Crate codlet_core 

codlet-core

Runtime-neutral authentication primitives for codlet.

This crate holds pure types, policy objects, cryptographic lookup-key derivation, lifecycle state machines, and storage traits. It has no web framework, database, or async-executor dependencies.

codlet authenticates a subject; the host application authorizes that subject. This crate never decides membership, roles, permissions, or resource access.

Status: pre-release (v0.4.0). The complete primitive and orchestration layers are implemented: code generation/HMAC derivation, lifecycle classifiers, storage traits, cookie policy, rate limiting, error model, audit events, and the auth managers for complete end-to-end flows. Production adapters (Workers/D1, SQLx) are the next step.

License

Apache-2.0

codlet-core

Runtime-neutral authentication primitives. This crate contains pure types, policy objects, cryptographic lookup-key derivation, lifecycle state machines, storage traits, and audit events. It deliberately contains no web framework, database, or async-executor dependencies (RFC-002).

Boundary

codlet authenticates a subject. The host application authorizes that subject (RFC-001). Nothing in this crate decides community membership, roles, permissions, or resource access.

Status

This release completes the M3 primitive layer:

• code — code policy, generation, normalization, validation (RFC-003)
• hashing — HMAC lookup-key derivation, key providers, domain separation, key versioning (RFC-004)
• rng — fail-closed randomness abstraction (RFC-020)
• secret — redacted secret newtypes and opaque IDs (RFC-019)
• clock — Clock trait for testable time (RFC-020)
• state — pure lifecycle classifiers: claim, session, form-token consume (RFC-005/006/007)
• store — CodeStore, SessionStore, FormTokenStore, RateLimitStore traits (RFC-005/006/007/008)
• cookie — secure cookie policy and builder (RFC-006)
• audit — CodeAuthEvent vocabulary and AuditSink trait (RFC-012)
• metrics — MetricsObserver trait, counter names, Outcome (RFC-024)
• admin — CodeAdminStore extension trait, CodeMeta, admin API (RFC-030)
• auth — high-level orchestration managers: CodeAuth, SessionManager, FormTokenManager, NoRateLimit (RFC-013)
• error — two-layer error model: internal causes + public-safe failures (RFC-012/021)
• mem — in-memory stores (test-utils feature only, RFC-011/008)

Re-exports

pub use audit::AuditSink;

pub use audit::CodeAuthEvent;

pub use audit::NoopAuditSink;

pub use auth::CodeAuth;

pub use auth::FormTokenError;

pub use auth::FormTokenManager;

pub use auth::IssuedSession;

pub use auth::NoRateLimit;

pub use auth::RedeemError;

pub use auth::RedeemSuccess;

pub use auth::SessionError;

pub use auth::SessionManager;

pub use clock::Clock;

pub use clock::SystemClock;

pub use code::Alphabet;

pub use code::CodePolicy;

pub use code::generate_code;

pub use code::normalize;

pub use code::normalize;

pub use code::validate_code_input;

pub use cookie::CookiePolicy;

pub use cookie::CookieProfile;

pub use cookie::SameSitePolicy;

pub use error::CodeInputError;

pub use error::KeyError;

pub use error::PolicyError;

pub use error::PublicFormError;

pub use error::PublicRedemptionError;

pub use error::PublicSessionError;

pub use error::RandomError;

pub use error::RedemptionFailReason;

pub use hashing::HmacKeyRef;

pub use hashing::KeyProvider;

pub use hashing::KeyVersion;

pub use hashing::LookupKey;

pub use hashing::SecretDomain;

pub use hashing::SecretHasher;

pub use hashing::StaticKeyProvider;

pub use metrics::MetricsObserver;

pub use metrics::NoopMetrics;

pub use metrics::Outcome;

pub use metrics::counter;

pub use rng::RandomSource;

pub use rng::SystemRandom;

pub use secret::CodeId;

pub use secret::FormTokenSecret;

pub use secret::NormalizedCode;

pub use secret::PlainCode;

pub use secret::Purpose;

pub use secret::ScopeKey;

pub use secret::SecretString;

pub use secret::SessionId;

pub use secret::SessionSecret;

pub use secret::SubjectId;

pub use state::ClaimOutcome;

pub use state::SessionValidationOutcome;

pub use state::TokenConsumeOutcome;

pub use state::classify_claim;

pub use state::classify_session;

pub use state::classify_token_consume;

pub use store::error::PublicAuthError;

pub use store::error::StoreError;

pub use store::ratelimit::RateLimitKey;

pub use store::ratelimit::RateLimitOutcome;

pub use store::ratelimit::RateLimitPolicy;

pub use store::ratelimit::RateLimitStore;

pub use store::ratelimit::RateLimitUnavailable;

pub use store::token::TokenSubject;

Modules

admin

Administrative code management API (RFC-030).

audit

Security audit events and the AuditSink trait (RFC-012).

auth

High-level orchestration managers (RFC-013).

clock

Time abstraction (RFC-020 clock contract).

code

One-time code policy, generation, normalization, and validation (RFC-003).

cookie

Secure cookie construction (RFC-006 §13.2).

error

Error types for codlet-core.

hashing

Secret hashing, key providers, domain separation, and key versioning (RFC-004).

metrics

Structured, redacted observability hooks (RFC-024).

rng

Randomness abstraction (RFC-020).

secret

Secret-bearing and opaque-identifier newtypes.

state

Pure lifecycle classifiers (RFC-005, RFC-006, RFC-007).

store

Storage traits (RFC-005, RFC-006, RFC-007).

Constants

FORMAT_VERSION

The codlet wire/format version embedded in domain-separated HMAC inputs.