Payloads and Schemas¶
litestar_auth.payloads is the authoritative public boundary for the built-in auth lifecycle DTOs published by the
default controllers. litestar_auth.schemas still documents the default user CRUD structs used for registration and
user-facing reads or updates.
UserEmailField and UserPasswordField are the canonical public schema-helper aliases for app-owned
msgspec.Struct registration/update schemas. Import them from litestar_auth.schemas when you want custom email
and password fields to keep the same documented regex, max-length, and password-length metadata as the built-in
UserCreate and UserUpdate structs without copying local constraints. Existing UserPasswordField imports remain
supported; add UserEmailField when you also want the built-in email contract on app-owned schemas. For the full
contract between schema metadata, password_validator_factory, and shared PasswordHelper injection, see
Configuration.
These aliases only describe schema validation and OpenAPI metadata. Runtime password policy still lives on the
manager side through password_validator_factory or the manager's default validator.
Schema usage example:
import msgspec
from litestar_auth.schemas import UserEmailField, UserPasswordField
class AppUserCreate(msgspec.Struct):
email: UserEmailField
password: UserPasswordField
Built-in auth payloads¶
Use these types when you want the exact request and response structs exposed by the built-in login, refresh, verify, reset-password, and TOTP routes.
litestar_auth.payloads
¶
Public msgspec payloads for built-in auth and user flows.
This module is the authoritative public import boundary for built-in request and
response structs. Existing imports from litestar_auth,
litestar_auth.controllers, and individual controller modules remain
supported via compatibility re-exports.
LoginCredentials
¶
Bases: Struct
Login payload accepted by the auth controller.
RefreshTokenRequest
¶
Bases: Struct
Refresh payload accepted by the auth controller.
ForgotPassword
¶
Bases: Struct
Payload used to request a reset-password token.
ResetPassword
¶
Bases: Struct
Payload used to reset a password with a previously issued token.
RequestVerifyToken
¶
Bases: Struct
Payload used to request a fresh email-verification token.
VerifyToken
¶
Bases: Struct
Payload used to complete an email-verification flow.
TotpEnableRequest
¶
Bases: Struct
Optional step-up payload for enabling 2FA.
TotpEnableResponse
¶
Bases: Struct
Response returned when 2FA enrollment is initiated (phase 1).
The secret is not yet persisted. The client must confirm enrollment via
/enable/confirm with a valid TOTP code to activate 2FA.
TotpVerifyRequest
¶
Bases: Struct
Payload for completing 2FA login verification.
TotpConfirmEnableRequest
¶
Bases: Struct
Payload for confirming TOTP enrollment (phase 2).
TotpConfirmEnableResponse
¶
Bases: Struct
Response returned when 2FA is successfully confirmed and persisted.
TotpDisableRequest
¶
Bases: Struct
Payload for disabling 2FA.
User CRUD schemas¶
These remain the default msgspec schemas for registration and user CRUD surfaces. UserCreate, UserRead, and
UserUpdate are also re-exported from litestar_auth.payloads for compatibility, but this module stays the canonical
home for their full API reference. UserEmailField and UserPasswordField live here as well and are the supported
aliases for sharing the built-in email/password metadata with app-owned create/update structs while the manager keeps
runtime validation for passwords.
litestar_auth.schemas
¶
Public msgspec schemas and schema helpers for litestar-auth user payloads.
Import UserEmailField and UserPasswordField from this module when
app-owned msgspec.Struct user create/update schemas should share the same
email and password metadata as the built-in UserCreate and UserUpdate
payloads.