Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Auth ¶
type Auth struct { Issuer string // Who issues the token, e.g. company.com. Audience string // Who is the token for, e.g. company.com. Secret string // A strong secret, used to sign the tokens. TokenExpiry time.Duration // When does the token expire, e.g. time.Minute * 15. RefreshExpiry time.Duration // When does the refresh token expire, e.g. time.Hour * 24. CookieDomain string // The domain, for refresh cookies. CookiePath string // The path, for refresh cookies. CookieName string // The name of the refresh token cookie. }
Auth is the type used to instantiate this package.
func New ¶ added in v1.1.0
New returns an instance of Auth, with sensible defaults where possible. Naturally, any of defaults can be overridden.
func (*Auth) GenerateTokenPair ¶
func (j *Auth) GenerateTokenPair(user *User) (TokenPairs, error)
GenerateTokenPair takes a user of type jot.User and attempts to generate a pair of tokens for that user (jwt and refresh tokens).
func (*Auth) GetExpiredRefreshCookie ¶ added in v1.0.3
GetExpiredRefreshCookie is a convenience method to return a cookie suitable for forcing a user's browser to delete the existing cookie.
func (*Auth) GetRefreshCookie ¶
GetRefreshCookie returns a cookie containing the refresh token. Note that the cookie is http only, secure, and set to same site strict mode.
func (*Auth) GetTokenFromHeaderAndVerify ¶
func (j *Auth) GetTokenFromHeaderAndVerify(w http.ResponseWriter, r *http.Request) (string, *Claims, error)
GetTokenFromHeaderAndVerify extracts a token from the Authorization header, verifies it, and returns the token, the claims, and error, if any.
type Claims ¶
type Claims struct {
jwt.RegisteredClaims
}
Claims is the type used to describe the claims in a given token.
type TokenPairs ¶
type TokenPairs struct { Token string `json:"access_token"` RefreshToken string `json:"refresh_token"` }
TokenPairs is the type used to generate JSON containing the JWT token and the refresh token.