Requirements
- Rust 1.70 or later
- Crates used by the SDK:
hmacsha2serdeserde_jsonureqbase64mac_addresshostname
Installation
The crate is published on crates.io/crates/authforge asauthforge.
Cargo.toml (for example 1.0 for compatible 1.x releases):
- Git (pre-release)
- Path (vendored)
branch, tag, or rev.Quick start
Config struct reference
| Field | Type | Default | Description |
|---|---|---|---|
app_id | String | required | Application ID from your AuthForge dashboard |
app_secret | String | required | Application secret from your AuthForge dashboard |
public_key | String | required | Ed25519 public key from your AuthForge dashboard (base64) |
heartbeat_mode | HeartbeatMode | Local | Local or Server heartbeat mode |
heartbeat_interval | u64 | 900 | Seconds between heartbeat checks (any value ≥ 1) |
api_base_url | String | https://auth.authforge.cc | AuthForge API base URL |
on_failure | Option<Box<dyn Fn(&str)+Send+Sync>> | None | Invoked when heartbeat fails |
request_timeout | u64 | 15 | Timeout for API requests |
session_ttl_seconds | Option<u64> | None (server default: 86400) | Requested session token lifetime. Server clamps to [3600, 604800]; preserved across heartbeat refreshes. |
hwid_override | Option<String> | None | Optional custom identity string sent as HWID (for example tg:123456789). |
Validate license (no heartbeat)
validate_license runs the same /auth/validate request and signature checks as login, but does not store a session on the client or start the heartbeat thread. It returns the same LoginResult on success.
Billing
- Each successful
login()orvalidate_license()costs 1 credit (one/auth/validatedebit). - Heartbeats cost 1 credit per 10 successful calls (billed on every 10th heartbeat). Any
heartbeat_interval ≥ 1is economically safe. - Revocations take effect on the next heartbeat regardless of interval.