chopin_auth/lib.rs
1//! Zero-overhead JWT authentication, RBAC middleware, and password hashing
2//! for the Chopin web framework.
3//!
4//! # Quick Start
5//!
6//! ```rust,ignore
7//! use chopin_auth::{
8//! HasJti, JwtManager, PasswordHasher, TokenBlacklist, init_jwt_manager, Auth,
9//! };
10//! use serde::{Deserialize, Serialize};
11//!
12//! #[derive(Debug, Serialize, Deserialize)]
13//! struct Claims {
14//! sub: String,
15//! jti: String,
16//! exp: u64,
17//! }
18//!
19//! impl HasJti for Claims {
20//! fn jti(&self) -> Option<&str> { Some(&self.jti) }
21//! }
22//!
23//! // Once at server startup:
24//! let blacklist = TokenBlacklist::new();
25//! let manager = JwtManager::new(b"my-secret").with_blacklist(blacklist.clone());
26//! init_jwt_manager(manager);
27//!
28//! // In a route handler, use `Auth<Claims>` as an extractor:
29//! // async fn my_handler(auth: Auth<Claims>) -> Response { ... }
30//!
31//! // Hash a password:
32//! let hash = PasswordHasher::interactive().hash(b"p4ssw0rd")?;
33//!
34//! // Revoke a token (e.g. on logout):
35//! // blacklist.revoke(claims.jti.clone(), Some(claims.exp));
36//! ```
37pub mod crypto;
38pub mod extractor;
39pub mod jwks;
40pub mod jwt;
41pub mod middleware;
42pub mod oauth;
43pub mod revocation;
44pub mod standard_claims;
45
46pub use crypto::{PasswordHasher, hash_password, verify_password};
47pub use extractor::{Auth, ErrorHandler, init_jwt_manager, set_error_handler};
48pub use jwks::JwksProvider;
49pub use jwt::{AuthError, HasJti, JwtConfig, JwtManager};
50pub use middleware::{Role, RoleCheck, ScopeCheck};
51pub use oauth::{AuthorizationUrl, TokenPair, code_challenge_s256, code_verifier, token_pair};
52pub use revocation::TokenBlacklist;
53pub use standard_claims::StandardClaims;