Crates.io | rolling-token-auth |
lib.rs | rolling-token-auth |
version | 0.1.1 |
created_at | 2024-12-28 20:26:55.619423+00 |
updated_at | 2024-12-28 20:56:53.535035+00 |
description | A simple and secure rolling token authentication system using HMAC-SHA256 |
homepage | |
repository | https://github.com/alexeichhorn/rust-rolling-token-auth |
max_upload_size | |
id | 1497758 |
size | 9,191 |
A simple and secure rolling token authentication system for Rust applications. It generates and validates time-based tokens using HMAC-SHA256.
Add this to your Cargo.toml
:
[dependencies]
rolling-token-auth = "0.1.0"
use rolling_token_auth::RollingTokenManager;
let mut manager = RollingTokenManager::new("secret", 3600, None);
The parameters are:
secret
: The secret key used for token generation (can be a string or bytes)interval
: Defines how long a token is valid in seconds. Shorter intervals are more securetolerance
: Optional parameter defining how many intervals to accept before/after the current one (defaults to 1)Both secret
and interval
must match between generation and verification.
// Generate a token for the current timestamp
let token = manager.generate_token();
// Or generate a token with a specific offset
let future_token = manager.generate_token_with_offset(1);
if manager.is_valid(&token.token) {
println!("Token is valid!");
}
The tolerance
parameter (set during initialization) defines how many tokens from the past and future are still valid. With the default tolerance of 1:
use rolling_token_auth::RollingTokenManager;
// Create a manager with 1-hour intervals
let mut manager = RollingTokenManager::new("my_secret", 3600, Some(1));
// Generate a token
let token = manager.generate_token();
// Validate the token
assert!(manager.is_valid(&token.token));