Module auth 

JWT authentication and role guards.

1. Configure AuthConfig and register with crate::App::auth.
2. Use Authenticated, OptionalAuth, or RequireRole in handlers.

See crate::auth::token::encode_token to mint JWTs in login handlers or tests.

Re-exports

pub use token::encode_token;

Modules

token

Encode JWTs (tests, login handlers).

Structs

AuthClaims

Standard claims decoded from a JWT (Bearer or session cookie).

AuthConfig

How super::AuthLayer obtains and validates tokens.

AuthLayer

Tower Layer that validates JWTs and inserts AuthClaims into request extensions.

Authenticated

Requires a valid JWT (middleware must run — use crate::App::auth).

OptionalAuth

Present when the client sent a valid JWT; None for anonymous requests.

RequireRole

Role guard: RequireRole<YourRoleMarker> where YourRoleMarker: RoleName.

Enums

AuthRejection

Rejection for auth extractors.

Traits

RoleName

Map a zero-sized type to a role name (see RequireRole).