auth

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2026 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrIdentityRequired = &AuthError{Message: "identity is required"}
	ErrTokenExpired     = &AuthError{Message: "token is expired"}
	ErrTokenNotYetValid = &AuthError{Message: "token is not yet valid"}
	ErrInvalidToken     = &AuthError{Message: "invalid token"}
)

Common errors

Functions

func HashSecretKey added in v1.0.2 

func HashSecretKey(secretKey string) string

HashSecretKey creates a hash of the secret key for secure storage Use this if you want to store hashed secrets instead of plain text

func ParseAPIKeyFromAuth added in v1.0.2 

func ParseAPIKeyFromAuth(authHeader string) (accessKey, secretKey string, err error)

ParseAPIKeyFromAuth parses an API key from an Authorization header Format: "Bearer API_xxx:SEC_xxx"

func RequireAnyRole 

func RequireAnyRole(user *types.User, roles ...types.UserRole) error

RequireAnyRole is a helper function that returns an error if the user doesn't have any of the roles

func RequirePermission 

func RequirePermission(user *types.User, permission types.Permission) error

RequirePermission is a helper function that returns an error if the user doesn't have the permission

func RequireRole 

func RequireRole(user *types.User, role types.UserRole) error

RequireRole is a helper function that returns an error if the user doesn't have the role

Types

type APIKey added in v1.0.2 

type APIKey struct {
	// AccessKey is the public identifier (like API Key ID)
	AccessKey string `json:"access_key"`

	// SecretKey is the private key used for signing (never expose to clients)
	SecretKey string `json:"secret_key,omitempty"`

	// Name is a friendly name for this API key
	Name string `json:"name"`

	// CreatedAt is when the key was created
	CreatedAt time.Time `json:"created_at"`

	// ExpiresAt is when the key expires (optional)
	ExpiresAt *time.Time `json:"expires_at,omitempty"`

	// IsActive indicates if the key is active
	IsActive bool `json:"is_active"`

	// Metadata for additional information
	Metadata map[string]string `json:"metadata,omitempty"`
}

APIKey represents an API key pair used for authentication

func (*APIKey) IsExpired added in v1.0.2 

func (k *APIKey) IsExpired() bool

IsExpired checks if the API key is expired

type APIKeyManager added in v1.0.2 

type APIKeyManager struct {
	// contains filtered or unexported fields
}

APIKeyManager manages API key generation and validation

func NewAPIKeyManager added in v1.0.2 

func NewAPIKeyManager(store APIKeyStore) *APIKeyManager

NewAPIKeyManager creates a new API key manager

func (*APIKeyManager) DeleteAPIKey added in v1.0.2 

func (m *APIKeyManager) DeleteAPIKey(ctx context.Context, accessKey string) error

DeleteAPIKey deletes an API key permanently

func (*APIKeyManager) GenerateAPIKey added in v1.0.2 

func (m *APIKeyManager) GenerateAPIKey(ctx context.Context, name string, expiresIn *time.Duration, metadata map[string]string) (*APIKey, error)

GenerateAPIKey generates a new API key pair The access key is like: API_xxxxxxxxxxxxxxxx The secret key is like: SEC_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

func (*APIKeyManager) GetAPIKey added in v1.0.2 

func (m *APIKeyManager) GetAPIKey(ctx context.Context, accessKey string) (*APIKey, error)

GetAPIKey retrieves an API key (without exposing secret)

func (*APIKeyManager) ListAPIKeys added in v1.0.2 

func (m *APIKeyManager) ListAPIKeys(ctx context.Context) ([]*APIKey, error)

ListAPIKeys lists all API keys (without exposing secrets)

func (*APIKeyManager) RevokeAPIKey added in v1.0.2 

func (m *APIKeyManager) RevokeAPIKey(ctx context.Context, accessKey string) error

RevokeAPIKey revokes an API key

func (*APIKeyManager) ValidateAPIKey added in v1.0.2 

func (m *APIKeyManager) ValidateAPIKey(ctx context.Context, accessKey, secretKey string) (*APIKey, error)

