Skip to main content

AuthGuard

mailrs_auth_guard

Struct AuthGuard 

Source 
pub struct AuthGuard { /* private fields */ }
Expand description

Sharded in-process tracker of failed auth attempts plus lockout state, keyed by (IpAddr, username) and by IpAddr alone.

Both counters slide over time windows configured in AuthGuardConfig. The IP-only counter applies regardless of which username was attempted, so a single attacker spraying many usernames eventually hits the IP-level lockout.

Implementations§

Source§

impl AuthGuard

Source

pub fn new(config: AuthGuardConfig) -> Self

Construct a guard with the given thresholds. Use AuthGuardConfig::default() for the SMTP/IMAP-tuned defaults.

Source

pub fn check(&self, ip: IpAddr, username: &str) -> AuthCheck

Check whether (ip, username) is currently in lockout.

Read-only; does not record an attempt. Call before doing the actual password verification. If Allowed, do the verify; if LockedOut, reject without touching the password backend.

The check looks at both the per-IP and per-(IP, username) counters and returns the first matching lockout. IPv6 addresses are normalized to their /64 prefix.

Source

pub fn record_failure(&self, ip: IpAddr, username: &str)

Record a failed auth attempt. Call when the password verify returns “wrong credentials” — including the case where the account doesn’t exist (constant-time policy).

Increments both the per-IP and per-(IP, username) counters. May tip one or both over their threshold and arm a lockout.

Source

pub fn record_success(&self, ip: IpAddr, username: &str)

Record a successful auth. Clears the per-(IP, username) counter (so a legitimate user who fat-fingered then succeeded doesn’t accumulate against future attempts).

Does not clear the per-IP counter, because a successful auth from one user doesn’t prove the IP isn’t being abused against another. Use cleanup_stale + time decay for that.

Source

pub fn cleanup_stale(&self, before: Instant)

Drop records whose lockouts have already expired before before. Call periodically (every few minutes) from a background task to keep the maps bounded under sustained attack volume.

Records with active lockouts or recent in-window failures are preserved.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more