Skip to main content

ApiKeyStore

pylon_auth::api_key

Struct ApiKeyStore

pub struct ApiKeyStore { /* private fields */ }

Implementations§

impl ApiKeyStore

pub fn new() -> Self

pub fn with_backend(backend: Box<dyn ApiKeyBackend>) -> Self

pub fn create( &self, user_id: String, name: String, scopes: Option<String>, expires_at: Option<u64>, ) -> (String, ApiKey)

Mint a new API key. Returns (plaintext, ApiKey) — the plaintext MUST be shown to the user exactly once and never stored anywhere on the server. The ApiKey is what’s persisted (with secret_hash not the secret).

Wire format: pk.<id>.<secret> — the id is embedded so verification is one DB lookup, not a table scan. Hash-only schemes that store no plaintext id make verification O(N). . separator (not _) so it survives the URL-safe base64 alphabet that base64url uses for both id and secret bodies.

pub fn verify(&self, token: &str) -> Result<ApiKey, ApiKeyVerifyError>

Verify a plaintext token. Touches last_used_at on success so the management UI can show “last used 5m ago”.

touch is debounced to once-per-minute per key to avoid a write storm on hot keys (one DB write per request was a real contention source under load).

pub fn revoke(&self, id: &str) -> bool

pub fn list_for_user(&self, user_id: &str) -> Vec<ApiKey>

Trait Implementations§

impl Default for ApiKeyStore

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for ApiKeyStore

impl !RefUnwindSafe for ApiKeyStore

impl Send for ApiKeyStore

impl Sync for ApiKeyStore

impl Unpin for ApiKeyStore

impl UnsafeUnpin for ApiKeyStore

impl !UnwindSafe for ApiKeyStore

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T> Instrument for T

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> WithSubscriber for T

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more