ValidateAPIKey validates an API key pair

type APIKeyStore added in v1.0.2 

type APIKeyStore interface {
	// StoreAPIKey stores an API key
	StoreAPIKey(ctx context.Context, key *APIKey) error

	// GetAPIKey retrieves an API key by access key
	GetAPIKey(ctx context.Context, accessKey string) (*APIKey, error)

	// ListAPIKeys lists all API keys
	ListAPIKeys(ctx context.Context) ([]*APIKey, error)

	// UpdateAPIKey updates an API key
	UpdateAPIKey(ctx context.Context, key *APIKey) error

	// DeleteAPIKey deletes an API key
	DeleteAPIKey(ctx context.Context, accessKey string) error
}

APIKeyStore is the interface for storing API keys

type AccessTokenBuilder added in v1.0.2 

type AccessTokenBuilder struct {
	// contains filtered or unexported fields
}

AccessTokenBuilder helps build access tokens for room joining

func NewAccessTokenBuilder added in v1.0.2 

func NewAccessTokenBuilder(apiKey, apiSecret string) *AccessTokenBuilder

NewAccessTokenBuilder creates a new access token builder

func (*AccessTokenBuilder) AddGrant added in v1.0.2 

func (b *AccessTokenBuilder) AddGrant(grant *VideoGrant) *AccessTokenBuilder

AddGrant adds a video grant for room access

func (*AccessTokenBuilder) Build added in v1.0.2 

func (b *AccessTokenBuilder) Build() (string, error)

Build generates the access token

func (*AccessTokenBuilder) SetCanPublish added in v1.0.2 

func (b *AccessTokenBuilder) SetCanPublish(canPublish bool) *AccessTokenBuilder

SetCanPublish sets whether the user can publish streams

func (*AccessTokenBuilder) SetCanPublishData added in v1.0.2 

func (b *AccessTokenBuilder) SetCanPublishData(canPublishData bool) *AccessTokenBuilder

SetCanPublishData sets whether the user can publish data messages

func (*AccessTokenBuilder) SetCanSubscribe added in v1.0.2 

func (b *AccessTokenBuilder) SetCanSubscribe(canSubscribe bool) *AccessTokenBuilder

SetCanSubscribe sets whether the user can subscribe to streams

func (*AccessTokenBuilder) SetEmail added in v1.0.2 

func (b *AccessTokenBuilder) SetEmail(email string) *AccessTokenBuilder

SetEmail sets the email

func (*AccessTokenBuilder) SetHidden added in v1.0.2 

func (b *AccessTokenBuilder) SetHidden(hidden bool) *AccessTokenBuilder

SetHidden sets whether the participant is hidden

func (*AccessTokenBuilder) SetIdentity added in v1.0.2 

func (b *AccessTokenBuilder) SetIdentity(identity string) *AccessTokenBuilder

SetIdentity sets the user identity (required)

func (*AccessTokenBuilder) SetMetadata added in v1.0.2 

func (b *AccessTokenBuilder) SetMetadata(metadata map[string]interface{}) *AccessTokenBuilder

SetMetadata sets custom metadata

func (*AccessTokenBuilder) SetName added in v1.0.2 

func (b *AccessTokenBuilder) SetName(name string) *AccessTokenBuilder

SetName sets the display name

func (*AccessTokenBuilder) SetNotBefore added in v1.0.2 

func (b *AccessTokenBuilder) SetNotBefore(notBefore time.Time) *AccessTokenBuilder

SetNotBefore sets the not-before time (token not valid before this time)

func (*AccessTokenBuilder) SetRecorder added in v1.0.2 

func (b *AccessTokenBuilder) SetRecorder(recorder bool) *AccessTokenBuilder

SetRecorder marks this as a recorder participant

func (*AccessTokenBuilder) SetRoomAdmin added in v1.0.2 

func (b *AccessTokenBuilder) SetRoomAdmin(isAdmin bool) *AccessTokenBuilder

SetRoomAdmin grants admin privileges

func (*AccessTokenBuilder) SetRoomCreate added in v1.0.2 

func (b *AccessTokenBuilder) SetRoomCreate(canCreate bool) *AccessTokenBuilder

SetRoomCreate allows creating rooms

func (*AccessTokenBuilder) SetRoomJoin added in v1.0.2 

func (b *AccessTokenBuilder) SetRoomJoin(roomName string) *AccessTokenBuilder

SetRoomJoin sets the room name the user can join

func (*AccessTokenBuilder) SetRoomList added in v1.0.2 

func (b *AccessTokenBuilder) SetRoomList(canList bool) *AccessTokenBuilder

SetRoomList allows listing rooms

func (*AccessTokenBuilder) SetTTL added in v1.0.2 

func (b *AccessTokenBuilder) SetTTL(ttl time.Duration) *AccessTokenBuilder

SetTTL sets the token time-to-live (expiration duration)

type AccessTokenClaims added in v1.0.2 

type AccessTokenClaims struct {
	// Standard JWT claims
	Identity  string      `json:"sub"`                // User identity/ID
	Name      string      `json:"name"`               // Display name
	Email     string      `json:"email"`              // Email (optional)
	Metadata  string      `json:"metadata,omitempty"` // Custom metadata as JSON string
	Video     *VideoGrant `json:"video,omitempty"`    // Video permissions
	IssuedAt  int64       `json:"iat"`                // Issued at (Unix timestamp)
	ExpiresAt int64       `json:"exp"`                // Expires at (Unix timestamp)
	NotBefore int64       `json:"nbf,omitempty"`      // Not valid before (Unix timestamp)
	Issuer    string      `json:"iss,omitempty"`      // Issuer (access key)
}

AccessTokenClaims represents the complete claims for a room access token

func ParseAccessToken added in v1.0.2 

func ParseAccessToken(token, apiSecret string) (*AccessTokenClaims, error)

ParseAccessToken parses and validates an access token

type AuthError added in v1.0.2 

type AuthError struct {
	Message string
}

AuthError represents an authentication error

func (*AuthError) Error added in v1.0.2 

func (e *AuthError) Error() string

type AuthRateLimiter 

type AuthRateLimiter struct {
	// contains filtered or unexported fields
}

AuthRateLimiter wraps a rate limiter with authentication-specific logic

func NewAuthRateLimiter 

func NewAuthRateLimiter() *AuthRateLimiter

NewAuthRateLimiter creates a new authentication rate limiter with default settings

func (*AuthRateLimiter) AllowGeneralAuth 

func (arl *AuthRateLimiter) AllowGeneralAuth(ctx context.Context, userID string) error

AllowGeneralAuth checks if a general auth operation is allowed

func (*AuthRateLimiter) AllowLogin 

func (arl *AuthRateLimiter) AllowLogin(ctx context.Context, key string) error

AllowLogin checks if a login attempt is allowed

func (*AuthRateLimiter) AllowTokenRefresh 

func (arl *AuthRateLimiter) AllowTokenRefresh(ctx context.Context, userID string) error

AllowTokenRefresh checks if a token refresh is allowed

func (*AuthRateLimiter) ResetGeneralAuth 

func (arl *AuthRateLimiter) ResetGeneralAuth(ctx context.Context, userID string) error

ResetGeneralAuth resets the general auth rate limit for a user

func (*AuthRateLimiter) ResetLogin 

func (arl *AuthRateLimiter) ResetLogin(ctx context.Context, key string) error

ResetLogin resets the login rate limit for a key

func (*AuthRateLimiter) ResetTokenRefresh 

func (arl *AuthRateLimiter) ResetTokenRefresh(ctx context.Context, userID string) error

ResetTokenRefresh resets the token refresh rate limit for a user

type Authenticator 

type Authenticator interface {
	// Authenticate authenticates a user with credentials and returns an auth token
	Authenticate(ctx context.Context, credentials *types.Credentials) (*types.AuthToken, error)

	// ValidateToken validates an access token and returns the user claims
	ValidateToken(ctx context.Context, token string) (*TokenClaims, error)

	// RefreshToken refreshes an access token using a refresh token
	RefreshToken(ctx context.Context, refreshToken string) (*types.AuthToken, error)

	// RevokeToken revokes a token (logout)
	RevokeToken(ctx context.Context, token string) error
}

Authenticator is the interface for authentication providers

type Authorizer 

type Authorizer interface {
	// Authorize checks if a user has permission to perform an action on a resource
	Authorize(ctx context.Context, user *types.User, permission types.Permission, resourceID string) error

	// HasPermission checks if a user has a specific permission
	HasPermission(user *types.User, permission types.Permission) bool

	// HasRole checks if a user has a specific role
	HasRole(user *types.User, role types.UserRole) bool

	// HasAnyRole checks if a user has any of the specified roles
	HasAnyRole(user *types.User, roles ...types.UserRole) bool
}

Authorizer is the interface for authorization

type InMemoryTokenStore 

type InMemoryTokenStore struct {
	// contains filtered or unexported fields
}

InMemoryTokenStore is an in-memory implementation of TokenStore for testing

func NewInMemoryTokenStore 

func NewInMemoryTokenStore() *InMemoryTokenStore

NewInMemoryTokenStore creates a new in-memory token store

func (*InMemoryTokenStore) CleanExpiredTokens 

func (s *InMemoryTokenStore) CleanExpiredTokens(ctx context.Context) error

CleanExpiredTokens removes expired tokens

func (*InMemoryTokenStore) IsTokenRevoked 

func (s *InMemoryTokenStore) IsTokenRevoked(ctx context.Context, token string) (bool, error)

IsTokenRevoked checks if a token is revoked

func (*InMemoryTokenStore) RevokeToken 

func (s *InMemoryTokenStore) RevokeToken(ctx context.Context, token string) error

RevokeToken revokes a token

func (*InMemoryTokenStore) StoreToken 

func (s *InMemoryTokenStore) StoreToken(ctx context.Context, token string, userID string, expiresAt time.Time) error

StoreToken stores a token

type InMemoryUserStore 

type InMemoryUserStore struct {
	// contains filtered or unexported fields
}

InMemoryUserStore is an in-memory implementation of UserStore for testing

func NewInMemoryUserStore 

func NewInMemoryUserStore() *InMemoryUserStore

NewInMemoryUserStore creates a new in-memory user store

func (*InMemoryUserStore) CreateUser 

func (s *InMemoryUserStore) CreateUser(ctx context.Context, user *types.User, password string) error

CreateUser creates a new user

func (*InMemoryUserStore) DeleteUser 

func (s *InMemoryUserStore) DeleteUser(ctx context.Context, userID string) error

DeleteUser deletes a user

func (*InMemoryUserStore) GetUserByID 

func (s *InMemoryUserStore) GetUserByID(ctx context.Context, userID string) (*types.User, error)

GetUserByID gets a user by ID

func (*InMemoryUserStore) GetUserByUsername 

func (s *InMemoryUserStore) GetUserByUsername(ctx context.Context, username string) (*types.User, error)

GetUserByUsername gets a user by username or email

func (*InMemoryUserStore) UpdatePassword 

func (s *InMemoryUserStore) UpdatePassword(ctx context.Context, userID string, newPassword string) error

UpdatePassword updates a user's password

func (*InMemoryUserStore) UpdateUser 

func (s *InMemoryUserStore) UpdateUser(ctx context.Context, user *types.User) error

UpdateUser updates a user

func (*InMemoryUserStore) ValidatePassword 

func (s *InMemoryUserStore) ValidatePassword(ctx context.Context, userID string, password string) (bool, error)

ValidatePassword validates a user's password

type JWTAuthenticator 

type JWTAuthenticator struct {
	// contains filtered or unexported fields
}

JWTAuthenticator implements the Authenticator interface using JWT tokens

func NewJWTAuthenticator 

func NewJWTAuthenticator(secret string, userStore UserStore, tokenStore TokenStore) *JWTAuthenticator

NewJWTAuthenticator creates a new JWT authenticator

func (*JWTAuthenticator) Authenticate 

func (j *JWTAuthenticator) Authenticate(ctx context.Context, credentials *types.Credentials) (*types.AuthToken, error)

Authenticate authenticates a user with credentials and returns an auth token

func (*JWTAuthenticator) RefreshToken 

func (j *JWTAuthenticator) RefreshToken(ctx context.Context, refreshToken string) (*types.AuthToken, error)

RefreshToken refreshes an access token using a refresh token

func (*JWTAuthenticator) RevokeToken 

func (j *JWTAuthenticator) RevokeToken(ctx context.Context, token string) error

RevokeToken revokes a token (logout)

func (*JWTAuthenticator) SetAccessExpiry 

func (j *JWTAuthenticator) SetAccessExpiry(duration time.Duration)

SetAccessExpiry sets the access token expiry duration

func (*JWTAuthenticator) SetRefreshExpiry 

func (j *JWTAuthenticator) SetRefreshExpiry(duration time.Duration)

SetRefreshExpiry sets the refresh token expiry duration

func (*JWTAuthenticator) ValidateToken 

func (j *JWTAuthenticator) ValidateToken(ctx context.Context, token string) (*TokenClaims, error)

ValidateToken validates an access token and returns the user claims

type MemoryAPIKeyStore added in v1.0.2 

type MemoryAPIKeyStore struct {
	// contains filtered or unexported fields
}

MemoryAPIKeyStore is an in-memory implementation of APIKeyStore

func NewMemoryAPIKeyStore added in v1.0.2 

func NewMemoryAPIKeyStore() *MemoryAPIKeyStore

NewMemoryAPIKeyStore creates a new in-memory API key store

func (*MemoryAPIKeyStore) DeleteAPIKey added in v1.0.2 

func (s *MemoryAPIKeyStore) DeleteAPIKey(ctx context.Context, accessKey string) error

DeleteAPIKey deletes an API key

func (*MemoryAPIKeyStore) GetAPIKey added in v1.0.2 

func (s *MemoryAPIKeyStore) GetAPIKey(ctx context.Context, accessKey string) (*APIKey, error)

GetAPIKey retrieves an API key by access key

func (*MemoryAPIKeyStore) ListAPIKeys added in v1.0.2 

func (s *MemoryAPIKeyStore) ListAPIKeys(ctx context.Context) ([]*APIKey, error)

ListAPIKeys lists all API keys

func (*MemoryAPIKeyStore) StoreAPIKey added in v1.0.2 

func (s *MemoryAPIKeyStore) StoreAPIKey(ctx context.Context, key *APIKey) error

StoreAPIKey stores an API key

func (*MemoryAPIKeyStore) UpdateAPIKey added in v1.0.2 

func (s *MemoryAPIKeyStore) UpdateAPIKey(ctx context.Context, key *APIKey) error

UpdateAPIKey updates an API key

type RBACAuthorizer 

type RBACAuthorizer struct {
}

RBACAuthorizer implements role-based access control authorization

func NewRBACAuthorizer 

func NewRBACAuthorizer() *RBACAuthorizer

NewRBACAuthorizer creates a new RBAC authorizer

func (*RBACAuthorizer) Authorize 

func (a *RBACAuthorizer) Authorize(ctx context.Context, user *types.User, permission types.Permission, resourceID string) error

Authorize checks if a user has permission to perform an action on a resource

func (*RBACAuthorizer) HasAnyRole 

func (a *RBACAuthorizer) HasAnyRole(user *types.User, roles ...types.UserRole) bool

HasAnyRole checks if a user has any of the specified roles

func (*RBACAuthorizer) HasPermission 

func (a *RBACAuthorizer) HasPermission(user *types.User, permission types.Permission) bool

HasPermission checks if a user has a specific permission

func (*RBACAuthorizer) HasRole 

func (a *RBACAuthorizer) HasRole(user *types.User, role types.UserRole) bool

HasRole checks if a user has a specific role

type RateLimiter 

type RateLimiter interface {
	// Allow checks if an action is allowed for a key
	Allow(ctx context.Context, key string) (bool, error)

	// Reset resets the rate limit for a key
	Reset(ctx context.Context, key string) error
}

RateLimiter is the interface for rate limiting

type Session 

type Session struct {
	// SessionID is the unique session identifier
	SessionID string

	// UserID is the user's ID
	UserID string

	// User is the user information
	User *types.User

	// CreatedAt is when the session was created
	CreatedAt time.Time

	// ExpiresAt is when the session expires
	ExpiresAt time.Time

	// LastAccessedAt is when the session was last accessed
	LastAccessedAt time.Time

	// Metadata contains custom session data
	Metadata map[string]interface{}
}

Session represents an authenticated user session

func (*Session) IsExpired 

func (s *Session) IsExpired() bool

IsExpired checks if the session is expired

func (*Session) IsIdle 

func (s *Session) IsIdle(idleTimeout time.Duration) bool

IsIdle checks if the session has been idle for longer than the given duration

type SessionManager 

type SessionManager struct {
	// contains filtered or unexported fields
}

SessionManager manages user sessions

func NewSessionManager 

func NewSessionManager() *SessionManager

NewSessionManager creates a new session manager

func (*SessionManager) CleanExpiredSessions 

func (sm *SessionManager) CleanExpiredSessions(ctx context.Context) error

CleanExpiredSessions removes all expired and idle sessions

func (*SessionManager) CreateSession 

func (sm *SessionManager) CreateSession(ctx context.Context, sessionID string, user *types.User) (*Session, error)

CreateSession creates a new session for a user

func (*SessionManager) DeleteSession 

func (sm *SessionManager) DeleteSession(ctx context.Context, sessionID string) error

DeleteSession deletes a session

func (*SessionManager) DeleteUserSessions 

func (sm *SessionManager) DeleteUserSessions(ctx context.Context, userID string) error

DeleteUserSessions deletes all sessions for a user

func (*SessionManager) GetSession 

func (sm *SessionManager) GetSession(ctx context.Context, sessionID string) (*Session, error)

GetSession retrieves a session by session ID

func (*SessionManager) GetUserSessions 

func (sm *SessionManager) GetUserSessions(ctx context.Context, userID string) ([]*Session, error)

GetUserSessions retrieves all sessions for a user

func (*SessionManager) SessionCount 

func (sm *SessionManager) SessionCount() int

SessionCount returns the total number of active sessions

func (*SessionManager) SetIdleTimeout 

func (sm *SessionManager) SetIdleTimeout(duration time.Duration)

SetIdleTimeout sets the idle timeout duration

func (*SessionManager) SetSessionExpiry 

func (sm *SessionManager) SetSessionExpiry(duration time.Duration)

SetSessionExpiry sets the session expiry duration

func (*SessionManager) UserSessionCount 

func (sm *SessionManager) UserSessionCount(userID string) int

UserSessionCount returns the number of active sessions for a specific user

type TokenBucketLimiter 

type TokenBucketLimiter struct {
	// contains filtered or unexported fields
}

TokenBucketLimiter implements token bucket rate limiting

func NewTokenBucketLimiter 

func NewTokenBucketLimiter(capacity int, refillRate int, refillPeriod time.Duration) *TokenBucketLimiter

