Expand description
A lightweight, secure nonce-based authentication library for Rust.
This library provides a simple, robust solution for preventing replay attacks in APIs and other network services. It uses a combination of nonces, timestamps, and HMAC signatures to ensure that each request is unique and authentic.
§Core Components
CredentialBuilder- Creates cryptographic credentialsCredentialVerifier- Verifies cryptographic credentialsNonceStorage- Pluggable storage backends
§Quick Example
use nonce_auth::{CredentialBuilder, CredentialVerifier, storage::MemoryStorage};
use std::sync::Arc;
// Create a credential
let credential = CredentialBuilder::new(b"shared_secret")
.sign(b"important_data")?;
// Verify the credential
let storage = Arc::new(MemoryStorage::new());
CredentialVerifier::new(storage)
.with_secret(b"shared_secret")
.verify(&credential, b"important_data")
.await?;For detailed configuration options, see CONFIGURATION.md.
Re-exports§
pub use nonce::BoxedCleanupStrategy;pub use nonce::CleanupStrategy;pub use nonce::ConfigPreset;pub use nonce::CredentialBuilder;pub use nonce::CredentialVerifier;pub use nonce::CustomCleanupStrategy;pub use nonce::HybridCleanupStrategy;pub use nonce::MacLike;pub use nonce::MemoryStorage;pub use nonce::NonceConfig;pub use nonce::NonceEntry;pub use nonce::NonceError;pub use nonce::NonceGeneratorFn;pub use nonce::NonceStorage;pub use nonce::SignatureAlgorithm;pub use nonce::StorageStats;pub use nonce::TimeProviderFn;pub use nonce::DefaultSignatureAlgorithm;pub use nonce::create_default_algorithm;pub use nonce::ErrorMetrics;pub use nonce::InMemoryMetricsCollector;pub use nonce::MetricEvent;pub use nonce::MetricsCollector;pub use nonce::MetricsTimer;pub use nonce::NoOpMetricsCollector;pub use nonce::NonceMetrics;pub use nonce::PerformanceMetrics;
Modules§
- nonce
- signature
- Pluggable signature algorithms for cryptographic operations.
- storage
- Pluggable storage backends for nonce persistence.
Structs§
- Nonce
Credential - A self-contained cryptographic credential used to authenticate a request.