auth-framework 0.5.0-rc18

A comprehensive, production-ready authentication and authorization framework for Rust applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149

# Multi-Factor Authentication Endpoints

setup:
    post:
        tags:
            - MFA
        summary: Start TOTP enrollment
        operationId: setupMFA
        security:
            - bearerAuth: []
        responses:
            "200":
                description: MFA setup information generated
                content:
                    application/json:
                        schema:
                            allOf:
                                - $ref: "../schemas/common.yaml#/ApiResponse"
                                - type: object
                                  properties:
                                      data:
                                          $ref: "../schemas/mfa.yaml#/MFASetupResponse"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"

verify:
    post:
        tags:
            - MFA
        summary: Complete MFA enrollment
        description: Login-time MFA completion happens on POST /auth/login using challenge_id and mfa_code. This endpoint is for enrollment verification only.
        operationId: verifyMFA
        security:
            - bearerAuth: []
        requestBody:
            required: true
            content:
                application/json:
                    schema:
                        $ref: "../schemas/mfa.yaml#/MFAVerifyRequest"
        responses:
            "200":
                description: MFA enabled successfully
                content:
                    application/json:
                        schema:
                            $ref: "../schemas/common.yaml#/ApiResponse"
            "400":
                $ref: "../components/responses.yaml#/BadRequest"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"

disable:
    post:
        tags:
            - MFA
        summary: Disable MFA
        operationId: disableMFA
        security:
            - bearerAuth: []
        requestBody:
            required: true
            content:
                application/json:
                    schema:
                        $ref: "../schemas/mfa.yaml#/DisableMFARequest"
        responses:
            "200":
                description: MFA disabled successfully
                content:
                    application/json:
                        schema:
                            $ref: "../schemas/common.yaml#/ApiResponse"
            "400":
                $ref: "../components/responses.yaml#/BadRequest"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"

status:
    get:
        tags:
            - MFA
        summary: Get MFA status
        operationId: getMFAStatus
        security:
            - bearerAuth: []
        responses:
            "200":
                description: MFA status retrieved
                content:
                    application/json:
                        schema:
                            allOf:
                                - $ref: "../schemas/common.yaml#/ApiResponse"
                                - type: object
                                  properties:
                                      data:
                                          $ref: "../schemas/mfa.yaml#/MFAStatusResponse"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"

regenerateBackupCodes:
    post:
        tags:
            - MFA
        summary: Replace backup codes
        operationId: regenerateBackupCodes
        security:
            - bearerAuth: []
        responses:
            "200":
                description: New backup codes generated
                content:
                    application/json:
                        schema:
                            allOf:
                                - $ref: "../schemas/common.yaml#/ApiResponse"
                                - type: object
                                  properties:
                                      data:
                                          $ref: "../schemas/mfa.yaml#/BackupCodeList"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"

verifyBackupCode:
    post:
        tags:
            - MFA
        summary: Verify a one-time backup code
        operationId: verifyBackupCode
        security:
            - bearerAuth: []
        requestBody:
            required: true
            content:
                application/json:
                    schema:
                        $ref: "../schemas/mfa.yaml#/BackupCodeVerifyRequest"
        responses:
            "200":
                description: Backup code verified
                content:
                    application/json:
                        schema:
                            $ref: "../schemas/common.yaml#/ApiResponse"
            "400":
                $ref: "../components/responses.yaml#/BadRequest"
            "401":
                $ref: "../components/responses.yaml#/Unauthorized"