Expand description
Security utilities: rate limiting, DoS protection, IP blocking, and JWT hardening. Security primitives and hardened implementations.
This module contains:
- [
secure_jwt] — Production-grade JWT creation and validation with key-rotation and revocation support. - [
secure_mfa] — Hardened TOTP, backup-code, and recovery-flow logic. - [
secure_session] — Session management with abuse-detection guards. - [
timing_protection] — Constant-time comparison utilities to prevent timing side-channel attacks. - [
presets] — One-call security presets (HighSecurity,Standard,Development) and an automated security-audit report generator.
Most users interact with these through AuthFramework
rather than importing security types directly.
Re-exports§
pub use presets::SecurityAuditReport;pub use presets::SecurityAuditStatus;pub use presets::SecurityIssue;pub use presets::SecurityPreset;pub use presets::SecuritySeverity;
Modules§
- presets
- Security presets for the Auth Framework
- secure_
jwt - secure_
mfa - secure_
session - secure_
session_ config - Enhanced Session Security Configuration
- secure_
utils - timing_
protection - Timing attack protection utilities
Structs§
- Audit
Config - Audit logging configuration
- Backup
Codes Config - Backup codes configuration
- Email
Config - Email configuration
- Lockout
Config - Account lockout configuration
- MfaConfig
- Multi-Factor Authentication configuration
- Password
Validation - Password validation result
- Password
Validator - Password validator
- Security
Context - Security context for authentication operations
- SmsConfig
- SMS configuration
- Totp
Config - TOTP (Time-based One-Time Password) configuration
Enums§
- Password
Strength - Password strength assessment result