Skip to main content

modo/auth/session/
mod.rs

1//! # modo::auth::session
2//!
3//! Unified session management for cookie and JWT transports.
4//!
5//! v0.8 provides two independent transports that share one SQLite table
6//! (`authenticated_sessions`) and one public data type ([`Session`]).
7//!
8//! ## Transports
9//!
10//! | Transport | Module | Entry point |
11//! |-----------|--------|-------------|
12//! | Cookie | [`cookie`] | [`cookie::CookieSessionService`] |
13//! | JWT | [`jwt`] | [`jwt::JwtSessionService`] |
14//!
15//! ## Provides
16//!
17//! - [`Session`] — transport-agnostic session data extractor (read-only snapshot).
18//! - [`SessionToken`] — opaque 32-byte random token; redacted in `Debug`/`Display`.
19//! - [`cookie`] — cookie-backed session transport ([`cookie::CookieSession`], [`cookie::CookieSessionService`], [`cookie::CookieSessionLayer`], [`cookie::CookieSessionsConfig`]).
20//! - [`jwt`] — JWT-backed session transport ([`jwt::JwtSession`], [`jwt::JwtSessionService`], [`jwt::JwtLayer`], [`jwt::JwtSessionsConfig`]).
21//! - [`device`] — user-agent parsing helpers for device classification.
22//! - [`fingerprint`] — browser fingerprinting for session hijacking detection.
23//! - [`meta`] — request metadata ([`meta::SessionMeta`]) and [`meta::header_str`] helper.
24//! - [`token`] — [`SessionToken`] type (also re-exported at this level).
25
26mod data;
27pub(crate) mod store;
28
29pub mod cookie;
30pub mod device;
31pub mod fingerprint;
32pub mod jwt;
33pub mod meta;
34pub mod token;
35
36// Primary public data type — transport-agnostic session snapshot.
37pub use data::Session;
38pub use data::Session as SessionData; // alias for back-compat
39
40pub use token::SessionToken;
41
42// Re-exports from cookie for back-compat during refactor.
43pub(crate) use cookie::SessionState;
44pub use cookie::{
45    CookieSession, CookieSessionLayer, CookieSessionService, CookieSessionsConfig, SessionConfig,
46    SessionLayer,
47};
48
49// Back-compat: old callers using `auth::session::Session` as the cookie extractor.
50// Maps to CookieSession so existing handler signatures keep compiling.
51pub use cookie::CookieSession as SessionExtractor;
52
53// SessionStore and layer exposed for integration tests only.
54#[cfg(any(test, feature = "test-helpers"))]
55pub use cookie::layer;
56#[cfg(any(test, feature = "test-helpers"))]
57pub use store::SessionStore;