Skip to main content

rustio_admin/auth/
mod.rs

1//! Authentication & authorization.
2//!
3//! Three pieces:
4//! - `users.rs`       — user records, password hashing, login
5//! - `sessions.rs`    — DB-backed sessions with expiry cleanup
6//! - `permissions.rs` — granular permissions + groups
7//!
8//! A user belongs to zero or more groups. Permissions come from two
9//! sources: (a) direct assignments on the user, (b) inherited from
10//! the user's groups. The permission string is
11//! `<app>.<action>_<model>` — e.g. `posts.change_post`.
12
13pub mod guards;
14mod permissions;
15pub(crate) mod recovery;
16mod role;
17mod sessions;
18mod users;
19
20pub(crate) use permissions::invalidate_user_cache;
21pub use permissions::{
22    add_user_to_group, check_permission, create_group, grant_to_group, grant_to_user,
23    init_permission_tables, permissions_for_user, register_model_permissions,
24    remove_user_from_group, Permission, PermissionError, Superuser,
25};
26pub use recovery::{
27    DefaultPasswordPolicy, DefaultRecoveryPolicy, PasswordPolicy, PasswordPolicyError,
28    RecoveryPolicy, SharedPasswordPolicy, SharedRecoveryPolicy,
29};
30// `issue_reset_token` / `consume_reset_token` and the `IssueOutcome` /
31// `ConsumeOutcome` / `MailerEmailStatus` types live in `recovery`
32// (`pub(crate) mod recovery`) so the admin handlers in commit #8+
33// reach them as `crate::auth::recovery::*`. They are intentionally
34// NOT re-exported here — the framework owns the handler shape, and
35// projects compose recovery via the trait surfaces re-exported above.
36// `purge_expired_reset_tokens` (R1 commit #12) is reached the same
37// way from `background::spawn_session_sweeper`.
38pub use role::{protected_roles, Role};
39pub use sessions::{
40    create_session, current_session_id, delete_session, identity_from_session, init_session_tables,
41    invalidate_sessions, list_active_for_user, logout_session, purge_expired_sessions,
42    session_token_from_cookie, InvalidationOutcome, Session, SessionInvalidationReason,
43    SessionTarget, SessionTrust, SESSION_COOKIE,
44};
45#[allow(deprecated)]
46pub use users::would_orphan_developers;
47pub use users::{
48    create_user, find_user_by_email, hash_password, init_user_tables, load_user_profile, login,
49    migrate_user_schema, set_password, update_user_role, verdict_for_orphan_role, verify_password,
50    would_orphan_protected, would_orphan_role, Identity, StoredUser, UserProfile,
51};
52
53use crate::error::Result;
54use crate::orm::Db;
55
56/// Initialise every auth-related table. Safe to call on every boot.
57pub async fn init_tables(db: &Db) -> Result<()> {
58    init_user_tables(db).await?;
59    migrate_user_schema(db).await?;
60    init_session_tables(db).await?;
61    sessions::migrate_session_schema(db).await?;
62    sessions::migrate_session_lifecycle(db).await?;
63    init_permission_tables(db).await?;
64    // R1 (0.5.0) — self password recovery schema. See
65    // DESIGN_RECOVERY.md §9 for the contract.
66    recovery::migrate_user_recovery_schema(db).await?;
67    recovery::init_recovery_tables(db).await?;
68    Ok(())
69}