MCPcopy Index your code
hub / github.com/cmackenzie1/torii-rs

github.com/cmackenzie1/torii-rs @torii-v0.5.3

Chat with this repo
repository ↗ · DeepWiki ↗ · release torii-v0.5.3 ↗ · + Follow
1,080 symbols 2,893 edges 124 files 151 documented · 14%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Torii

CI codecov docs.rs Crates.io Version

[!WARNING] This project is in early development and is not production-ready. The API is subject to change without notice.

Overview

Torii is a powerful authentication framework for Rust applications that gives you complete control over your users' data. Unlike hosted solutions like Auth0, Clerk, or WorkOS that store user information in their cloud, Torii lets you own and manage your authentication stack while providing modern auth features through a flexible service architecture.

With Torii, you get the best of both worlds - powerful authentication capabilities like passwordless login, social OAuth, and passkeys, combined with full data sovereignty and the ability to store user data wherever you choose.

Check out the example todos to see Torii in action.

Features

  • Password Authentication: Secure password-based login with bcrypt hashing
  • OAuth/OpenID Connect: Social login with major providers (Google, GitHub, etc.)
  • Passkey/WebAuthn: Modern passwordless authentication with FIDO2
  • Magic Links: Email-based passwordless authentication
  • Session Management: Flexible session handling (opaque tokens or JWTs)
  • Full Data Sovereignty: Store user data where you choose
  • Multiple Storage Backends: SQLite, PostgreSQL, MySQL support
  • Type Safety: Strongly typed APIs with compile-time guarantees
  • Async/Await: Built for modern async Rust applications

Storage Backend Support

Authentication Method SQLite PostgreSQL MySQL (SeaORM)
Password
OAuth2/OIDC
Passkey/WebAuthn
Magic Link

✅ = Supported 🚧 = Planned/In Development ❌ = Not Supported

Quick Start

Add Torii to your Cargo.toml:

[dependencies]
torii = { version = "0.4.0", features = ["sqlite", "password"] }

Basic usage example:

use torii::Torii;
use torii::sqlite::SqliteStorage;
use std::sync::Arc;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Connect to database
    let storage = SqliteStorage::connect("sqlite://auth.db?mode=rwc").await?;
    storage.migrate().await?;

    // Create Torii instance
    let repositories = Arc::new(storage.into_repository_provider());
    let torii = Torii::new(repositories);

    // Register a user
    let user = torii.password().register(
        "user@example.com", 
        "secure_password"
    ).await?;

    // Login user
    let (user, session) = torii.password().authenticate(
        "user@example.com", 
        "secure_password",
        None, // user_agent
        None, // ip_address
    ).await?;

    println!("User logged in: {}", user.email);
    Ok(())
}

Axum Integration

For web applications, use the torii-axum crate for plug-and-play integration:

[dependencies]
torii-axum = { version = "0.4.0", features = ["sqlite", "password"] }
use torii_axum::{AuthRoutes, CookieConfig, AuthUser};
use axum::{routing::get, Router, Json};

#[tokio::main]
async fn main() {
    let storage = /* ... setup storage ... */;
    let torii = /* ... setup torii ... */;

    // Create authentication routes with cookie configuration
    let auth_routes = AuthRoutes::new(torii.clone())
        .with_cookie_config(CookieConfig::development());

    // Build your application with auth routes
    let app = Router::new()
        .route("/protected", get(protected_handler))
        .merge(auth_routes.into_router())
        .with_state(torii);

    // Start server
    let listener = tokio::net::TcpListener::bind("0.0.0.0:3000").await.unwrap();
    axum::serve(listener, app).await.unwrap();
}

// Protected route handler
async fn protected_handler(user: AuthUser) -> Json<serde_json::Value> {
    Json(serde_json::json!({
        "user_id": user.id,
        "email": user.email
    }))
}

Project Structure

The Torii project is organized into several crates:

Core Crates

  • torii - Main authentication coordinator and public API
  • torii-core - Core types, traits, and services
  • torii-migration - Database migration management

Storage Backends

Integration Crates

  • torii-axum - Plug-and-play Axum integration with routes, middleware, and extractors

Examples

  • examples/todos - Complete todo application demonstrating Torii integration
  • examples/axum-example - Complete Axum web server with SQLite, password authentication, and email support

Architecture

Torii uses a service-oriented architecture:

  • Services: Handle business logic for authentication methods (password, OAuth, etc.)
  • Repositories: Provide data access abstractions for different storage backends
  • Storage Backends: Implement concrete database operations
  • Session Providers: Handle session token generation and validation (opaque or JWT)

This modular design allows you to mix and match components based on your needs while maintaining type safety and performance.

Security

[!IMPORTANT] As this project is in early development, it has not undergone security audits and should not be used in production environments. The maintainers are not responsible for any security issues that may arise from using this software.

Contributing

As this project is in its early stages, we welcome discussions and feedback, but please note that major changes may occur.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Extension points exported contracts — how you extend this code

UserRepository (Interface)
(no doc) [7 implementers]
torii-core/src/repositories/user.rs
Mailer (Interface)
(no doc) [5 implementers]
torii-mailer/src/mailer.rs
HasTorii (Interface)
Trait for application states that contain a Torii instance. Your application state must implement this trait to use Tor [2 …
torii-axum/src/middleware.rs
MigrationManager (Interface)
(no doc) [2 implementers]
torii-migration/src/lib.rs
TokenRepository (Interface)
(no doc) [5 implementers]
torii-core/src/repositories/token.rs
TemplateEngine (Interface)
(no doc) [1 implementers]
torii-mailer/src/templates/engine.rs
Migration (Interface)
(no doc)
torii-migration/src/lib.rs
SessionStorage (Interface)
(no doc) [4 implementers]
torii-core/src/storage.rs

Core symbols most depended-on inside this repo

as_str
called by 85
torii-core/src/user.rs
insert
called by 43
torii-mailer/src/templates/mod.rs
password
called by 37
torii/src/lib.rs
get
called by 33
torii-mailer/src/templates/mod.rs
email
called by 30
torii-core/src/user.rs
build
called by 30
torii-storage-postgres/src/oauth.rs
migrate
called by 26
torii/src/lib.rs
authenticate
called by 24
torii/src/lib.rs

Shape

Method 583
Function 273
Class 165
Enum 34
Interface 25

Languages

Rust100%
TypeScript1%

Modules by API surface

torii/src/lib.rs50 symbols
torii-core/src/session/mod.rs49 symbols
torii-core/src/repositories/adapter.rs42 symbols
torii-core/src/user.rs36 symbols
torii-core/src/services/passkey.rs31 symbols
torii-core/src/services/password_reset.rs30 symbols
torii-core/src/services/oauth.rs29 symbols
torii-axum/src/types.rs26 symbols
torii-core/src/services/mailer.rs25 symbols
torii-core/src/services/magic_link.rs24 symbols
torii-core/src/storage.rs23 symbols
torii-core/src/error/mod.rs21 symbols

Datastores touched

toriiDatabase · 1 repos
postgresDatabase · 1 repos
(mysql)Database · 1 repos
toriiDatabase · 1 repos
torii_dbDatabase · 1 repos
torii_testDatabase · 1 repos

For agents

$ claude mcp add torii-rs \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page