Documentation
¶
Index ¶
- Variables
- type AuthResponse
- type ChangePasswordRequest
- type Config
- type ConfirmEmailChangeRequest
- type HookExecutor
- type PasswordResetRepository
- type PasswordResetResult
- type RequestEmailChangeRequest
- type RequestPasswordResetRequest
- type ResetPasswordRequest
- type Service
- func (s *Service) ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error
- func (s *Service) CheckCredentials(ctx context.Context, email, password string) (*user.User, error)
- func (s *Service) ConfirmEmailChange(ctx context.Context, token string) error
- func (s *Service) CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ip, ua string) (*responses.AuthResponse, error)
- func (s *Service) GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)
- func (s *Service) RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)
- func (s *Service) RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)
- func (s *Service) RequestPasswordReset(ctx context.Context, email string) (string, string, error)
- func (s *Service) ResetPassword(ctx context.Context, token, newPassword string) error
- func (s *Service) ResetPasswordWithCode(ctx context.Context, code, newPassword string) error
- func (s *Service) SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)
- func (s *Service) SignOut(ctx context.Context, req *SignOutRequest) error
- func (s *Service) SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)
- func (s *Service) UpdateUser(ctx context.Context, userID xid.ID, req *user.UpdateUserRequest) (*user.User, error)
- func (s *Service) ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)
- func (s *Service) ValidateResetToken(ctx context.Context, token string) (bool, error)
- type ServiceInterface
- type SignInRequest
- type SignOutRequest
- type SignUpRequest
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidChangeToken = fmt.Errorf("invalid email change token") ErrChangeTokenExpired = fmt.Errorf("email change token has expired") ErrChangeTokenAlreadyUsed = fmt.Errorf("email change token has already been used") )
Email change specific errors
var ( ErrInvalidResetToken = fmt.Errorf("invalid reset token") ErrResetTokenExpired = fmt.Errorf("reset token has expired") ErrResetTokenAlreadyUsed = fmt.Errorf("reset token has already been used") )
Password reset specific errors
Functions ¶
This section is empty.
Types ¶
type AuthResponse ¶
type AuthResponse = responses.AuthResponse
AuthResponse represents an authentication response
type ChangePasswordRequest ¶ added in v0.0.6
type ChangePasswordRequest struct {
OldPassword string `json:"oldPassword" validate:"required"`
NewPassword string `json:"newPassword" validate:"required,min=8"`
}
ChangePasswordRequest represents a password change request
type Config ¶
type Config struct {
RequireEmailVerification bool `json:"requireEmailVerification"`
}
Config represents authentication configuration
type ConfirmEmailChangeRequest ¶ added in v0.0.6
type ConfirmEmailChangeRequest struct {
Token string `json:"token" validate:"required"`
}
ConfirmEmailChangeRequest represents an email change confirmation
type HookExecutor ¶ added in v0.0.3
type HookExecutor interface {
ExecuteBeforeSignUp(ctx context.Context, req *SignUpRequest) error
ExecuteAfterSignUp(ctx context.Context, response *responses.AuthResponse) error
ExecuteBeforeSignIn(ctx context.Context, req *SignInRequest) error
ExecuteAfterSignIn(ctx context.Context, response *responses.AuthResponse) error
ExecuteBeforeSignOut(ctx context.Context, token string) error
ExecuteAfterSignOut(ctx context.Context, token string) error
}
HookExecutor defines the interface for executing auth-related hooks This interface allows the auth service to execute hooks without importing the hooks package, avoiding circular dependencies (hooks package imports auth for request types)
type PasswordResetRepository ¶ added in v0.0.6
type PasswordResetRepository interface {
CreateVerification(ctx context.Context, verification *schema.Verification) error
FindVerificationByToken(ctx context.Context, token string) (*schema.Verification, error)
FindVerificationByCode(ctx context.Context, code string, verificationType string) (*schema.Verification, error)
MarkVerificationAsUsed(ctx context.Context, id xid.ID) error
DeleteExpiredVerifications(ctx context.Context) error
}
PasswordResetRepository defines verification token operations
type PasswordResetResult ¶ added in v0.0.8
type PasswordResetResult struct {
Token string // URL-safe token for email links
Code string // 6-digit numeric code for mobile entry
}
PasswordResetResult contains both token and code for password reset
type RequestEmailChangeRequest ¶ added in v0.0.6
type RequestEmailChangeRequest struct {
NewEmail string `json:"newEmail" validate:"required,email"`
}
RequestEmailChangeRequest represents an email change request
type RequestPasswordResetRequest ¶ added in v0.0.6
type RequestPasswordResetRequest struct {
Email string `json:"email" validate:"required,email"`
}
RequestPasswordResetRequest represents a password reset request
type ResetPasswordRequest ¶ added in v0.0.6
type ResetPasswordRequest struct {
Token string `json:"token,omitempty"` // URL token for link-based reset
