Rustango docs

Send a passwordless magic-link login

Problem

You want users to log in via an emailed link instead of a password.

Sign a short-lived URL with signed_url; the link carries an HMAC + expiry that verify checks on the way back.

use rustango::signed_url::{sign, verify};
use std::time::Duration;

// Issue:
let path = sign(&secret, &format!("/auth/magic?uid={uid}"), Duration::from_secs(900));
mailer.send(magic_link_email(email, &path)).await?;

// Verify on the callback:
let ok = verify(&secret, &signed_path).is_ok();

Batteries included

The auth_flows feature builds password-reset, email-verification, and magic-link flows on top of this primitive.