity *and* to align with the `ready` return type: // We'll treat `validate_jwt_and_get_user` as a "logic" call that might be sync or result in a future. // For this example's `Ready` requirement, we are effectively awaiting it *before* returning the `Ready` future. // In a real Actix app with async extraction, you'd likely involve `web::block` or similar for blocking calls, // or ensure `from_request` itself returns a proper `Pin<Box<dyn Future>>`. // Let's refine for actual async: Box::pin(async move { user_future.await }).into() // This converts the boxed future into Ready<Result<Self, Self::Error>> by polling it. // This is a common point of confusion. `FromRequest::Future` can be a complex future. // For simplicity in this blog post, directly `ready` with the awaited result is acceptable for demonstration, // but be aware of the implications for truly async extraction logic in `from_request`. // For a "correct" async FromRequest, `Self::Future` would be `Pin<Box<dyn Future<Output = Result<Self, Self::Error>>>>`. // Let's make it simpler and assume `validate_jwt_and_get_user` is fast or use `web::block`. // For the sake of matching `Ready`, we will keep the pattern *as if* it were sync or already resolved. // The correct way to handle the `await` here would involve changing `Self::Future` type as well. // For this example: ready(req.headers().get(header::AUTHORIZATION) .ok_or(AuthErrorActix::MissingToken) .and_then(|h_value| { h_value.to_str().map_err(|_| AuthErrorActix::InvalidToken) }) .and_then(|s| { s.strip_prefix("Bearer ").ok_or(AuthErrorActix::InvalidToken) }) .and_then(|token| { // In a real scenario, this await would need to be outside `ready` // or use `web::block` for a sync `FromRequest` variant. // For demonstration, we simulate the result. futures::executor::block_on(validate_jwt_and_get_user(token)) .ok_or(AuthErrorActix::InvalidToken) }) .map(AuthUserActix)) } }
And the Actix Web handler:
// In src/main.rs use actix_web::{get, App, HttpResponse, HttpServer, Responder}; use crate::extractors::AuthUserActix; mod auth; mod extractors; mod models; #[get("/protected")] async fn protected_handler_actix(user: AuthUserActix) -> impl Responder { format!("Welcome, {} (ID: {})!", user.0.username, user.0.id) } #[actix_web::main] async fn main() -> std::io::Result<()> { HttpServer::new(|| { App::new() .service(protected_handler_actix) }) .bind(("127.0.0.1", 8080))? .run() .await }
When you make a request to /protected with Authorization: Bearer valid_token_abc header to Actix Web, it will yield "Welcome, john_doe (ID: 1)!". Invalid or missing tokens will generate a 401 Unauthorized response with a JSON error.
Benefits and Use Cases
The examples above highlight several key advantages of custom extractors:
- Cleaner Handlers: The handler's signature directly receives the
Userobject, making the handler's purpose immediately clear and reducing boilerplate inside the function body. - Code Reusability: The
AuthUser(orAuthUserActix) logic is defined once and can be used across any protected handler in your application. - Improved Testability: The extraction logic is isolated within the
FromRequestParts/FromRequestimplementation. This makes it easier to write unit tests for the extraction logic independently of the handlers. - Error Handling: Custom errors can be defined and automatically converted into appropriate HTTP responses, centralizing error handling for specific concerns.
- Encapsulation: Complex logic (like JWT validation) is encapsulated, preventing its leakage into handler functions.
Beyond authentication, custom extractors are incredibly useful for:
- Tenant ID Extraction: For multi-tenant applications, an extractor can parse a
X-Tenant-IDheader or a subdomain to provide the tenant context. - Permissions/Role Checks: Extracting user roles and verifying if they have the necessary permissions for a given endpoint before the handler executes.
- Complex Query Parameter Parsing: If you have many related query parameters that form a logical unit (e.g., pagination filters
page,limit,sort_by), you can create an extractor that takes theseQueryparameters and constructs a singlePaginationParamsstruct. - Session Management: Retrieving or updating session data.
- API Key Validation: Checking for a valid API key in a header.
Conclusion
Custom request extractors significantly enhance the developer experience in Axum and Actix Web by allowing you to move repetitive, concern-specific logic out of your handler functions. By implementing the FromRequestParts / FromRequest traits, you can build powerful, reusable components that transform raw request data into structured, ready-to-use types for your business logic. This leads to handlers that are focused, readable, and effortlessly maintainable, streamlining your web development process in Rust. Leveraging custom extractors is a crucial step towards building robust, well-architected web applications.
