openclaw_gateway/auth/
mod.rs

1//! Authentication and authorization for the gateway.
2//!
3//! This module provides:
4//! - User management with role-based access control
5//! - JWT token generation and validation
6//! - First-run setup and bootstrap
7//! - Auth middleware for protected routes
8
9mod config;
10mod jwt;
11mod middleware;
12/// First-run setup and bootstrap management.
13pub mod setup;
14mod users;
15
16pub use config::{AuthConfig, AuthConfigBuilder};
17pub use jwt::{Claims, JwtManager, TokenPair};
18pub use middleware::{AuthLayer, AuthState, RequireAuth};
19pub use setup::{BootstrapManager, SetupStatus};
20pub use users::{User, UserRole, UserStore};
21
22use thiserror::Error;
23
24/// Authentication errors.
25#[derive(Debug, Error)]
26pub enum AuthError {
27    /// Invalid credentials provided.
28    #[error("Invalid credentials")]
29    InvalidCredentials,
30
31    /// User not found.
32    #[error("User not found: {0}")]
33    UserNotFound(String),
34
35    /// User already exists.
36    #[error("User already exists: {0}")]
37    UserExists(String),
38
39    /// Token error (expired, invalid, etc.).
40    #[error("Token error: {0}")]
41    TokenError(String),
42
43    /// Permission denied.
44    #[error("Permission denied: {0}")]
45    PermissionDenied(String),
46
47    /// Setup required (no users exist).
48    #[error("Setup required: no admin user configured")]
49    SetupRequired,
50
51    /// Bootstrap token invalid or expired.
52    #[error("Invalid or expired bootstrap token")]
53    InvalidBootstrapToken,
54
55    /// Storage error.
56    #[error("Storage error: {0}")]
57    Storage(String),
58
59    /// Configuration error.
60    #[error("Config error: {0}")]
61    Config(String),
62}
openclaw_gateway/auth/mod.rs

openclaw_gateway/auth/
mod.rs
