The latest articles on DEV Community by Sebastian (@sebastiansala). https://dev.to/sebastiansala https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3899687%2Fb9a10e39-9023-4aef-9833-275a2de9e7da.png https://dev.to/sebastiansala en Sebastian Mon, 15 Jun 2026 02:40:00 +0000 https://dev.to/sebastiansala/rustauth-a-better-auth-inspired-toolkit-for-rust-apps-jjh https://dev.to/sebastiansala/rustauth-a-better-auth-inspired-toolkit-for-rust-apps-jjh <p>I’m building <strong>RustAuth</strong>, an authentication toolkit for Rust applications.</p> <p>The idea is simple: give Rust developers a clean, extensible auth foundation without forcing them into a hosted provider, a specific framework, or a pile of one-off glue code.</p> <p>👉 <a href="https://www.rustauth.dev" rel="noopener noreferrer">rustauth.dev</a></p> <p>Rust already has great crates for auth-related pieces: hashing, cookies, sessions, OAuth, JWTs, databases, middleware, and more.</p> <p>But when you are building real products, auth usually becomes more than <strong>login and logout</strong>.</p> <p>You eventually need things like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>- Email/password - Sessions - OAuth/OIDC - Passkeys - SAML - SSO - SCIM - Organizations - Database adapters - Payment flows - Framework integrations </code></pre> </div> <p>Most Rust solutions I found were either excellent low-level building blocks, framework-specific examples, or focused libraries for one part of the problem.</p> <p>That is not a bad thing. It is actually one of Rust’s strengths.</p> <p>But I wanted something more product-oriented: a toolkit that starts simple, stays modular, and can grow with the app.</p> <p>That is the direction of RustAuth.</p> <h2> What RustAuth is trying to be </h2> <p>RustAuth is not a hosted auth platform. It is not trying to take over your application. It is meant to be part of your backend.</p> <p>With RustAuth:</p> <ul> <li>You own your database.</li> <li>You own your user model.</li> <li>You choose the features you need.</li> <li>You keep auth close to your product logic.</li> </ul> <p>The goal is a Better Auth-inspired developer experience, designed for Rust instead of copying JavaScript patterns directly.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">let</span> <span class="n">auth</span> <span class="o">=</span> <span class="nn">RustAuth</span><span class="p">::</span><span class="nf">new</span><span class="p">()</span> <span class="nf">.adapter</span><span class="p">(</span><span class="n">db</span><span class="p">)</span> <span class="nf">.email_password</span><span class="p">()</span> <span class="nf">.oauth</span><span class="p">()</span> <span class="nf">.build</span><span class="p">();</span> </code></pre> </div> <p>Simple when you start. Composable when your product grows.</p> <h2> Why I care about this </h2> <p>Auth is one of those things that looks small until it is not.</p> <p>Login is easy.</p> <p>Then come sessions, account linking, token rotation, email verification, OAuth callbacks, permissions, teams, SSO, enterprise requirements, billing states, audit logs, and edge cases you did not think about on day one.</p> <p>I want RustAuth to help with that progression.</p> <p>Not by hiding everything, but by giving Rust developers a solid structure to build on.</p> <h2> Current status </h2> <p>RustAuth is still early.</p> <p>The API will evolve, docs will improve, and more integrations are coming. Right now, the focus is on getting the architecture right: core primitives, adapters, plugins, and framework integrations that feel natural in Rust.</p> <p>You can check it out here:</p> <p>👉 <a href="https://www.rustauth.dev" rel="noopener noreferrer">rustauth.dev</a><br> 👉 <a href="https://github.com/salasebas/rustauth" rel="noopener noreferrer">https://github.com/salasebas/rustauth</a></p> <p>Feedback is very welcome, especially from Rust developers building real apps.</p> rust opensource webdev security