Echo
6c72dc3ac6
Some checks failed
CI Pipeline / Rust Format Check (push) Failing after 2s
CI Pipeline / Clippy Lints (push) Failing after 1s
CI Pipeline / Rust Unit Tests (push) Failing after 2s
CI Pipeline / Security Audit (push) Failing after 2s
CI Pipeline / Frontend Lint & Type Check (push) Failing after 3s
CI Pipeline / Build .deb & Release (push) Has been skipped
- health_poller: persist agent_version from HealthData.version - health_poller: call /system/info to update os_family, os_name, arch - enrollment: set os_family and arch from os_details during approval - enrollment: build os_name from os+os_version when name field absent - COALESCE in UPDATE preserves existing values when new data unavailable - version bump 0.1.7 -> 0.1.8
26 lines
1009 B
Rust
Executable File
26 lines
1009 B
Rust
Executable File
//! pm-auth — Authentication and authorization.
|
|
//!
|
|
//! Modules:
|
|
//! - `password` — Argon2id password hashing (m=65536, t=3, p=1)
|
|
//! - `jwt` — EdDSA/Ed25519 JWT issuance and validation (15-min TTL)
|
|
//! - `refresh` — Opaque 256-bit refresh tokens (1-hour sliding window)
|
|
//! - `mfa_totp` — TOTP setup and verification (Google Authenticator compatible)
|
|
//! - `mfa_webauthn` — WebAuthn stub (full implementation pending)
|
|
//! - `rbac` — Axum middleware for JWT authentication and role enforcement
|
|
//! - `session` — Login flow orchestration (password → MFA → tokens)
|
|
|
|
pub mod jwt;
|
|
pub mod mfa_totp;
|
|
pub mod mfa_webauthn;
|
|
pub mod password;
|
|
pub mod rbac;
|
|
pub mod refresh;
|
|
pub mod session;
|
|
|
|
// Commonly re-exported types
|
|
pub use jwt::{AccessClaims, JwtError};
|
|
pub use password::validate_password_strength;
|
|
pub use password::{hash_password, verify_password, PasswordError};
|
|
pub use rbac::{AuthConfig, AuthUser, UserRole};
|
|
pub use session::{LoginRequest, LoginResponse, SessionError, SessionUser};
|