purwa-auth 0.2.0

Session and token authentication for Purwa โ€” tower-sessions, axum-login, Argon2id
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

//! Struct-based authorization stub (PRD ยง13 #2 โ€” Casbin deferred).
//!
//! Applications can implement [`Policy`] with their own action/resource types and call
//! [`Policy::authorize`] before mutating state.

use std::fmt;

use thiserror::Error;

/// Authorization failure (minimal stub).
#[derive(Debug, Error)]
#[error("forbidden: {0}")]
pub struct AuthzError(pub String);

/// Gate carrying the current subject; extend with resource-specific checks.
pub struct Gate<U> {
    pub user: U,
}

impl<U> Gate<U> {
    pub fn new(user: U) -> Self {
        Self { user }
    }

    /// Stub: always ok. Replace with real rules (roles, ownership, etc.).
    pub fn authorize(&self, _action: &str) -> Result<(), AuthzError> {
        Ok(())
    }
}

/// Optional trait for richer policy objects.
pub trait Policy {
    type User;
    type Action: fmt::Debug + ?Sized;

    fn authorize(&self, user: &Self::User, action: &Self::Action) -> Result<(), AuthzError>;
}