tauri-plugin-better-auth-license
| Crates.io | tauri-plugin-better-auth-license |
| lib.rs | tauri-plugin-better-auth-license |
| version | 0.0.12 |
| created_at | 2025-11-05 16:25:16.720958+00 |
| updated_at | 2025-11-24 15:53:09.820427+00 |
| description | Tauri plugin for license-based authentication and secure device validation. |
| homepage | |
| repository | |
| max_upload_size | |
| id | 1918218 |
| size | 166,439 |
David (david-crabnebula)
documentation
README
Better Auth License Tauri Plugin
Provides device-bound licensing for Tauri applications through encrypted activation flows and offline-verifiable JWTs.
This Tauri plugin is designed to be used together with the Better Auth License plugin:
It generates an X25519 device keypair, stores the private key securely in the OS keychain, exposes only the public key to the server, and handles all JWE encryption/decryption automatically.
| Platform | Supported |
|---|---|
| Linux | ✓ |
| Windows | ✓ |
| macOS | ✓ |
| Android | x |
| iOS | x |
All private keys, license keys, and tokens are securely stored using the native credential store (macOS Keychain, Windows Credential Manager, Linux Secret Service).
Install
This plugin requires a Rust version of at least 1.77.2
There are three general methods of installation that we can recommend.
- Use crates.io and npm (easiest, and requires you to trust that our publishing pipeline worked)
- Pull sources directly from Github using git tags / revision hashes (most secure)
- Git submodule install this repo in your tauri project and then use file protocol to ingest the source (most secure, but inconvenient to use)
Install the Core plugin by adding the following to your Cargo.toml file:
src-tauri/Cargo.toml
[dependencies]
tauri-plugin-better-auth-license = "0.0.9"
# alternatively with Git:
tauri-plugin-better-auth-license = { git = "https://github.com/crabnebula-dev/better-auth-license" }
You can install the JavaScript Guest bindings using your preferred JavaScript package manager:
pnpm add @crabnebula/tauri-plugin-better-auth-license
# or
npm add @crabnebula/tauri-plugin-better-auth-license
# or
yarn add @crabnebula/tauri-plugin-better-auth-license
Usage
First you need to register the core plugin with Tauri:
src-tauri/src/lib.rs
use tauri_plugin_better_auth_license::Builder;
fn main() {
tauri::Builder::default()
.plugin(Builder::new()
.with_license_server("http://localhost:5173/api/auth")
.build())
.run(tauri::generate_context!())
.expect("error while running tauri application");
}
Capture the user license key input: Afterwards the plugin API are available through the JavaScript guest bindings:
import { update, remove, validate } from '@crabnebula/tauri-plugin-better-auth-license'
await update({ license: "AB-1234-0000" })
await validate()
await remove()
Validate license from Rust:
use tauri_plugin_better_auth_license::LicenseManager;
#[tauri::command]
pub async fn your_protected_command(
manager: tauri::State<'_, LicenseManager>,
) -> tauri::Result<()> {
manager.validate().await?;
// your code
}
The plugin:
- Generates an X25519 device keypair on first run
- Stores it in the OS keychain
- Fetches JSON Web Key Sets (JWKS) from the server
- Encrypts outbound payloads using the server enc JWK
- Decrypts inbound JWE responses using the device private key
- Performs offline + remote JWT validation
No encryption logic is required in application code.
License
MIT or MIT/Apache 2.0 where applicable.