avl_auth/
lib.rs

1//! # AVL Auth - World-Class Identity and Access Management
2//!
3//! The most advanced authentication and authorization system, built for
4//! AVL Cloud Platform with native AvilaDB integration.
5//!
6//! ## Features
7//!
8//! - **JWT Authentication**: Multi-algorithm support with automatic key rotation
9//! - **OAuth2/OIDC**: Complete flows for Google, GitHub, Microsoft, Apple
10//! - **MFA**: TOTP, WebAuthn/FIDO2, biometric authentication
11//! - **RBAC + ABAC**: Dynamic role and attribute-based access control
12//! - **API Keys**: Scoped keys with rate limiting and auto-rotation
13//! - **Zero Trust**: Continuous authentication and risk-based access
14//! - **Anomaly Detection**: ML-powered threat detection
15//! - **Audit Trail**: Complete LGPD/GDPR compliant logging
16//! - **Session Management**: Distributed sessions with AvilaDB
17//! - **Password Security**: Argon2id with configurable cost parameters
18//!
19//! ## Quick Start
20//!
21//! ```rust,no_run
22//! use avl_auth::{AuthClient, Credentials, Config};
23//!
24//! #[tokio::main]
25//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
26//!     let config = Config::default();
27//!     let auth = AuthClient::new(config).await?;
28//!
29//!     // Register with strong password policy
30//!     let user_id = auth.register("user@example.com", "SecureP@ss123").await?;
31//!
32//!     // Login with device fingerprinting
33//!     let session = auth.login(Credentials {
34//!         email: "user@example.com".to_string(),
35//!         password: "SecureP@ss123".to_string(),
36//!         device_id: Some("device_123".to_string()),
37//!         ip_address: Some("192.168.1.1".parse()?),
38//!     }).await?;
39//!
40//!     // Verify token with automatic refresh
41//!     let claims = auth.verify_token(&session.access_token).await?;
42//!     println!("User: {}", claims.sub);
43//!
44//!     Ok(())
45//! }
46//! ```
47
48pub mod client;
49pub mod config;
50pub mod crypto;
51pub mod error;
52pub mod jwt;
53pub mod mfa;
54pub mod oauth2;
55pub mod password;
56pub mod permissions;
57pub mod session;
58pub mod api_keys;
59pub mod audit;
60pub mod risk;
61pub mod models;
62
63// Re-exports
64pub use client::AuthClient;
65pub use config::Config;
66pub use error::{AuthError, Result};
67pub use models::*;
68
69/// AVL Auth version
70pub const VERSION: &str = env!("CARGO_PKG_VERSION");
71
72/// Prelude with commonly used types
73pub mod prelude {
74    pub use crate::{
75        AuthClient, Config, AuthError, Result,
76        Credentials, User, Session, Claims,
77        Role, Permission, Policy,
78    };
79}