Expand description
§codlet-core
Runtime-neutral authentication primitives for codlet.
This crate holds pure types, policy objects, cryptographic lookup-key derivation, lifecycle state machines, and storage traits. It has no web framework, database, or async-executor dependencies.
codlet authenticates a subject; the host application authorizes that subject. This crate never decides membership, roles, permissions, or resource access.
Status: pre-release skeleton (v0.0.0). The security primitives are being implemented RFC-by-RFC. See the workspace
rfcs/directory. Do not depend on this crate for production authentication yet.
§License
Apache-2.0
§codlet-core
Runtime-neutral authentication primitives. This crate contains pure types, policy objects, cryptographic lookup-key derivation, lifecycle state machines, and storage traits. It deliberately contains no web framework, database, or async-executor dependencies (RFC-002).
§Boundary
codlet authenticates a subject. The host application authorizes that subject (RFC-001). Nothing in this crate decides community membership, roles, permissions, or resource access.
§Status
This is the Phase 0 skeleton. The modules below are introduced by their respective RFCs as implementation lands:
code— code policy, generation, normalization, validation (RFC-003)hashing— HMAC lookup-key derivation, key providers, domain separation, key versioning (RFC-004)state— pure lifecycle classifiers: claim / token-consume / session validation (RFC-005/006/007)store—CodeStore,SessionStore,FormTokenStore,RateLimitStoretraits (RFC-005..008)error— internal vs public-safe error model (RFC-012/021)
Until those RFCs are accepted and implemented, this crate exposes only the crate-level documentation and version constant below.
Constants§
- FORMAT_
VERSION - The codlet wire/format version embedded in domain-separated HMAC inputs.