Middleware
#[middleware] runs before pages, loaders, submits, and server actions in FlowApp.
Define middleware
#[middleware]
async fn log_all(req: FlowRequest) -> Result<FlowRequest> {
println!("[{}] {}", req.method, req.path);
Ok(req)
}Execution order
Registration order = execution order. Return Ok(req) to continue or Err(ResumaError::...) to abort with the matching HTTP status.
Use cases
- Logging and request tracing
- Session / auth injection via
set_extension - Locale from Accept-Language
- Redirect guards for protected routes
Auth patterns
Session cookies, guards, and ResumaApp action middleware: Auth middleware guide.
Built-in security
CSRF, security headers, rate limits, and Origin checks are enabled by default. See Security overview.