auth

package
v0.0.0-...-c8a3e49 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 27, 2026 License: MPL-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrUserNotFound = errors.New("user not found")

Functions

func RequirePermission 

func RequirePermission(casbinEnforcer *casbin.Enforcer, user *AuthenticatedUser, object, action string) error

Types

type AuthConfig 

type AuthConfig struct {
	AuthMode      string `json:"auth_mode"`
	LogtoEnabled  bool   `json:"logto_enabled"`
	HasLocalUsers bool   `json:"has_local_users"`
}

type AuthMeData 

type AuthMeData struct {
	ID              uint64              `json:"id"`
	Username        string              `json:"username"`
	DisplayName     *string             `json:"display_name,omitempty"`
	Roles           []string            `json:"roles,omitempty"`
	Permissions     map[string][]string `json:"permissions,omitempty"`
	ExternalSubject *string             `json:"external_subject,omitempty"`
}

type AuthenticatedUser 

type AuthenticatedUser struct {
	ID              uint64   `json:"id"`
	Username        string   `json:"username"`
	Roles           []string `json:"roles,omitempty"`
	Scopes          []string `json:"scopes,omitempty"`
	DisplayName     *string  `json:"display_name,omitempty"`
	ExternalSubject *string  `json:"external_subject,omitempty"`
}

type Claims 

type Claims struct {
	Subject        string
	Name           *string
	Email          *string
	ExpiresAt      time.Time
	Scope          string
	Scopes         []string
	Audience       []string
	ClientID       string
	OrganizationID *string
}

type LoginRequest 

type LoginRequest struct {
	Username string `json:"username" binding:"required"`
	Password string `json:"password" binding:"required"`
}

type LoginResponse 

type LoginResponse struct {
	Token     string      `json:"token"`
	ExpiresAt int64       `json:"expires_at"`
	User      *AuthMeData `json:"user,omitempty"`
}

type LogtoVerifier 

type LogtoVerifier interface {
	Verify(ctx context.Context, token string) (*Claims, error)
	VerifyIDToken(ctx context.Context, token string) (*Claims, error)
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func ProvideService 

func ProvideService(
	userRepo UserStore,
	jwtService *authtoken.JWTService,
	pwdService *authtoken.PasswordService,
	casbinEnforcer *casbin.Enforcer,
	cfg config.Config,
	blacklist *authtoken.BlacklistService,
	logtoVerifier LogtoVerifier,
) (*Service, error)

func (*Service) Authenticate 

func (u *Service) Authenticate(ctx context.Context, tokenString string) (*AuthenticatedUser, error)

func (*Service) GetConfig 

func (u *Service) GetConfig(ctx context.Context) *AuthConfig

func (*Service) Login 

func (u *Service) Login(ctx context.Context, req *LoginRequest) (*LoginResponse, error)

func (*Service) LoginWithLogto 

func (u *Service) LoginWithLogto(ctx context.Context, subject string, email *string) (*LoginResponse, error)

func (*Service) Logout 

func (u *Service) Logout(ctx context.Context, tokenString string) error

func (*Service) Me 

func (u *Service) Me(ctx context.Context, tokenString string) (*AuthMeData, error)

func (*Service) RequireAdmin 

func (u *Service) RequireAdmin(user *AuthenticatedUser) error

func (*Service) RequireClient 

func (u *Service) RequireClient(user *AuthenticatedUser) error

func (*Service) VerifyLogtoIDToken 

func (u *Service) VerifyLogtoIDToken(ctx context.Context, idToken string) (*Claims, error)

func (*Service) VerifyLogtoToken 

func (u *Service) VerifyLogtoToken(ctx context.Context, accessToken string) (*Claims, error)

type TokenVerifier 

type TokenVerifier interface {
	Verify(ctx context.Context, token string) (*Claims, error)
}

type User 

type User struct {
	ID              uint64  `json:"id"`
	Username        string  `json:"username"`
	Status          string  `json:"status"`
	DisplayName     *string `json:"display_name,omitempty"`
	AuthProvider    *string `json:"auth_provider,omitempty"`
	ExternalSubject *string `json:"external_subject,omitempty"`
}

type UserStore 

type UserStore interface {
	FindByID(ctx context.Context, id uint64) (*User, error)
	FindByUsername(ctx context.Context, username string) (*User, error)
	FindByExternalSubject(ctx context.Context, sub string) (*User, error)
	Create(ctx context.Context, user *User, passwordHash string) error
	UpdatePassword(ctx context.Context, id uint64, hash string) error
	UpdateStatus(ctx context.Context, id uint64, status string) error
	HasUsers(ctx context.Context) (bool, error)
	LinkExternalSubject(ctx context.Context, userID uint64, sub string) error
	EnsureDefaultAdmin(ctx context.Context, defaultPWHash string) (uint64, error)
	VerifyPassword(ctx context.Context, username, password string) (*User, bool, error)
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.