pylon-auth 0.3.21

Pylon — realtime backend as a single Rust binary. Schema, policies, server functions, live queries, auth — one process.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

[package]
name = "pylon-auth"
edition.workspace = true
license.workspace = true
description.workspace = true
homepage.workspace = true
repository.workspace = true
readme.workspace = true
keywords.workspace = true
categories.workspace = true
version.workspace = true

[lib]
path = "src/lib.rs"

[dependencies]
serde = { workspace = true }
serde_json = { workspace = true }
rand = { workspace = true }
ureq = { workspace = true }
tracing = { workspace = true }
argon2 = { workspace = true }
# Apple "Sign in with Apple" client_secret JWT signing — ES256 over
# the developer's downloadable .p8 PKCS8 key. ring is already in the
# tree via rustls so this adds no new transitive deps.
base64 = { workspace = true }
ring = { workspace = true }
# SHA-256 used for PKCE code_challenge derivation (RFC 7636 §4.2).
sha2 = { workspace = true }
# SHA-1 for HIBP Pwned Passwords + TOTP (RFC 6238 default algorithm).
# SHA-1 is broken for collisions but HIBP and TOTP both use it as the
# stable index/HMAC key. Not used for any modern hash-collision security.
sha1 = { workspace = true }
# HMAC used by TOTP (HMAC-SHA1) + JWT-shaped sessions (HMAC-SHA256).
hmac = { workspace = true }
# RFC 3339 timestamp parser for SIWE expiration_time / not_before fields.
chrono = { workspace = true }
# secp256k1 ECDSA recovery + keccak256 — SIWE signature verification.
k256 = { workspace = true }
sha3 = { workspace = true }