LibreAuth is a collection of tools for user authentication

Password / passphrase authentication

LibreAuth

LibreAuth is a collection of tools for user authentication.

Features

  • Password / passphrase authentication
    • no character-set limitation
    • reasonable length limit (security vs. DOS)
    • strong, evolutive and retro-compatible password hashing functions
    • NFKC normalization for Unicode passwords
    • optional NIST Special Publication 800-63B compatibility
    • optional additional HMAC with an external salt before or after hashing the password
  • HOTP - HMAC-based One-time Password Algorithm (OATH - RFC 4226)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable counter
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
  • TOTP - Time-based One-time Password Algorithm (OATH - RFC 6238)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable timestamp
    • customizable period
    • customizable initial time (T0)
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
    • customizable positive and negative period tolerance
  • Random key generation
    • uses the platform's secure entropy source
    • customizable size
    • customizable output format (Vec, hexadecimal string, base32 string, base64 string)
  • WebAuthn - Web Authentication: An API for accessing Public Key Credentials Level 1 (W3C) :warning: Not started yet
    • authenticator API
    • server API

Status

The project itself is still in development and therefore should not be used in production before version 1.0.0. Below is the list of features that will be present in the first stable version and their individual status.

  • OATH HOTP/TOTP: almost ready!
    • :white_check_mark: lot of features
    • :white_check_mark: stable API
    • :warning: lack of peer review
  • Password / passphrase authentication: almost ready!
    • :white_check_mark: sane defaults
    • :white_check_mark: stable API
    • :warning: lack of peer review
  • Random key generation: almost ready!
    • :warning: stable API
    • :warning: lack of peer review

Using within a Rust project

You can find LibreAuth on crates.io and include it in your Cargo.toml:

Modules can be cherry-picked using default-features = false and then using only the features you want.

Using outside Rust

In order to build LibreAuth, you will need the Rust compiler and its package manager, Cargo. The minimal required Rust version is 1.57, although it is recommended to use the latest stable one.

Quick examples

Rust

More examples are available in the documentation.

C

License

LibreAuth is a free software available either under the CeCILL-C or the CeCILL 2.1 license. For a quick summary of those licenses, you can read the frequently asked questions on the licenses' website. A full copy of those licenses are available in this repository both in english and french.

While the CeCILL 2.1 is the original LibreAuth license, future versions may be published only under the CeCILL-C license. This change occurs because CeCILL 2.1 isn't really suited for a library since it is a "viral" license.

Information - Updated Jun 23, 2022

Stars: 239
Forks: 10
Issues: 0

rocket_auth provides a ready-to-use backend agnostic API for authentication management

rocket_auth provides a ready-to-use backend agnostic API for authentication management

rocket_auth provides a ready-to-use backend agnostic API for authentication management

Canduma rust Graphql

A Rust authentication server with GraphQL API, Diesel, PostgreSQL session authentication and JWT

Canduma rust Graphql

Webauthn is a modern approach to hardware based authentication, consisting of

a user with an authenticator device, a browser or client that interacts with the

Webauthn is a modern approach to hardware based authentication, consisting of

Authentication Server using Rocket(Rust)

Verification and Validation

Authentication Server using Rocket(Rust)

Authentication (symmetric, HS* JWT algorithms) example

Signatures (asymmetric, RS*, PS*, ES* and EdDSA algorithms) example

Authentication (symmetric, HS* JWT algorithms) example

HTTP Digest Access Authentication for Rust

A (mostly) complete implementation of ITEF RFC2069, RFC2617 and RFC7616

HTTP Digest Access Authentication for Rust
Http

178

Documentation | Crates

Authentication (partial support)

Documentation | Crates

This project contains a Rust server that serves a single page application and

has authentication + JWT-based authorization

This project contains a Rust server that serves a single page application and

Token Generator fo EdgeCast Token-Based Authentication implemented in Rust

Token-Based Authentication safeguards against hotlinking by adding a token requirement to requests for content secured by it

Token Generator fo EdgeCast Token-Based Authentication implemented in Rust

User Authentication Service

Code for the video series JWT

User Authentication Service
Facebook Instagram Twitter GitHub Dribbble
Privacy