Boost.UUID
Authentication Library
Boost.UUID
Overview
Boost.UUID is a UUID (Universally Unique Identifier) generation library for C++. It generates RFC 4122-compliant 128-bit unique identifiers and is widely used for generating user IDs, session IDs, API keys, and other identifiers in authentication systems. It supports multiple generation methods including cryptographically secure random generators and guarantees uniqueness in distributed systems. As of 2025, it continues active development as part of the Boost libraries.
Details
Boost.UUID is a comprehensive library for generating and manipulating UUIDs in C++ applications. It features the following key characteristics:
- RFC Compliance: Full compliance with RFC 4122 and RFC 9562 for UUID generation
- Multiple Generation Methods: Support for random, time-based, name-based, and nil UUIDs
- Cryptographic Security: Secure identifier generation using crypto-secure pseudo-random number generators
- Header-Only: Can be used by simply including headers without requiring building
- Thread-Safe: Safe usage in multi-threaded environments
- Distributed System Support: Guarantees uniqueness without centralized coordination
Pros and Cons
Pros
- Reliable UUID generation compliant with RFC standards
- High security through cryptographically secure random number generation
- Easy introduction and building as a header-only library
- Extremely low collision risk with uniqueness guarantee in distributed systems
- Rich generation options (time-based, name-based, etc.)
- Good integration with C++ standard library
Cons
- Cannot be used in languages other than C++
- May require dependency on entire Boost library in some cases
- UUID size (128 bits) is larger than sequential integers
- Generated IDs are unpredictable and difficult for humans to read
- Generation cost may be a consideration in performance-critical scenarios
- Learning curve for understanding different UUID generation methods
Reference Pages
Code Examples
Basic UUID Generation
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <iostream>
int main() {
// Random UUID generator
boost::uuids::random_generator gen;
// Generate UUID
boost::uuids::uuid id = gen();
// Output as string
std::cout << "Generated UUID: " << id << std::endl;
// Example: 67e55044-10b1-426f-9247-bb680e5fe0c8
return 0;
}
Using Various UUID Generators
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <iostream>
#include <string>
int main() {
// 1. Random UUID (most common)
boost::uuids::random_generator random_gen;
boost::uuids::uuid random_id = random_gen();
std::cout << "Random UUID: " << random_id << std::endl;
// 2. Nil UUID (all zeros)
boost::uuids::nil_generator nil_gen;
boost::uuids::uuid nil_id = nil_gen();
std::cout << "Nil UUID: " << nil_id << std::endl;
// 3. Generate UUID from string
boost::uuids::string_generator string_gen;
boost::uuids::uuid string_id = string_gen("01234567-89ab-cdef-0123-456789abcdef");
std::cout << "String UUID: " << string_id << std::endl;
// 4. Name-based UUID (MD5 hash-based)
boost::uuids::name_generator_md5 name_gen(boost::uuids::ns::dns());
boost::uuids::uuid name_id = name_gen("example.com");
std::cout << "Name-based UUID: " << name_id << std::endl;
return 0;
}
User ID Generation in Authentication System
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <unordered_map>
#include <string>
#include <iostream>
class UserManager {
private:
boost::uuids::random_generator uuid_gen;
std::unordered_map<std::string, std::string> users; // UUID -> username
public:
std::string createUser(const std::string& username) {
// Generate new user ID
boost::uuids::uuid user_id = uuid_gen();
std::string id_string = boost::uuids::to_string(user_id);
// Register user
users[id_string] = username;
std::cout << "Created user '" << username
<< "' with ID: " << id_string << std::endl;
return id_string;
}
bool authenticateUser(const std::string& user_id) {
return users.find(user_id) != users.end();
}
std::string getUsername(const std::string& user_id) {
auto it = users.find(user_id);
return (it != users.end()) ? it->second : "";
}
};
int main() {
UserManager manager;
// Create users
std::string alice_id = manager.createUser("alice");
std::string bob_id = manager.createUser("bob");
// Verify authentication
if (manager.authenticateUser(alice_id)) {
std::cout << "Alice authenticated successfully" << std::endl;
}
return 0;
}
Session Management System
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <unordered_map>
#include <chrono>
#include <string>
#include <iostream>
struct Session {
std::string user_id;
std::chrono::steady_clock::time_point created_at;
std::chrono::steady_clock::time_point expires_at;
bool isValid() const {
return std::chrono::steady_clock::now() < expires_at;
}
};
class SessionManager {
private:
boost::uuids::random_generator uuid_gen;
std::unordered_map<std::string, Session> sessions;
