cedros-login-server 0.0.45

Authentication server for cedros-login with email/password, Google OAuth, and Solana wallet sign-in
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

//! Network-related configurations (CORS, cookies)

use serde::Deserialize;

fn default_true() -> bool {
    true
}

/// CORS configuration
#[derive(Debug, Clone, Deserialize, Default)]
pub struct CorsConfig {
    #[serde(default)]
    pub allowed_origins: Vec<String>,
    /// Skip the internal CORS layer. Set to `true` when embedding
    /// cedros-login in a host application that manages its own CORS.
    #[serde(default)]
    pub disabled: bool,
}

/// Cookie configuration
#[derive(Debug, Clone, Deserialize)]
pub struct CookieConfig {
    /// Enable cookie-based token storage
    #[serde(default = "default_true")]
    pub enabled: bool,
    /// Cookie domain (e.g., ".example.com" for subdomains)
    pub domain: Option<String>,
    /// Secure flag (should be true in production)
    #[serde(default)]
    pub secure: bool,
    /// SameSite attribute
    #[serde(default = "default_same_site")]
    pub same_site: String,
    /// Access token cookie name
    #[serde(default = "default_access_cookie_name")]
    pub access_cookie_name: String,
    /// Refresh token cookie name
    #[serde(default = "default_refresh_cookie_name")]
    pub refresh_cookie_name: String,
    /// Optional path prefix when mounting the router under a subpath (e.g., "/auth")
    #[serde(default = "default_path_prefix")]
    pub path_prefix: String,
}

pub fn default_same_site() -> String {
    "lax".to_string()
}

pub fn default_access_cookie_name() -> String {
    "cedros_access".to_string()
}

pub fn default_refresh_cookie_name() -> String {
    "cedros_refresh".to_string()
}

pub fn default_path_prefix() -> String {
    "".to_string()
}

impl Default for CookieConfig {
    fn default() -> Self {
        Self {
            enabled: true,
            domain: None,
            secure: false,
            same_site: default_same_site(),
            access_cookie_name: default_access_cookie_name(),
            refresh_cookie_name: default_refresh_cookie_name(),
            path_prefix: default_path_prefix(),
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_cors_config_defaults() {
        let config = CorsConfig::default();
        assert!(config.allowed_origins.is_empty());
        assert!(!config.disabled);
    }

    #[test]
    fn test_cookie_config_defaults() {
        let config = CookieConfig::default();
        assert!(config.enabled);
        assert!(config.domain.is_none());
        assert!(!config.secure);
        assert_eq!(config.same_site, "lax");
        assert_eq!(config.access_cookie_name, "cedros_access");
        assert_eq!(config.refresh_cookie_name, "cedros_refresh");
        assert_eq!(config.path_prefix, "");
    }
}