auth

package

v0.0.7 Latest Latest Go to latest Published: Dec 29, 2025 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/xraph/authsome

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AuthResponse
type ChangePasswordRequest
type Config
type ConfirmEmailChangeRequest
type HookExecutor
type PasswordResetRepository
type RequestEmailChangeRequest
type RequestPasswordResetRequest
type ResetPasswordRequest
type Service
- func NewService(users user.ServiceInterface, session session.ServiceInterface, cfg Config, ...) *Service
type ServiceInterface
type SignInRequest
type SignOutRequest
type SignUpRequest

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrInvalidChangeToken     = fmt.Errorf("invalid email change token")
	ErrChangeTokenExpired     = fmt.Errorf("email change token has expired")
	ErrChangeTokenAlreadyUsed = fmt.Errorf("email change token has already been used")
)

Email change specific errors

View Source

var (
	ErrInvalidResetToken     = fmt.Errorf("invalid reset token")
	ErrResetTokenExpired     = fmt.Errorf("reset token has expired")
	ErrResetTokenAlreadyUsed = fmt.Errorf("reset token has already been used")
)

Password reset specific errors

Functions ