fraiseql_core/config/
auth.rs

1//! Authentication configuration.
2
3use serde::{Deserialize, Serialize};
4
5/// Authentication configuration.
6#[derive(Debug, Clone, Serialize, Deserialize)]
7#[serde(default)]
8pub struct AuthConfig {
9    /// Enable authentication.
10    pub enabled: bool,
11
12    /// Authentication provider.
13    pub provider: AuthProvider,
14
15    /// JWT secret (for jwt provider).
16    pub jwt_secret: Option<String>,
17
18    /// JWT algorithm (default: HS256).
19    pub jwt_algorithm: String,
20
21    /// Auth0/Clerk domain.
22    pub domain: Option<String>,
23
24    /// Auth0/Clerk audience.
25    pub audience: Option<String>,
26
27    /// Auth0/Clerk client ID.
28    pub client_id: Option<String>,
29
30    /// Header name for auth token.
31    pub header_name: String,
32
33    /// Token prefix (e.g., "Bearer ").
34    pub token_prefix: String,
35
36    /// Paths to exclude from authentication.
37    pub exclude_paths: Vec<String>,
38}
39
40impl Default for AuthConfig {
41    fn default() -> Self {
42        Self {
43            enabled:       false,
44            provider:      AuthProvider::None,
45            jwt_secret:    None,
46            jwt_algorithm: "HS256".to_string(),
47            domain:        None,
48            audience:      None,
49            client_id:     None,
50            header_name:   "Authorization".to_string(),
51            token_prefix:  "Bearer ".to_string(),
52            exclude_paths: vec!["/health".to_string()],
53        }
54    }
55}
56
57/// Authentication provider.
58#[derive(Debug, Clone, Default, Serialize, Deserialize, PartialEq, Eq)]
59#[serde(rename_all = "lowercase")]
60#[non_exhaustive]
61pub enum AuthProvider {
62    /// No authentication.
63    #[default]
64    None,
65    /// Simple JWT authentication.
66    Jwt,
67    /// Auth0 authentication.
68    Auth0,
69    /// Clerk authentication.
70    Clerk,
71    /// Custom webhook-based authentication.
72    Webhook,
73}
fraiseql_core/config/auth.rs

fraiseql_core/config/
auth.rs
