Rust : Forbidden

An experimental auth library for Rust applications

Goals

This crate is to define a common set of traits and idioms to provide for most applications with a way to incorporate authentication.

Is NOT the place to put the specific implementations for web/OS/etc.

Warning

This is an experimental project, without members with experience in security.

I hope to put the "ball to move" so finally Rust has a decent auth system to rely on.

🔬 Research

These libraries and articles are used as inspiration:

• 13 best practices for user account, authentication, and password management, 2021 edition
• Authentication Cheat Sheet
• Password auth in Rust, from scratch - Attacks and best practices
• Django Auth
• Terminology (what is realm, users, etc)

🤝 Contributing

Contributions, issues, and feature requests are welcome!

Feel free to check the issues page.

In special anyone that has experience in building auth systems and know what to watch for!.

Show your support

Give a ⭐️ if you like this project! or to help make this project a reality consider donate or sponsor with a subscription in https://www.buymeacoffee.com/mamcx.

📝 License

This project is dual licenced as MIT & APACHE.