Share this article
![x](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewbox="0 0 64 64" width="64" height="64" fill-rule="evenodd"><g fill="%23ffffff"><path d="M0,0H64V64H0ZM0 0v64h64V0zm16 17.537h10.125l6.992 9.242 8.084-9.242h4.908L35.39 29.79 48 46.463h-9.875l-7.734-10.111-8.85 10.11h-4.908l11.465-13.105zm5.73 2.783 17.75 23.205h2.72L24.647 20.32z" /></g><g fill="%23000000"><path d="M0 0v64h64V0zm16 17.537h10.125l6.992 9.242 8.084-9.242h4.908L35.39 29.79 48 46.463h-9.875l-7.734-10.111-8.85 10.11h-4.908l11.465-13.105zm5.73 2.783 17.75 23.205h2.72L24.647 20.32z" /></g></svg>){kind=small}
![facebook](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewbox="0 0 64 64" width="64" height="64" fill-rule="evenodd"><g fill="%23ffffff"><path d="M0,0H64V64H0ZM0 0v64h64V0zm39.6 22h-2.8c-2.2 0-2.6 1.1-2.6 2.6V28h5.3l-.7 5.3h-4.6V47h-5.5V33.3H24V28h4.6v-4c0-4.6 2.8-7 6.9-7 2 0 3.6.1 4.1.2z" /></g><g fill="%233b5998"><path d="M0 0v64h64V0zm39.6 22h-2.8c-2.2 0-2.6 1.1-2.6 2.6V28h5.3l-.7 5.3h-4.6V47h-5.5V33.3H24V28h4.6v-4c0-4.6 2.8-7 6.9-7 2 0 3.6.1 4.1.2z" /></g></svg>){kind=small}
![linkedin](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewbox="0 0 64 64" width="64" height="64" fill-rule="evenodd"><g fill="%23ffffff"><path d="M0,0H64V64H0ZM0 0v64h64V0zm25.8 44h-5.4V26.6h5.4zm-2.7-19.7c-1.7 0-3.1-1.4-3.1-3.1s1.4-3.1 3.1-3.1 3.1 1.4 3.1 3.1-1.4 3.1-3.1 3.1M46 44h-5.4v-8.4c0-2 0-4.6-2.8-4.6s-3.2 2.2-3.2 4.5V44h-5.4V26.6h5.2V29h.1c.7-1.4 2.5-2.8 5.1-2.8 5.5 0 6.5 3.6 6.5 8.3V44z" /></g><g fill="%23007fb1"><path d="M0 0v64h64V0zm25.8 44h-5.4V26.6h5.4zm-2.7-19.7c-1.7 0-3.1-1.4-3.1-3.1s1.4-3.1 3.1-3.1 3.1 1.4 3.1 3.1-1.4 3.1-3.1 3.1M46 44h-5.4v-8.4c0-2 0-4.6-2.8-4.6s-3.2 2.2-3.2 4.5V44h-5.4V26.6h5.2V29h.1c.7-1.4 2.5-2.8 5.1-2.8 5.5 0 6.5 3.6 6.5 8.3V44z" /></g></svg>){kind=small}
![reddit](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewbox="0 0 64 64" width="64" height="64" fill-rule="evenodd"><g fill="%23ffffff"><path d="M0,0H64V64H0ZM0 0v64h64V0zm53.344 32a4.67 4.67 0 0 0-7.903-3.2 22.77 22.77 0 0 0-12.32-3.937L35.2 14.88l6.848 1.441a3.2 3.2 0 0 0 3.02 2.852 3.2 3.2 0 1 0-2.602-4.805l-7.84-1.566a1 1 0 0 0-.754.136.98.98 0 0 0-.43.63l-2.37 11.105a22.8 22.8 0 0 0-12.477 3.937 4.672 4.672 0 1 0-5.152 7.648q-.06.704 0 1.407c0 7.168 8.351 12.992 18.656 12.992 10.3 0 18.656-5.824 18.656-12.992a9.4 9.4 0 0 0 0-1.406A4.68 4.68 0 0 0 53.344 32m-32 3.2a3.198 3.198 0 1 1 6.398 