Expand description
Password hashing and verification services.
This module provides secure password hashing functionality using industry-standard algorithms. The primary implementation uses Argon2, which is recommended by security experts for password hashing due to its resistance to both brute-force and side-channel attacks.
§Key Components
HashingService- Service for hashing and verifying passwordsHashedValue- Represents a hashed password with algorithm metadataargon2- Argon2 algorithm implementation with secure defaults
§Quick Start
use axum_gate::hashing::{HashingService, argon2::Argon2Hasher};
use axum_gate::verification_result::VerificationResult;
let hasher = Argon2Hasher::new_recommended().unwrap();
// Hash a password
let hashed = hasher.hash_value("user_password").unwrap();
println!("Hashed password: {}", hashed);
// Verify a password
let result = hasher.verify_value("user_password", &hashed).unwrap();
assert_eq!(result, VerificationResult::Ok);§Security Features
- Argon2id algorithm - Recommended by password hashing competition
- Configurable parameters - Memory cost, time cost, and parallelism
- Built-in salt generation - Each password gets a unique random salt
- Constant-time verification - Prevents timing attacks
- Development vs production profiles - Fast hashing in debug builds, secure in release
§Performance Considerations
The hashing service automatically adjusts parameters based on build configuration:
- Debug builds: Fast parameters for development efficiency
- Release builds: Secure parameters for production security
- Custom parameters: Override via
Argon2Hasher::with_params()
Re-exports§
pub use errors::HashingError;pub use errors::HashingOperation;
Modules§
Traits§
- Hashing
Service - Abstraction over password / secret hashing and verification.
Type Aliases§
- Hashed
Value - A hashed value produced by password hashing algorithms.