rolling-token-auth
| Crates.io | rolling-token-auth |
| lib.rs | rolling-token-auth |
| version | |
| source | src |
| created_at | 2024-12-28 20:26:55.619423+00 |
| updated_at | 2024-12-28 20:56:53.535035+00 |
| description | A simple and secure rolling token authentication system using HMAC-SHA256 |
| homepage | |
| repository | https://github.com/alexeichhorn/rust-rolling-token-auth |
| max_upload_size | |
| id | 1497758 |
| Cargo.toml error: | TOML parse error at line 17, column 1 | 17 | autolib = false | ^^^^^^^ unknown field `autolib`, expected one of `name`, `version`, `edition`, `authors`, `description`, `readme`, `license`, `repository`, `homepage`, `documentation`, `build`, `resolver`, `links`, `default-run`, `default_dash_run`, `rust-version`, `rust_dash_version`, `rust_version`, `license-file`, `license_dash_file`, `license_file`, `licenseFile`, `license_capital_file`, `forced-target`, `forced_dash_target`, `autobins`, `autotests`, `autoexamples`, `autobenches`, `publish`, `metadata`, `keywords`, `categories`, `exclude`, `include` |
| size | 0 |
Alexander Eichhorn (alexeichhorn)
documentation
https://docs.rs/rolling-token-auth
README
Rolling Token Authentication
A simple and secure rolling token authentication system for Rust applications. It generates and validates time-based tokens using HMAC-SHA256.
Installation
Add this to your Cargo.toml:
[dependencies]
rolling-token-auth = "0.1.0"
Usage
Initialization
use rolling_token_auth::RollingTokenManager;
let mut manager = RollingTokenManager::new("secret", 3600, None);
The parameters are:
secret: The secret key used for token generation (can be a string or bytes)interval: Defines how long a token is valid in seconds. Shorter intervals are more securetolerance: Optional parameter defining how many intervals to accept before/after the current one (defaults to 1)
Both secret and interval must match between generation and verification.
Token Generation
// Generate a token for the current timestamp
let token = manager.generate_token();
// Or generate a token with a specific offset
let future_token = manager.generate_token_with_offset(1);
Token Verification
if manager.is_valid(&token.token) {
println!("Token is valid!");
}
The tolerance parameter (set during initialization) defines how many tokens from the past and future are still valid. With the default tolerance of 1:
- The previous interval's token is valid
- The current interval's token is valid
- The next interval's token is valid
Example
use rolling_token_auth::RollingTokenManager;
// Create a manager with 1-hour intervals
let mut manager = RollingTokenManager::new("my_secret", 3600, Some(1));
// Generate a token
let token = manager.generate_token();
// Validate the token
assert!(manager.is_valid(&token.token));