Crate cc_auth

Crate that implementing simple authorization system.

CC Auth uses passwords’ hashing with salts, SHA3-256 hash function and Redis-like tokens’ storage.

Usage:

use bb8_redis::{RedisConnectionManager, bb8::Pool};
use cc_auth::{ApiToken, check_token};
use cc_utils::prelude::MResult;

pub async fn authorized_action(
  cacher: &Pool<RedisConnectionManager>,
  token: ApiToken,
) -> MResult<()> {
  let user_id = check_token(&token, cacher).await?;
  Ok(())
}

Structs

• UserToken
  Holds user token.

Constants

• DAYS_VALID
  Limit of token validation time (each token lives 28 days).
• MAX_TOKENS_PER_USER
  Limit of tokens for one user (3 tokens). If the token limit is exceeded, old tokens will be overwritten.

Functions

• check_and_remove_token
  Removes the valid token from Redis-like DB.
• check_token
  Validates the user by token via Redis-like DB.
• generate_salt
  Generates salt for new user.
• generate_token
  Generates new token for user.
• get_user_tokens_list_name
  Returns the name of the list in Redis-like DB that stores the users’ tokens.
• hash_password
  Gets the salted password’s SHA3-256 hash.
• hashes_eq
  Checks the password is correct.
• log_in
  Authorizes the user by creating a new token for him if the data is correct.

Type Aliases

• ApiToken
  Token as string (e.g. one that got from Authorization header).
• UserId
  User identifier type.