The exciting demos are always about WebAssembly running Rust running a custom auth scheme. The boring reality is that 80% of production middleware is the same three operations: rewrite a header, read a cookie, redirect a path.

Make those one-liners first. Save Wasm for the work that earns it.

The boring three

  1. Header rewrite — one input, one output, declarative.
  2. Cookie parse — extract, validate, attach to the request context.
  3. Path redirect — pattern, status, target.

You can ship those as configuration. Most teams don't need a runtime for them.

← Back to all posts