Documentation ¶
Index ¶
- func CheckPasswordHash(password, hash string) bool
- func GetJwtClaims(tokenString string, tokenType string) (claimValues models.JwtClaims, err error)
- func HashPassword(password string) (string, error)
- func Login(res http.ResponseWriter, req *http.Request)
- func Logout(res http.ResponseWriter, req *http.Request)
- func RefreshJwt(res http.ResponseWriter, req *http.Request)
- func Register(res http.ResponseWriter, req *http.Request)
- func VerifyJwt(res http.ResponseWriter, req *http.Request)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckPasswordHash ¶
Verify password hash using bcrypt
func GetJwtClaims ¶
Accepts a JSON Web Token string, the tokenType ("refresh" or "access), and returns the token's claim values mapped to a JwtClaims struct.
func Login ¶
func Login(res http.ResponseWriter, req *http.Request)
Verify that provided user credentials are correct. If yes, generate two JSON Web Tokens. One token ("access") is for accessing API endpoints and the other ("refresh") is for refreshing access tokens. Return the JWT strings as values in the access_token and refresh_token cookies.
func Logout ¶
func Logout(res http.ResponseWriter, req *http.Request)
Logs out user by deleting their access_token and refresh_token cookies. The associated JWTs are also added to a blocklist until their timeout period has finished.
func RefreshJwt ¶
func RefreshJwt(res http.ResponseWriter, req *http.Request)
Generates a new access token if provided with a valid refresh token. Returns the new access token in the access_token cookie.
func Register ¶
func Register(res http.ResponseWriter, req *http.Request)
Registers a new user by creating a new entry in the "users" table.
func VerifyJwt ¶
func VerifyJwt(res http.ResponseWriter, req *http.Request)
Takes a JWT string from the query parameter "token" (?token=ABCD1234) and attemps to return the JWT's claim values. It will only attempt to validate access_token values. Can be used by other services to validate that the user is authenticated and retrieve their userId. This handler function should be used on a route that is inaccessible to outside users.
Types ¶
This section is empty.