Crate authlogic

Modules§

Auth: Represents an authenticated user.
PasswordHash: Either a password hash, or nothing, if password authentication is not available for the user. Use PasswordHash::from to convert a String or Option<String> to a PasswordHash, and hash.expose() to access the string value where necessary.
Secret: A secret string (a password, session token, challenge code, or hash). Use Secret::from to convert a String to a Secret, and secret.expose() to access the string value where necessary.
SessionData
UserData
UserState

Error
MaybeAuth: Represents either an authenticated user, or that the current user is not authenticated. Equivalent to Option<Auth>, but Rust doesn’t allow implementing third-party traits like actix_web::FromRequest for built-in types like Option.

NIST_MINIMUM_PASSWORD_LENGTH: NIST recommend to require a minimum password length of 8 characters.

App
AppConfig: This trait defines functions which provide configuration parameters to the authentication library.
AppDb: This trait defines functions which will be used by the authentication library to store and retrieve data about users, sessions and challenges.
AppMailer: This trait defines functions which will be used by the authentication library to send email notifications and challenges to users.
AppTypes
UserID

change_password
login
maybe_auth_from_request: Gets the authentication state for the request. This can be called from route handlers, or actix_web::FromRequest implementations.
middleware
register_new_user: Registers a new user with a password they have chosen for themselves. An email verification challenge is sent, and the user must complete this before they can use their account.
register_new_user_with_temporary_password: Registers a new user with a temporary password. Instead of an email verification challenge, the user is sent an email notification with the temporary password. When they first login, they will be required to choose a new password.
register_new_user_without_password: Registers a new user without a password. An email verification challenge is sent, and the user must complete this before they can use their account. After this, the user can log in by completing further email challenges.
request_password_reset
require_auth_from_request: Gets the authenticated state for the request, or returns an error if the request is not authenticated. This can be called from route handlers, or actix_web::FromRequest implementations.
require_user_from_request: Gets the authenticated user for the request, or returns an error if the request is not authenticated. This can be called from route handlers, or actix_web::FromRequest implementations.