Router
Mount rs-auth into your Axum application.
The rs-auth-axum crate exposes auth_router so you can mount auth routes quickly.
use axum::Router;
use rs_auth::axum::auth_router;
let app = Router::new().nest("/auth", auth_router(state));This keeps the integration thin: rs-auth-core owns auth logic and rs-auth-axum owns the HTTP layer.
Public routes
Public routes are accessible without authentication:
| Method | Path | Description |
|---|---|---|
| POST | /auth/signup | Create a new user account |
| POST | /auth/login | Log in with email and password |
| GET | /auth/verify/{token} | Verify email with token |
| POST | /auth/forgot | Request password reset |
| POST | /auth/reset | Reset password with token |
| GET | /auth/login/{provider} | Initiate OAuth login |
| GET | /auth/callback/{provider} | OAuth callback handler |
Protected routes
Protected routes require a valid session (enforced by require_auth middleware):
| Method | Path | Description |
|---|---|---|
| GET | /auth/session | Get current session information |
| GET | /auth/sessions | List all sessions for current user |
| POST | /auth/logout | Log out and invalidate session |
| GET | /auth/link/{provider} | Initiate explicit OAuth account link |
| GET | /auth/accounts | List linked OAuth accounts |
| POST | /auth/accounts/{id}/unlink | Unlink an OAuth account |
The router splits these into two groups internally, applying require_auth only to protected routes: