Documentation
¶
Overview ¶
Package admin provides the web admin backend for Lore.
It mounts OAuth2 authentication, JWT session management, RBAC middleware, and REST API endpoints under the /admin/ prefix on an existing http.ServeMux. Call admin.Mount(mux, cfg) from cmdServe() after building AdminConfig.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Mount ¶
func Mount(mux *http.ServeMux, cfg AdminConfig)
Mount registers all admin routes on the given mux. Routes are registered under /admin/* prefix. Call this from cmdServe() after constructing AdminConfig.
func NewGitHubOAuthConfig ¶
NewGitHubOAuthConfig builds an oauth2.Config for GitHub authentication. redirectURL must be the full callback URL, e.g. "http://host/admin/auth/callback/github".
func NewGoogleOAuthConfig ¶
NewGoogleOAuthConfig builds an oauth2.Config for Google authentication. redirectURL must be the full callback URL, e.g. "http://host/admin/auth/callback/google".
Types ¶
type AdminConfig ¶
type AdminConfig struct {
Store AdminStore
JWTSecret []byte // from LORE_JWT_SECRET or auto-generated
GoogleClientID string // from LORE_GOOGLE_CLIENT_ID
GoogleClientSecret string // from LORE_GOOGLE_CLIENT_SECRET
GitHubClientID string // from LORE_GITHUB_CLIENT_ID
GitHubClientSecret string // from LORE_GITHUB_CLIENT_SECRET
DevAuth bool // --dev-auth flag
CookieSecure bool // session/oauth cookie Secure attribute
BaseURL string // e.g. "http://localhost:7437"
GoogleOAuth *oauth2.Config // nil if creds not configured
GithubOAuth *oauth2.Config // nil if creds not configured
}
AdminConfig holds all configuration needed by the admin package.
type AdminStore ¶
type AdminStore interface {
ListSkillsForAudit(params store.ListSkillsParams) ([]store.Skill, error)
GetSkillForAudit(name string) (*store.Skill, error)
CreateSkill(params store.CreateSkillParams) (*store.Skill, error)
ProposeSkill(params store.ProposeSkillParams) (*store.Skill, error)
ResubmitSkill(name string, params store.ResubmitSkillParams) (*store.Skill, error)
ReviewSkill(name string, params store.ReviewSkillParams) (*store.Skill, error)
DisableSkill(name string, params store.DisableSkillParams) (*store.Skill, error)
UpdateSkill(name string, params store.UpdateSkillParams) (*store.Skill, error)
DeleteSkill(name, changedBy string) error
ListStacks() ([]store.Stack, error)
CreateStack(name, displayName string) (*store.Stack, error)
DeleteStack(id int64) error
ListCategories() ([]store.Category, error)
CreateCategory(name, displayName string) (*store.Category, error)
DeleteCategory(id int64) error
AdminStats() (store.AdminStats, error)
ListProjectsWithStats() ([]store.ProjectStats, error)
UpsertUser(email, name, avatarURL, provider string) (*store.User, error)
CreatePendingUser(email, name, passwordHash string) (*store.User, error)
GetUserByEmail(email string) (*store.User, error)
GetUserAuthByEmail(email string) (*store.UserAuth, error)
GetUserByID(id int64) (*store.User, error)
ListUsers() ([]store.User, error)
UpdateUserRole(id int64, role string) (*store.User, error)
UpdateUserStatusRole(id int64, status, role string) (*store.User, error)
}
Source Files