Skip to main contentModule auth
Source - AuthState
- Shared authentication state holding the optional Bearer token for the MCP server.
- RateLimiterState
- Lock-free token-bucket rate limiter using millisecond-precision timestamps for smooth refill.
- default_rate_limiter
- Create a rate limiter with the default capacity of 100 requests per second.
- dns_rebinding_guard
- Axum middleware that blocks DNS rebinding attacks.
- generate_token
- Generate a random UUID v4 token suitable for Bearer authentication.
- origin_guard
- Axum middleware that blocks cross-origin requests from browsers.
- rate_limit
- Axum middleware that rejects requests with 429 when the token bucket is exhausted.
- require_auth
- Axum middleware that validates the
Authorization: Bearer <token> header against AuthState. - security_headers
- Axum middleware that sets security-hardening response headers on every response.