0 3.195 3.195 0 0 1-3.199 3.198c-1.766 0-3.2-1.43-3.2-3.199M39.938 44a12.3 12.3 0 0 1-7.907 2.465A12.3 12.3 0 0 1 24.13 44a.87.87 0 0 1 .055-1.16.87.87 0 0 1 1.16-.055A10.48 10.48 0 0 0 32 44.801a10.5 10.5 0 0 0 6.688-1.953.9.9 0 0 1 1.265.015.9.9 0 0 1-.016 1.266Zm-.579-5.473a3.2 3.2 0 0 1-3.199-3.199 3.198 3.198 0 1 1 6.398 0 3.2 3.2 0 0 1-3.23 3.328Zm0 0" /></g><g fill="%23FF4500"><path d="M0 0v64h64V0zm53.344 32a4.67 4.67 0 0 0-7.903-3.2 22.77 22.77 0 0 0-12.32-3.937L35.2 14.88l6.848 1.441a3.2 3.2 0 0 0 3.02 2.852 3.2 3.2 0 1 0-2.602-4.805l-7.84-1.566a1 1 0 0 0-.754.136.98.98 0 0 0-.43.63l-2.37 11.105a22.8 22.8 0 0 0-12.477 3.937 4.672 4.672 0 1 0-5.152 7.648q-.06.704 0 1.407c0 7.168 8.351 12.992 18.656 12.992 10.3 0 18.656-5.824 18.656-12.992a9.4 9.4 0 0 0 0-1.406A4.68 4.68 0 0 0 53.344 32m-32 3.2a3.198 3.198 0 1 1 6.398 0 3.195 3.195 0 0 1-3.199 3.198c-1.766 0-3.2-1.43-3.2-3.199M39.938 44a12.3 12.3 0 0 1-7.907 2.465A12.3 12.3 0 0 1 24.13 44a.87.87 0 0 1 .055-1.16.87.87 0 0 1 1.16-.055A10.48 10.48 0 0 0 32 44.801a10.5 10.5 0 0 0 6.688-1.953.9.9 0 0 1 1.265.015.9.9 0 0 1-.016 1.266Zm-.579-5.473a3.2 3.2 0 0 1-3.199-3.199 3.198 3.198 0 1 1 6.398 0 3.2 3.2 0 0 1-3.23 3.328Zm0 0" /></g></svg>){kind=small}
![telegram](data:image/svg+xml;utf8,<svg xmlns="http://www.w3.org/2000/svg" viewbox="0 0 64 64" width="64" height="64" fill-rule="evenodd"><g fill="%23ffffff"><path d="M0,0H64V64H0ZM0 0v64h64V0zm11.887 33.477c3.73-2.055 7.894-3.77 11.785-5.497 6.695-2.824 13.414-5.597 20.203-8.18 1.324-.44 3.695-.87 3.93 1.087-.13 2.773-.653 5.527-1.012 8.281-.914 6.055-1.969 12.094-2.996 18.133-.356 2.008-2.875 3.05-4.488 1.761-3.871-2.613-7.778-5.207-11.598-7.882-1.254-1.274-.094-3.102 1.027-4.012 3.188-3.145 6.575-5.816 9.598-9.121.816-1.973-1.594-.313-2.39.2-4.368 3.007-8.63 6.202-13.235 8.847-2.352 1.297-5.094.187-7.445-.535-2.11-.871-5.2-1.75-3.38-3.082m0 0" /></g><g fill="%2349a9e9"><path d="M0 0v64h64V0zm11.887 33.477c3.73-2.055 7.894-3.77 11.785-5.497 6.695-2.824 13.414-5.597 20.203-8.18 1.324-.44 3.695-.87 3.93 1.087-.13 2.773-.653 5.527-1.012 8.281-.914 6.055-1.969 12.094-2.996 18.133-.356 2.008-2.875 3.05-4.488 1.761-3.871-2.613-7.778-5.207-11.598-7.882-1.254-1.274-.094-3.102 1.027-4.012 3.188-3.145 6.575-5.816 9.598-9.121.816-1.973-1.594-.313-2.39.2-4.368 3.007-8.63 6.202-13.235 8.847-2.352 1.297-5.094.187-7.445-.535-2.11-.871-5.2-1.75-3.38-3.082m0 0" /></g></svg>){kind=small}
