lightspeed/transport/contract
Transport adapter contract primitives.
Types
Adapter-level errors shared by transport modules.
pub type AdapterError {
AuthenticationFailed(String)
ProtectionRejected(String)
RateLimited(reason: String, retry_after_ms: Int)
ProtocolDecodeFailed(protocol.DecodeError)
UnsupportedClientFrame(String)
UnsupportedClientEvent(String)
InvalidAdapterState(String)
}Constructors
-
AuthenticationFailed(String) -
ProtectionRejected(String) -
RateLimited(reason: String, retry_after_ms: Int) -
ProtocolDecodeFailed(protocol.DecodeError) -
UnsupportedClientFrame(String) -
UnsupportedClientEvent(String) -
InvalidAdapterState(String)
Connection context passed to authentication hooks.
pub type AuthContext {
AuthContext(
session_id: String,
route: String,
csrf_token: String,
origin: String,
)
}Constructors
-
AuthContext( session_id: String, route: String, csrf_token: String, origin: String, )
Authentication function wrapper used by adapters.
pub type AuthHook {
AuthHook(run: fn(AuthContext) -> AuthResult)
}Constructors
-
AuthHook(run: fn(AuthContext) -> AuthResult)
Authentication hook decision.
pub type AuthResult {
Authorized(owner: String)
Denied(reason: String)
}Constructors
-
Authorized(owner: String) -
Denied(reason: String)
Protection context passed to CSRF/session guard hooks.
pub type ProtectionContext {
ProtectionContext(
session_id: String,
owner: String,
route: String,
csrf_token: String,
origin: String,
)
}Constructors
-
ProtectionContext( session_id: String, owner: String, route: String, csrf_token: String, origin: String, )
Protection hook wrapper.
pub type ProtectionHook {
ProtectionHook(run: fn(ProtectionContext) -> ProtectionResult)
}Constructors
-
ProtectionHook(run: fn(ProtectionContext) -> ProtectionResult)
Protection decision for session binding and CSRF checks.
pub type ProtectionResult {
Protected
Rejected(reason: String)
}Constructors
-
Protected -
Rejected(reason: String)
Rate-limit context passed before processing client events.
pub type RateLimitContext {
RateLimitContext(
session_id: String,
owner: String,
event_name: String,
now_ms: Int,
)
}Constructors
-
RateLimitContext( session_id: String, owner: String, event_name: String, now_ms: Int, )
Rate-limit hook wrapper.
pub type RateLimitHook {
RateLimitHook(run: fn(RateLimitContext) -> RateLimitResult)
}Constructors
-
RateLimitHook(run: fn(RateLimitContext) -> RateLimitResult)
Rate-limit decision.
pub type RateLimitResult {
RateAllowed
Limited(reason: String, retry_after_ms: Int)
}Constructors
-
RateAllowed -
Limited(reason: String, retry_after_ms: Int)
Values
pub fn allow_all(owner: String) -> AuthHookAccept every connection with the given owner id.
pub fn allow_protection() -> ProtectionHookAllow every connection through protection checks.
pub fn authenticate(
hook: AuthHook,
context: AuthContext,
) -> AuthResultExecute an auth hook.
pub fn deny_protection(reason: String) -> ProtectionHookDeny every connection through protection checks.
pub fn deny_rate_limit(
reason: String,
retry_after_ms: Int,
) -> RateLimitHookDeny every event by rate-limit policy.
pub fn error_to_string(error: AdapterError) -> StringStable adapter error string for logs and tests.
pub fn limit_rate(
hook: RateLimitHook,
context: RateLimitContext,
) -> RateLimitResultExecute a rate-limit hook.
pub fn protect(
hook: ProtectionHook,
context: ProtectionContext,
) -> ProtectionResultExecute a protection hook.
pub fn require_csrf(expected_token: String) -> ProtectionHookRequire an exact CSRF token match.