purwa_auth/
lib.rs

1//! Authentication for Purwa: **Argon2id** passwords, [`tower-sessions`] + [`axum_login`], and stubs
2//! for API tokens and struct-based policies.
3//!
4//! # Escape hatches
5//! - **Sessions:** use [`session::memory_session_layer`] for dev; swap the store passed to
6//!   [`tower_sessions::SessionManagerLayer::new`] for Redis or another backend. Handlers can use
7//!   [`axum_login::AuthSession`] directly for full control.
8//! - **Password cost:** tune [`password::DEFAULT_M_COST_KIB`] / [`password::hash_password_with`]
9//!   for production vs tests ([`password::hash_password_fast`] is for tests only).
10//!
11//! [`tower-sessions`]: https://docs.rs/tower-sessions
12//! [`axum_login`]: https://docs.rs/axum-login
13
14mod error;
15mod extract;
16mod password;
17mod policy;
18mod session;
19mod token;
20
21#[cfg(feature = "postgres")]
22mod pg;
23
24pub use error::PasswordError;
25pub use extract::CurrentUser;
26pub use password::{
27    DEFAULT_M_COST_KIB, DEFAULT_P_COST, DEFAULT_T_COST, argon2_default, argon2_fast, hash_password,
28    hash_password_fast, hash_password_with, verify_password, verify_password_with,
29};
30pub use policy::{AuthzError, Gate, Policy};
31pub use session::{
32    AuthManagerLayerBuilder, AuthSession, AuthUser, AuthnBackend, AuthzBackend, MemoryStore,
33    SessionManagerLayer, UserId, login_required, memory_session_layer, permission_required,
34};
35pub use token::{ApiTokenStore, authorization_bearer};
36
37#[cfg(feature = "postgres")]
38pub use pg::{EmailPasswordCredential, InsertUserError, PgAuthUser, PgAuthnBackend, insert_user};
purwa_auth/lib.rs

purwa_auth/
lib.rs
