use SecretString for password and user token

Cargo.lock

@@ -485,6 +485,7 @@ dependencies = [
  "axum",
  "color-eyre",
  "ldap3",
+ "secrecy",
  "sqlx",
  "tokio",
  "tracing",
@@ -1547,6 +1548,15 @@ dependencies = [
  "untrusted 0.9.0",
 ]
 
+[[package]]
+name = "secrecy"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e"
+dependencies = [
+ "zeroize",
+]
+
 [[package]]
 name = "security-framework"
 version = "2.9.2"

Cargo.toml

@@ -17,6 +17,7 @@ opt-level = 3
 axum = "0.7.4"
 color-eyre = { version = "0.6.2" }
 ldap3 = { version = "0.11.3", default-features = false, features = ["tls-rustls"] }
+secrecy = "0.8.0"
 sqlx = { version = "0.7.3", features = ["runtime-tokio", "tls-rustls"] }
 tokio = { version = "1.36.0", features = ["macros", "rt-multi-thread"] }
 tracing = "0.1.40"

src/auth.rs

@@ -1,3 +1,11 @@
+use secrecy::SecretString;
+
+#[derive(Clone)]
+pub struct Password(pub SecretString);
+
+#[derive(Clone)]
+pub struct UserToken(pub SecretString);
+
 pub struct Authenticator {
     // TODO
 }
@@ -7,7 +15,7 @@ impl Authenticator {
         Self {}
     }
 
-    pub fn create_user_token(username: &str, password: &str) -> String {
+    pub fn create_user_token(username: &str, password: &str) -> UserToken {
         todo!()
     }
 }