Quick Start
Build your first authenticated Axum application with rs-auth.
Quick Start
This guide shows the intended shape of a minimal rs-auth integration with Axum and Postgres.
Setup
First, finish the Installation steps and make sure your database is reachable.
Add the auth router
Create your application state, then mount the prebuilt auth router:
use axum::Router;
use rs_auth::axum::{auth_router, AuthState};
let auth = auth_router(state);
let app = Router::new().nest("/auth", auth);What this gives you
With the current Phase 1 and Phase 2 implementation, the router exposes:
- email/password signup
- login/logout
- email verification
- password reset
- current session lookup
- session listing
- Google and GitHub OAuth flows
How sessions work
When a user logs in:
- rs-auth generates a cryptographically random session token
- the token is hashed with SHA-256 and stored in Postgres
- the raw token is written into a signed cookie by the Axum integration
- future requests resolve the user by reading and validating that cookie
This gives you:
- opaque session tokens instead of JWTs
- server-side revocation
- session introspection and listing
- safer defaults for Rust web apps
The current public implementation is intentionally focused on Axum and Postgres so the first release stays cohesive.
Protected routes
Protected routes use the require_auth middleware and the CurrentUser extractor. The middleware validates the session cookie and injects user information into request extensions, allowing handlers to depend on authenticated state. For details, see the Middleware documentation.