Documentation
¶
Index ¶
- Variables
- type AccessToken
- type Account
- type AccountRepository
- type AccountStatus
- type Credential
- type CredentialRepository
- type CredentialType
- type ExpirationTokenType
- type Identity
- type IdentityRepository
- type IdentityStatus
- type IdentityType
- type RefreshToken
- type ResetPasswordRequest
- type ResetPasswordRequestRepository
- type ResetPasswordStatus
- type TokenRepository
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrAccountExists = errors.New("account exists")
View Source
var ErrAccountNotFound = errors.New("account not found")
View Source
var ErrCannotCreateAccessToken = errors.New("cannot create access token")
View Source
var ErrCannotCreateAccount = errors.New("cannot create account")
View Source
var ErrCannotCreateCredential = errors.New("cannot create credential")
View Source
var ErrCannotCreateIdentity = errors.New("cannot create identity")
View Source
var ErrCannotCreateRefreshToken = errors.New("cannot create refresh token")
View Source
var ErrCredentialNotFound = errors.New("credential not found")
View Source
var ErrIdentityExists = errors.New("identity exists")
View Source
var ErrIdentityNotFound = errors.New("identity not found")
View Source
var ErrResetPasswordRequestNotFound = errsys.New(
"reset password request not found",
"A request for resetting password was not found",
)
View Source
var ErrTokenNotExist = errors.New("token does not exist")
Functions ¶
This section is empty.
Types ¶
type AccessToken ¶
type AccessToken struct {
Token null.String `json:"token"`
Hash string `json:"hash"`
IdentityID uuid.UUID `json:"identityId"`
SessionID uuid.UUID `json:"sessionId"`
AccountID uuid.UUID `json:"accountId"`
Roles []string `json:"roles"`
Data map[string]interface{} `json:"data"`
RevokedAt null.Time `json:"revokedAt"`
ExpiresAt time.Time `json:"expiresAt"`
}
type Account ¶
type Account struct {
ID uuid.UUID `db:"id" json:"id"`
Roles []string `db:"roles" json:"roles"`
Status AccountStatus `db:"status" json:"status"`
Data map[string]interface{} `db:"data" json:"data"`
}
type AccountRepository ¶
type AccountRepository interface {
// Create creates a single new authorization account for the user.
// If the account already exists, it returns github.com/go-modulus/modulus/repository.ErrAccountExists.
// userInfo is a map of additional data to store with the account (e.g. name, phone, IP address, etc.).
Create(
ctx context.Context,
ID uuid.UUID,
roles []string,
userInfo map[string]interface{},
) (Account, error)
// Get returns the account by its ID.
// If the identity does not exist, it returns github.com/go-modulus/modulus/repository.ErrAccountNotFound.
Get(
ctx context.Context,
ID uuid.UUID,
) (Account, error)
AddRoles(
ctx context.Context,
ID uuid.UUID,
roles ...string,
) error
RemoveRoles(
ctx context.Context,
ID uuid.UUID,
roles ...string,
) error
// RemoveAccount removes the identity.
RemoveAccount(
ctx context.Context,
ID uuid.UUID,
) error
// BlockAccount blocks the identity.
BlockAccount(
ctx context.Context,
ID uuid.UUID,
) error
}
type AccountStatus ¶
type AccountStatus string
const ( AccountStatusActive AccountStatus = "active" AccountStatusBlocked AccountStatus = "blocked" )
type Credential ¶
type CredentialRepository ¶
type CredentialRepository interface {
// Create creates a new credential for the given account ID.
Create(
ctx context.Context,
accountID uuid.UUID,
credentialHash string,
credType CredentialType,
expiredAt *time.Time,
) (Credential, error)
// GetLast returns the last credential of the given type with the given identity ID.
// If the credential does not exist, it returns github.com/go-modulus/auth.ErrCredentialNotFound.
GetLast(
ctx context.Context,
accountID uuid.UUID,
credType string,
) (Credential, error)
// RemoveCredentials removes all credentials of the given account ID.
RemoveCredentials(
ctx context.Context,
accountID uuid.UUID,
) error
}
type CredentialType ¶
type CredentialType string
const CredentialTypeOTP CredentialType = "otp"
const CredentialTypePassword CredentialType = "password"
type ExpirationTokenType ¶
type ExpirationTokenType string
const ( AccessTokenType ExpirationTokenType = "access" RefreshTokenType ExpirationTokenType = "refresh" BothTokenType ExpirationTokenType = "both" )
type Identity ¶
type Identity struct {
ID uuid.UUID `db:"id" json:"id"`
Identity string `db:"identity" json:"identity"`
AccountID uuid.UUID `db:"user_id" json:"accountId"`
Type IdentityType `db:"type" json:"type"`
Status IdentityStatus `db:"status" json:"status"`
Data map[string]interface{} `db:"data" json:"data"`
}
type IdentityRepository ¶
type IdentityRepository interface {
// Create creates a new identity for the given account ID.
// If the identity already exists, it returns github.com/go-modulus/auth.ErrIdentityExists.
// If the identity cannot be created, it returns github.com/go-modulus/auth.ErrCannotCreateIdentity.
//
// The identity is a unique string that represents the user.
// It is used for login and other operations.
// It may be an email, username, or other unique identifier.
// You are able to create multiple identities for a single account.
Create(
ctx context.Context,
identity string,
accountID uuid.UUID,
identityType IdentityType,
additionalData map[string]interface{},
) (Identity, error)
// Get returns the identity with the given identity string.
