torii-core 0.5.2

Core functionality for the torii authentication ecosystem
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

use crate::{
    Error, UserId,
    storage::{SecureToken, TokenPurpose},
};
use async_trait::async_trait;
use chrono::Duration;

/// Repository for secure token data access
#[async_trait]
pub trait TokenRepository: Send + Sync + 'static {
    /// Create a new secure token for a specific purpose
    async fn create_token(
        &self,
        user_id: &UserId,
        purpose: TokenPurpose,
        expires_in: Duration,
    ) -> Result<SecureToken, Error>;

    /// Verify and consume a secure token for a specific purpose
    ///
    /// This method ensures that tokens can only be used for their intended purpose,
    /// providing security isolation between different token types.
    async fn verify_token(
        &self,
        token: &str,
        purpose: TokenPurpose,
    ) -> Result<Option<SecureToken>, Error>;

    /// Check if a secure token is valid without consuming it
    ///
    /// This method checks if a token exists, has not expired, has not been used,
    /// and matches the expected purpose. Unlike verify_token, this method does not
    /// mark the token as used.
    async fn check_token(&self, token: &str, purpose: TokenPurpose) -> Result<bool, Error>;

    /// Clean up expired tokens for all purposes
    async fn cleanup_expired_tokens(&self) -> Result<(), Error>;
}