std::chrono::minutes session_duration{30}; // 30-minute session duration
public:
std::string createSession(const std::string& user_id) {
// Generate session ID
boost::uuids::uuid session_uuid = uuid_gen();
std::string session_id = boost::uuids::to_string(session_uuid);
// Create session
auto now = std::chrono::steady_clock::now();
sessions[session_id] = {
user_id,
now,
now + session_duration
};
std::cout << "Created session " << session_id
<< " for user " << user_id << std::endl;
return session_id;
}
bool validateSession(const std::string& session_id) {
auto it = sessions.find(session_id);
if (it == sessions.end()) {
return false;
}
if (!it->second.isValid()) {
sessions.erase(it); // Remove expired session
return false;
}
return true;
}
std::string getUserFromSession(const std::string& session_id) {
auto it = sessions.find(session_id);
return (it != sessions.end() && it->second.isValid()) ? it->second.user_id : "";
}
void invalidateSession(const std::string& session_id) {
sessions.erase(session_id);
std::cout << "Session " << session_id << " invalidated" << std::endl;
}
};
int main() {
SessionManager session_mgr;
// Create session
std::string session = session_mgr.createSession("user123");
// Validate session
if (session_mgr.validateSession(session)) {
std::string user = session_mgr.getUserFromSession(session);
std::cout << "Valid session for user: " << user << std::endl;
}
// Invalidate session
session_mgr.invalidateSession(session);
return 0;
}
API Key Generation System
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <unordered_map>
#include <vector>
#include <string>
#include <iostream>
enum class APIKeyScope {
READ_ONLY,
READ_WRITE,
ADMIN
};
struct APIKey {
std::string key;
std::string user_id;
APIKeyScope scope;
bool active;
APIKey(const std::string& k, const std::string& uid, APIKeyScope s)
: key(k), user_id(uid), scope(s), active(true) {}
};
class APIKeyManager {
private:
boost::uuids::random_generator uuid_gen;
std::unordered_map<std::string, APIKey> api_keys;
public:
std::string generateAPIKey(const std::string& user_id, APIKeyScope scope) {
// Generate API key (with prefix)
boost::uuids::uuid key_uuid = uuid_gen();
std::string api_key = "ak_" + boost::uuids::to_string(key_uuid);
// Register API key
api_keys.emplace(api_key, APIKey(api_key, user_id, scope));
std::cout << "Generated API key: " << api_key
<< " for user: " << user_id << std::endl;
return api_key;
}
bool validateAPIKey(const std::string& api_key, APIKeyScope required_scope) {
auto it = api_keys.find(api_key);
if (it == api_keys.end() || !it->second.active) {
return false;
}
// Check scope (ADMIN > READ_WRITE > READ_ONLY)
int current_level = static_cast<int>(it->second.scope);
int required_level = static_cast<int>(required_scope);
return current_level >= required_level;
}
void revokeAPIKey(const std::string& api_key) {
auto it = api_keys.find(api_key);
if (it != api_keys.end()) {
it->second.active = false;
std::cout << "API key " << api_key << " revoked" << std::endl;
}
}
std::vector<std::string> listAPIKeysForUser(const std::string& user_id) {
std::vector<std::string> user_keys;
for (const auto& pair : api_keys) {
if (pair.second.user_id == user_id && pair.second.active) {
user_keys.push_back(pair.first);
}
}
return user_keys;
}
};
int main() {
APIKeyManager api_mgr;
// Generate API keys
std::string read_key = api_mgr.generateAPIKey("user123", APIKeyScope::READ_ONLY);
std::string admin_key = api_mgr.generateAPIKey("admin456", APIKeyScope::ADMIN);
// Validate API keys
if (api_mgr.validateAPIKey(read_key, APIKeyScope::READ_ONLY)) {
std::cout << "Read access granted" << std::endl;
}
if (!api_mgr.validateAPIKey(read_key, APIKeyScope::ADMIN)) {
std::cout << "Admin access denied for read-only key" << std::endl;
}
return 0;
}
UUID String Conversion and Comparison
#include <boost/uuid/uuid.hpp>
#include <boost/uuid/uuid_generators.hpp>
#include <boost/uuid/uuid_io.hpp>
#include <boost/lexical_cast.hpp>
#include <iostream>
#include <string>
int main() {
boost::uuids::random_generator gen;
// Generate UUIDs
boost::uuids::uuid id1 = gen();
boost::uuids::uuid id2 = gen();
// String conversion (multiple methods)
std::string str1 = boost::uuids::to_string(id1);
std::string str2 = boost::lexical_cast<std::string>(id1);
std::cout << "UUID to string: " << str1 << std::endl;
std::cout << "Lexical cast: " << str2 << std::endl;
// String to UUID
boost::uuids::string_generator string_gen;
boost::uuids::uuid id3 = string_gen(str1);
// Comparison
if (id1 == id3) {
std::cout << "UUIDs match after string conversion" << std::endl;
}
if (id1 != id2) {
std::cout << "Different UUIDs are not equal" << std::endl;
}
// UUID size and raw bytes
std::cout << "UUID size: " << sizeof(boost::uuids::uuid) << " bytes" << std::endl;
std::cout << "UUID data: ";
for (auto byte : id1) {
std::cout << std::hex << static_cast<int>(byte) << " ";
}
std::cout << std::endl;
return 0;
}