// If the identity does not exist, it returns github.com/go-modulus/auth.ErrIdentityNotFound.
Get(
ctx context.Context,
identity string,
) (Identity, error)
// GetById returns the identity with the given ID.
// If the identity does not exist, it returns github.com/go-modulus/auth.ErrIdentityNotFound.
GetById(
ctx context.Context,
id uuid.UUID,
) (Identity, error)
// GetByAccountID returns the identities with the given account ID.
GetByAccountID(
ctx context.Context,
accountID uuid.UUID,
) ([]Identity, error)
// RemoveAccountIdentities removes the identities with the given account ID.
RemoveAccountIdentities(
ctx context.Context,
accountID uuid.UUID,
) error
// RemoveIdentity removes the identity.
RemoveIdentity(
ctx context.Context,
identity string,
) error
// BlockIdentity blocks the identity.
BlockIdentity(
ctx context.Context,
identity string,
) error
}
type IdentityStatus ¶
type IdentityStatus string
const ( IdentityStatusActive IdentityStatus = "active" IdentityStatusBlocked IdentityStatus = "blocked" )
type IdentityType ¶
type IdentityType string
const ( IdentityTypeEmail IdentityType = "email" IdentityTypePhone IdentityType = "phone" IdentityTypeNickname IdentityType = "nickname" )
type RefreshToken ¶
type ResetPasswordRequest ¶
type ResetPasswordRequest struct {
ID uuid.UUID `json:"id"`
AccountID uuid.UUID `json:"accountId"`
Status ResetPasswordStatus `json:"status"`
Token string `json:"token"`
IsUsed bool `json:"isUsed"`
AliveTill time.Time `json:"lifePeriod"`
CoolDownTill null.Time `json:"coolDownPeriod"`
}
func (ResetPasswordRequest) CanBeResent ¶
func (r ResetPasswordRequest) CanBeResent() bool
func (ResetPasswordRequest) IsAlive ¶
func (r ResetPasswordRequest) IsAlive() bool
type ResetPasswordRequestRepository ¶
type ResetPasswordRequestRepository interface {
// GetActiveRequest retrieves an active reset password request for the given account ID.
// If no such request exists, it returns ErrResetPasswordRequestNotFound.
GetActiveRequest(ctx context.Context, accountID uuid.UUID) (ResetPasswordRequest, error)
ExpireRequest(ctx context.Context, ID uuid.UUID) error
CreateResetPassword(ctx context.Context, id uuid.UUID, accountID uuid.UUID, token string) (
ResetPasswordRequest,
error,
)
UpdateLastSent(ctx context.Context, ID uuid.UUID) error
// GetResetPasswordByToken retrieves a reset password request by its token.
// If no such request exists, it returns ErrResetPasswordRequestNotFound.
GetResetPasswordByToken(ctx context.Context, token string) (ResetPasswordRequest, error)
UseResetPassword(ctx context.Context, ID uuid.UUID) error
}
type ResetPasswordStatus ¶
type ResetPasswordStatus string
const ( ResetPasswordStatusActive ResetPasswordStatus = "active" ResetPasswordStatusExpired ResetPasswordStatus = "expired" ResetPasswordStatusUsed ResetPasswordStatus = "used" )
type TokenRepository ¶
type TokenRepository interface {
// CreateAccessToken creates an access token.
// It returns the created access token.
// Roles in token are obtained from the account of identity.
//
// Errors:
// * ErrCannotCreateAccessToken - if the access token cannot be created.
CreateAccessToken(
ctx context.Context,
accessToken string,
identityId uuid.UUID,
roles []string,
sessionId uuid.UUID,
data map[string]interface{},
expiresAt time.Time,
) (AccessToken, error)
// CreateRefreshToken creates a refresh token.
// It returns the created refresh token.
//
// Errors:
// * ErrCannotCreateRefreshToken - if the refresh token cannot be created.
CreateRefreshToken(
ctx context.Context,
refreshToken string,
sessionID uuid.UUID,
identityID uuid.UUID,
expiresAt time.Time,
) (RefreshToken, error)
// GetRefreshToken returns the refresh token by the given token.
//
// Errors:
// * ErrTokenNotExist - if the token does not exist.
GetRefreshToken(ctx context.Context, refreshToken string) (RefreshToken, error)
// GetAccessToken returns the access token by the given token.
//
// Errors:
// * ErrTokenNotExist - if the token does not exist.
GetAccessToken(ctx context.Context, accessToken string) (AccessToken, error)
// ExpireTokens makes the valid tokens of the given session expired.
// It returns an error if the operation failed.
// Params:
// * sessionId - the session where we want to expire the tokens.
// * lag - the parameter is used to make the tokens expired in the future. It is helpful to avoid race conditions in the token refreshing.
// We make tokens expired in several seconds to get the time for frontend to refresh the tokens in local storage and get the responses from simultaneous requests to the backend without error.
// * tokenType - the type of tokens that we want to expire.
ExpireTokens(
ctx context.Context,
sessionId uuid.UUID,
lag time.Duration,
tokenType ExpirationTokenType,
) error
// RevokeSessionTokens revokes all tokens of the session by the given session ID.
// It can be used from the user settings to log out from some devices.
RevokeSessionTokens(ctx context.Context, sessionId uuid.UUID) error
// RevokeAccountTokens revokes all tokens of the user by the given account ID.
// It can be used from the user settings to log out from all devices.
RevokeAccountTokens(ctx context.Context, accountId uuid.UUID) error
}
Source Files
Click to show internal directories.
Click to hide internal directories.