Skip to main content

AllowThemBuilder

allowthem_core::handle

Struct AllowThemBuilder 

Source 
pub struct AllowThemBuilder { /* private fields */ }
Expand description

Builder for constructing a configured AllowThem handle.

Implementations§

Source§

impl AllowThemBuilder

Source

pub fn new(url: impl Into<String>) -> Self

Start building from a database URL.

At build time, calls Db::connect(url) which creates the pool, sets pragmas (foreign_keys, WAL, busy_timeout), and runs migrations.

Source

pub fn with_pool(pool: SqlitePool) -> Self

Start building from an existing pool.

At build time, calls Db::new(pool) which runs migrations. The caller is responsible for pragma configuration on their pool.

Source

pub fn session_ttl(self, ttl: Duration) -> Self

Override session TTL. Default: 24 hours.

Source

pub fn cookie_name(self, name: &'static str) -> Self

Override session cookie name. Default: "allowthem_session".

Source

pub fn cookie_secure(self, secure: bool) -> Self

Set the Secure attribute on session cookies.

Default: true. Set to false for local development over HTTP.

Source

pub fn cookie_domain(self, domain: impl Into<String>) -> Self

Set the Domain attribute on session cookies.

Default: empty (omitted). When set, the cookie is sent to the domain and all its subdomains.

Source

pub fn mfa_key(self, key: [u8; 32]) -> Self

Set the AES-256-GCM encryption key for MFA secrets.

When not set, all MFA operations return AuthError::MfaNotConfigured. This keeps MFA opt-in for embedded integrators who don’t need it.

Source

pub fn signing_key(self, key: [u8; 32]) -> Self

Set the AES-256-GCM encryption key for RS256 signing key storage.

Required for OIDC/standalone mode. When not set, all signing key operations return AuthError::SigningKeyNotConfigured.

Source

pub fn base_url(self, url: impl Into<String>) -> Self

Set the base URL (issuer) for the OIDC provider.

Required for standalone mode. Used as the iss claim in tokens and for issuer validation on incoming access tokens. When not set, OIDC operations return AuthError::BaseUrlNotConfigured.

Source

pub fn csrf_key(self, key: [u8; 32]) -> Self

Set the HMAC key for session-bound CSRF token derivation.

Required for csrf_middleware in crates/server. If not set, csrf_middleware returns 500. Use 32 random bytes distinct from mfa_key and signing_key.

Source

pub async fn build(self) -> Result<AllowThem, BuildError>

Construct the AllowThem handle.

Connects to (or wraps) the database, runs migrations, and assembles the session configuration from overrides plus defaults.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more