Crate pylon_auth 

Re-exports

pub use cookie::extract_token as extract_session_cookie;

pub use cookie::CookieConfig;

pub use cookie::SameSite;

Modules

cookie

Session cookie config + Set-Cookie header construction.

email

Pluggable email transport for auth flows (magic codes, invitations, etc.).

password

Argon2id password hashing + verification.

Structs

Account

A persisted account link. Schema-aligned with better-auth’s account table (verified against https://www.better-auth.com/docs/concepts/database at the time of writing) so users migrating from better-auth see the same field names + meanings:

AccountStore

Account store. Wraps an AccountBackend and provides the methods the OAuth callback / API endpoints actually call.

AuthContext

The auth context for a request. Represents who is making the request.

InMemoryAccountBackend

In-memory account backend (default). Lost on restart — production deployments should swap in a persistent backend so refresh tokens survive a redeploy.

InMemoryMagicCodeBackend

In-memory backend for magic codes. The default — also used as the authoritative cache by MagicCodeStore.

InMemoryOAuthBackend

In-memory backend (default). Lost on restart.

MagicCode

MagicCodeStore

A magic-code store. Wraps a MagicCodeBackend (in-memory by default) and applies the verify/cooldown semantics. Hydrates the in-memory cache from the backend on construction so durable backends survive restart without losing in-flight codes.

OAuthConfig

OAuthRegistry

OAuth provider registry.

OAuthState

One stored OAuth state record. Carries the post-callback redirect URLs alongside the provider so the callback handler doesn’t need to consult an env var to know where to send the user. Both URLs are validated against PYLON_TRUSTED_ORIGINS at create time, so the callback can trust them without re-checking.

OAuthStateStore

Stores OAuth state parameters to prevent CSRF attacks on the callback.

Session

A session token and its associated user.

SessionStore

A session store. In-memory by default; optionally backed by a persistent SessionBackend.

TokenSet

Token bundle returned by OAuthConfig::exchange_code_full. Stored on the matching Account row so refresh_token is available for silent re-auth and expires_at is checked before each provider call.

UserInfo

Resolved identity returned by OAuthConfig::fetch_userinfo_full. provider_account_id is the provider-stable subject id (Google sub, GitHub numeric id) — what the account store keys on so a renamed email doesn’t orphan the pylon account.

Enums

AuthMode

The auth mode declared on a route.

MagicCodeError

TrustedOriginError

Reasons a redirect URL might be rejected by validate_trusted_redirect.

Traits

AccountBackend

Pluggable storage for account links. In-memory default ships with the crate; SQLite + Postgres impls live in pylon-runtime.

MagicCodeBackend

Pluggable storage for magic-code records. In-memory is the default (fine for dev); persistent backends (SQLite, Postgres) live in pylon-runtime so a server restart between “send code” and “verify code” doesn’t invalidate the user’s pending login.

OAuthStateBackend

Backing store for OAuth state records. Default impl keeps them in memory (fine for tests + dev); the runtime swaps in a SQLite or Postgres backend so a restart in the middle of an OAuth handshake doesn’t leave the user with “invalid state” on the callback.

SessionBackend

Pluggable storage backend for sessions. The default is in-memory; apps deploying for real should supply a persistent backend (e.g. SQLite or Redis) so users don’t log out on server restart.

Functions

constant_time_eq

Constant-time byte comparison to prevent timing attacks.

origin_of

Extract the origin (scheme://host[:port]) from a URL string, stripping any path/query/fragment. Best-effort string slicing — no full URL parser dep. Public so router crates can reuse the same logic when comparing redirect URLs against the trusted-origins list.

validate_trusted_redirect

Validate that url has an origin (scheme://host[:port]) listed in trusted_origins. Returns Ok(url) when trusted (echoes input for chaining), Err with a code/message when not. Used by the OAuth start endpoint to gate ?callback= + ?error_callback= values before storing them in the state record.