Struct AuthHandle 

pub struct AuthHandle { /* private fields */ }

Handle to the platform authentication subsystem. Obtained from create_auth().

Implementations

impl AuthHandle

pub fn capabilities(&self) -> AuthCapabilities

Return the platform’s authentication capabilities. Equivalent to platform_auth_capabilities().

pub fn request_presence(&self, reason: &str) -> Result<()>

Request user-presence verification. Returns Ok(()) if the user authenticated successfully.

Platform behavior:

• macOS: Fires the Touch ID / passcode dialog synchronously via LAContext.evaluatePolicy(.deviceOwnerAuthentication). Blocks until the user responds. Returns Err(PresenceNotAvailable) if no biometric or passcode is enrolled, or Err(UserCancelled) if the user dismisses the prompt.
• Windows: Calls UserConsentVerifier.RequestVerificationAsync(reason). Falls back to a password gate when Windows Hello is not enrolled. Gracefully degrades to Ok(()) on headless sessions where neither Hello nor a verifiable password is available (credentials remain TPM-encrypted regardless).
• Linux / other: Always returns Err(PresenceNotAvailable).

pub fn evict_presence_cache(&self)

Evict any cached presence token, forcing re-authentication on the next signing or decryption operation that uses a cached presence mode.

Platform behavior:

• macOS: Clears all cached LAContext handles from the global registry. The next sign_with_presence(Cached, ...) call will fire a fresh Touch ID prompt.
• Windows: Clears all Windows Hello verifications cached in this AuthHandle. The sign/decrypt paths manage their own HelloGate state and are unaffected.
• Linux / other: No-op.

pub fn backend_kind(&self) -> BackendKind

Which hardware security backend this handle targets.

Trait Implementations

impl Debug for AuthHandle

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.