Expand description
§ironflow-auth
Authentication library for the ironflow workflow engine.
- JWT access + refresh tokens (HS256)
- Argon2id password hashing
- HttpOnly cookie management
- Axum
AuthenticatedUserextractor
§Quick start
use ironflow_auth::jwt::{JwtConfig, AccessToken, RefreshToken};
use ironflow_auth::password;
use uuid::Uuid;
let config = JwtConfig {
secret: "my-secret".to_string(),
access_token_ttl_secs: 900,
refresh_token_ttl_secs: 604800,
cookie_domain: None,
cookie_secure: false,
};
let hash = password::hash("hunter2")?;
assert!(password::verify("hunter2", &hash)?);
let user_id = Uuid::now_v7();
let access = AccessToken::for_user(user_id, "alice", false, &config)?;
let claims = AccessToken::decode(&access.0, &config)?;
assert_eq!(claims.user_id, user_id);Modules§
- cookies
- HttpOnly cookie builders for auth and refresh tokens.
- error
- Authentication error types.
- extractor
- Axum extractors for authenticated callers.
- jwt
- JWT access and refresh token management.
- middleware
- Axum middleware for JWT authentication on protected routes.
- password
- Argon2id password hashing and verification.