LrAU
LrAU is an authentication and permission management system for rust. It uses Argon2id to hash passwords to prevent against rainbow table and brute-forcing.
Note for migrators
Since version 3.0, instead of paths being strings they are now slices. This will cause issues with legacy code, preventing it to compile, and preventing serde information from being read.
Example
#[test]
fn generic() {
let permissions: lrau::Permissions =
toml::from_str(include_str!("./generic.toml")).unwrap();
let mut user = lrau::User::new(
String::from("john_t"),
String::from("1234"),
permissions,
);
assert!(user.validate("1234"));
assert!(!user.validate("12345"));
assert!(user.get_permission(&["contacts", "name"], false));
assert!(user.get_permission(&["admin", "passwords"], true));
assert!(user.get_permission(&["admin", "passwords", "reset"], true));
assert!(!user.get_permission(&["notathing"], false));
assert!(!user.check_login());
assert!(!user.check_valid_login());
user.log_in("1234", std::time::Duration::from_secs(1));
assert!(user.check_login());
assert!(user.check_valid_login());
std::thread::sleep(std::time::Duration::from_secs(1));
assert!(user.check_login());
assert!(!user.check_valid_login());
assert_eq!(
user.get_valid_permissions(&["admin", "passwords", "reset"], true),
Err(lrau::user::SessionExpired {}),
);
}
Serde
Serde is supported through the serde
feature. If you configure in toml, you can get something like this:
[[permissions]]
path = ["contacts"]
auth = false
[[permissions]]
path = ["contacts", "name"]
auth = true
[[permissions]]
path = ["contacts", "name", "middle"]
auth = false
[[permissions]]
path = ["contacts", "name", "last"]
auth = true
[[permissions]]
path = ["admin"]
auth = false
[[permissions]]
path = ["admin", "passwords"]
auth = true
mut = true
mut
, be default, is assumed to be false
, so you only need to write it if you are enabling it.
Features
- Serde
serde
.
- Diesel
diesel-support
.
- Sqlx
sqlx-support