NewTokenBucketLimiter creates a new token bucket rate limiter capacity: maximum number of tokens in the bucket refillRate: number of tokens to add per refill period refillPeriod: how often to refill tokens (e.g., 1 second)

func (*TokenBucketLimiter) Allow 

func (rl *TokenBucketLimiter) Allow(ctx context.Context, key string) (bool, error)

Allow checks if an action is allowed for a key

func (*TokenBucketLimiter) CleanupOldBuckets 

func (rl *TokenBucketLimiter) CleanupOldBuckets(maxAge time.Duration)

CleanupOldBuckets removes buckets that haven't been used recently

func (*TokenBucketLimiter) Reset 

func (rl *TokenBucketLimiter) Reset(ctx context.Context, key string) error

Reset resets the rate limit for a key

type TokenClaims 

type TokenClaims struct {
	// UserID is the unique identifier of the user
	UserID string

	// Username is the username
	Username string

	// Email is the user's email
	Email string

	// Role is the user's role
	Role types.UserRole

	// IssuedAt is when the token was issued
	IssuedAt time.Time

	// ExpiresAt is when the token expires
	ExpiresAt time.Time

	// Custom claims
	Custom map[string]interface{}
}

TokenClaims represents the claims in a JWT token

func (*TokenClaims) IsExpired 

func (c *TokenClaims) IsExpired() bool

IsExpired checks if the token is expired

func (*TokenClaims) TimeUntilExpiry 

func (c *TokenClaims) TimeUntilExpiry() time.Duration

TimeUntilExpiry returns the duration until the token expires

type TokenStore 

type TokenStore interface {
	// StoreToken stores a token
	StoreToken(ctx context.Context, token string, userID string, expiresAt time.Time) error

	// IsTokenRevoked checks if a token is revoked
	IsTokenRevoked(ctx context.Context, token string) (bool, error)

	// RevokeToken revokes a token
	RevokeToken(ctx context.Context, token string) error

	// CleanExpiredTokens removes expired tokens
	CleanExpiredTokens(ctx context.Context) error
}

TokenStore is the interface for token storage (for revocation)

type UserStore 

type UserStore interface {
	// GetUserByUsername gets a user by username or email
	GetUserByUsername(ctx context.Context, username string) (*types.User, error)

	// GetUserByID gets a user by ID
	GetUserByID(ctx context.Context, userID string) (*types.User, error)

	// CreateUser creates a new user
	CreateUser(ctx context.Context, user *types.User, password string) error

	// UpdateUser updates a user
	UpdateUser(ctx context.Context, user *types.User) error

	// DeleteUser deletes a user
	DeleteUser(ctx context.Context, userID string) error

	// ValidatePassword validates a user's password
	ValidatePassword(ctx context.Context, userID string, password string) (bool, error)

	// UpdatePassword updates a user's password
	UpdatePassword(ctx context.Context, userID string, newPassword string) error
}

UserStore is the interface for user storage

type VideoGrant added in v1.0.2 

type VideoGrant struct {
	// RoomJoin allows joining a specific room
	RoomJoin bool `json:"room_join,omitempty"`

	// Room specifies the room name (required if RoomJoin is true)
	Room string `json:"room,omitempty"`

	// RoomCreate allows creating rooms
	RoomCreate bool `json:"room_create,omitempty"`

	// RoomList allows listing rooms
	RoomList bool `json:"room_list,omitempty"`

	// RoomAdmin grants admin privileges in the room
	RoomAdmin bool `json:"room_admin,omitempty"`

	// CanPublish allows publishing streams
	CanPublish bool `json:"can_publish,omitempty"`

	// CanSubscribe allows subscribing to streams
	CanSubscribe bool `json:"can_subscribe,omitempty"`

	// CanPublishData allows publishing data messages
	CanPublishData bool `json:"can_publish_data,omitempty"`

	// Hidden joins the room without being visible to others
	Hidden bool `json:"hidden,omitempty"`

	// Recorder identifies this as a recorder participant
	Recorder bool `json:"recorder,omitempty"`
}

VideoGrant represents permissions for video room access

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.