Code string `json:"code,omitempty"` // 6-digit code for manual entry
NewPassword string `json:"newPassword" validate:"required,min=8"`
}
ResetPasswordRequest represents a password reset confirmation
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service provides authentication operations
func NewService ¶
func NewService(users user.ServiceInterface, session session.ServiceInterface, cfg Config, hookExecutor HookExecutor) *Service
NewService creates a new auth service
func (*Service) ChangePassword ¶ added in v0.0.6
func (s *Service) ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error
ChangePassword changes a user's password after verifying the old password
func (*Service) CheckCredentials ¶
CheckCredentials validates a user's credentials and returns the user without creating a session
func (*Service) ConfirmEmailChange ¶ added in v0.0.6
ConfirmEmailChange completes the email change flow
func (*Service) CreateSessionForUser ¶
func (s *Service) CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ip, ua string) (*responses.AuthResponse, error)
CreateSessionForUser creates a session for a given user and returns auth response This is typically used after credentials are already validated (e.g., after 2FA verification)
func (*Service) GetSession ¶
GetSession validates and returns session details
func (*Service) RefreshSession ¶ added in v0.0.3
func (s *Service) RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)
RefreshSession refreshes an access token using a refresh token
func (*Service) RequestEmailChange ¶ added in v0.0.6
func (s *Service) RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)
RequestEmailChange initiates an email change flow
func (*Service) RequestPasswordReset ¶ added in v0.0.6
RequestPasswordReset initiates a password reset flow Returns token (for URL links) and code (for mobile entry)
func (*Service) ResetPassword ¶ added in v0.0.6
ResetPassword completes the password reset flow using token
func (*Service) ResetPasswordWithCode ¶ added in v0.0.8
ResetPasswordWithCode completes the password reset flow using 6-digit code
func (*Service) SignIn ¶
func (s *Service) SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)
SignIn authenticates a user and returns a session
func (*Service) SignOut ¶
func (s *Service) SignOut(ctx context.Context, req *SignOutRequest) error
SignOut revokes a session
func (*Service) SignUp ¶
func (s *Service) SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)
SignUp registers a new user and returns a session
func (*Service) UpdateUser ¶
func (s *Service) UpdateUser(ctx context.Context, userID xid.ID, req *user.UpdateUserRequest) (*user.User, error)
UpdateUser updates the current user's fields via user service
func (*Service) ValidateEmailChangeToken ¶ added in v0.0.6
ValidateEmailChangeToken checks if an email change token is valid
type ServiceInterface ¶
type ServiceInterface interface {
SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)
SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)
SignOut(ctx context.Context, req *SignOutRequest) error
CheckCredentials(ctx context.Context, email, password string) (*user.User, error)
CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ipAddress, userAgent string) (*responses.AuthResponse, error)
GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)
UpdateUser(ctx context.Context, id xid.ID, req *user.UpdateUserRequest) (*user.User, error)
RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)
// Password management
// RequestPasswordReset returns (token, code, error) where token is for URL links and code is 6-digit for mobile
RequestPasswordReset(ctx context.Context, email string) (string, string, error)
ResetPassword(ctx context.Context, token, newPassword string) error
ResetPasswordWithCode(ctx context.Context, code, newPassword string) error
ValidateResetToken(ctx context.Context, token string) (bool, error)
ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error
// Email change
RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)
ConfirmEmailChange(ctx context.Context, token string) error
ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)
}
ServiceInterface defines the contract for auth service operations This allows plugins to decorate the service with additional behavior
type SignInRequest ¶
type SignInRequest struct {
Email string `json:"email" validate:"required,email"`
Password string `json:"password" validate:"required,min=8"`
RememberMe bool `json:"rememberMe,omitempty"`
// Optional alternative naming per docs
IPAddress string `json:"ipAddress,omitempty"`
UserAgent string `json:"userAgent,omitempty"`
}
SignInRequest represents a signin request
type SignOutRequest ¶
type SignOutRequest struct {
Token string `json:"token" validate:"required"`
}
SignOutRequest represents a signout request
type SignUpRequest ¶
type SignUpRequest struct {
Email string `json:"email" validate:"required,email"`
Password string `json:"password" validate:"required,min=8"`
Name string `json:"name" validate:"required"`
RememberMe bool `json:"rememberMe,omitempty"`
IPAddress string `json:"ipAddress,omitempty"`
UserAgent string `json:"userAgent,omitempty"`
}
SignUpRequest represents a signup request
Source Files