Authorization/Authentication

Authorization and Authentication are a big deal for web development. Take OAuth, the most widely used protocol of authentication between services on the web. Such a simple idea, but with so many varying implementations (twitter, facebook, whatever...) and tricky parts in the details – it's almost impossible to get right without a library. Luckily, these crates will help you address authentication problems. For hashing and algorithm crates, see: Cryptography

• asap

  

  An implementation of ASAP for rust.

• casbin

  

  An authorization library that supports access control models like ACL, RBAC, ABAC.

• cookie

  

  HTTP cookie parsing and cookie jar management. Supports signed and private (encrypted, authenticated) jars.

• jsonwebtoken

  

  Create and decode JWTs in a strongly typed way.

• oauth2

  

  An extensible, strongly-typed implementation of OAuth2

• openssl

  

  OpenSSL bindings

• oso

  

  oso is an open source policy engine for authorization that’s embedded in your application

• otpauth

  

  Two-step verification of HOTP/TOTP for Rust

• oxide-auth

  

  A OAuth2 library for common web servers, featuring a set of configurable and pluggable backends.

• yup-oauth2

  

  An oauth2 implementation, providing the 'device', 'service account' and 'installed' authorization flows