pub struct CredentialStore { /* private fields */ }Expand description
Thread-safe credential storage for HTTP authentication.
Stores username/password pairs indexed by domain (hostname or URL pattern).
Provides concurrent access through RwLock, allowing multiple readers
while ensuring exclusive access during writes.
§Security Guarantees
- All passwords are stored as
Vec<u8>with automatic zeroization on drop - When entries are removed or the store is cleared, passwords are immediately zeroed
- Debug output masks passwords to prevent accidental logging of secrets
Implementations§
Source§impl CredentialStore
impl CredentialStore
Sourcepub fn new() -> Self
pub fn new() -> Self
Creates a new empty credential store.
§Example
use aria2_core::auth::credential_store::CredentialStore;
let store = CredentialStore::new();
assert_eq!(store.count(), 0);Sourcepub fn store(&self, domain: &str, username: &str, password: &[u8])
pub fn store(&self, domain: &str, username: &str, password: &[u8])
Stores credentials for a domain.
If credentials already exist for the given domain, they will be replaced and the old password will be zeroized before being dropped.
§Arguments
domain- Domain or hostname (e.g., “example.com”)username- Username for authenticationpassword- Password as byte slice (will be copied and stored securely)
§Example
use aria2_core::auth::credential_store::{CredentialStore, PasswordEntry};
let mut store = CredentialStore::new();
store.store("api.example.com", "admin", b"secure-password-123");Sourcepub fn get(&self, domain: &str) -> Option<PasswordEntry>
pub fn get(&self, domain: &str) -> Option<PasswordEntry>
Retrieves credentials for a domain.
Returns a clone of the PasswordEntry if found, or None if no
credentials exist for the specified domain.
§Arguments
domain- Domain or hostname to look up
§Returns
Some(PasswordEntry)if credentials existNoneif no credentials found
§Security Note
The returned PasswordEntry contains the actual password. Handle it
carefully and allow it to be dropped naturally so the password gets
zeroized automatically.
§Example
use aria2_core::auth::credential_store::{CredentialStore, PasswordEntry};
let store = CredentialStore::new();
store.store("example.com", "user", b"pass");
if let Some(creds) = store.get("example.com") {
println!("Username: {}", creds.username);
} // Password is zeroized when creds goes out of scopeSourcepub fn remove(&self, domain: &str) -> Option<PasswordEntry>
pub fn remove(&self, domain: &str) -> Option<PasswordEntry>
Removes credentials for a domain.
The removed entry’s password will be zeroized before this method returns.
§Arguments
domain- Domain or hostname to remove credentials for
§Returns
Some(PasswordEntry)that was removedNoneif no credentials existed for the domain
§Example
use aria2_core::auth::credential_store::{CredentialStore, PasswordEntry};
let mut store = CredentialStore::new();
store.store("old-server.com", "admin", b"pass");
if let Some(removed) = store.remove("old-server.com") {
println!("Removed credentials for user: {}", removed.username);
}Sourcepub fn clear(&self)
pub fn clear(&self)
Clears all stored credentials.
All passwords in the store will be zeroized before this method returns. After calling this method, the store will be empty.
§Example
use aria2_core::auth::credential_store::CredentialStore;
let mut store = CredentialStore::new();
store.store("example.com", "user", b"pass");
store.clear(); // All passwords securely erased
assert_eq!(store.count(), 0);