Skip to main content

reduct_base/msg/
token_api.rs

1// Copyright 2021-2026 ReductSoftware UG
2// Licensed under the Apache License, Version 2.0
3
4use chrono::{DateTime, Utc};
5use serde::{Deserialize, Serialize};
6
7/// Permissions for a token
8#[derive(Serialize, Deserialize, Default, Clone, Debug, PartialEq)]
9pub struct Permissions {
10    /// Full access to all buckets and tokens
11    #[serde(default)]
12    pub full_access: bool,
13    /// Read access to certain buckets
14    #[serde(default)]
15    pub read: Vec<String>,
16    /// Write access to certain buckets
17    #[serde(default)]
18    pub write: Vec<String>,
19}
20
21/// Token
22#[derive(Serialize, Deserialize, Default, Clone, Debug, PartialEq)]
23pub struct Token {
24    /// Unique token name
25    pub name: String,
26    /// Unique token value
27    pub value: String,
28    /// Creation time
29    pub created_at: DateTime<Utc>,
30    /// Permissions
31    pub permissions: Option<Permissions>,
32    /// Provisioned
33    pub is_provisioned: bool,
34    /// Expiration time
35    pub expires_at: Option<DateTime<Utc>>,
36    /// Inactivity TTL in seconds
37    #[serde(default)]
38    pub ttl: Option<u64>,
39    /// Last access time
40    pub last_access: Option<DateTime<Utc>>,
41    /// List of allowed client IP addresses for this token.
42    /// Empty list means no IP restriction.
43    #[serde(default)]
44    pub ip_allowlist: Vec<String>,
45    /// Computed marker for unusable token (`expires_at` or inactivity TTL)
46    #[serde(default)]
47    pub is_expired: bool,
48}
49/// Request for created token
50#[derive(Serialize, Deserialize, Default, Clone, Debug, PartialEq)]
51pub struct TokenCreateRequest {
52    pub permissions: Permissions,
53    #[serde(default)]
54    pub expires_at: Option<DateTime<Utc>>,
55    #[serde(default)]
56    pub ttl: Option<u64>,
57    #[serde(default)]
58    pub ip_allowlist: Vec<String>,
59}
60
61/// Response for created token
62#[derive(Serialize, Deserialize, Default, Clone, Debug, PartialEq)]
63pub struct TokenCreateResponse {
64    pub value: String,
65    pub created_at: DateTime<Utc>,
66}
67
68/// Token repository
69#[derive(Serialize, Deserialize, Default, Clone, Debug, PartialEq)]
70pub struct TokenList {
71    pub tokens: Vec<Token>,
72}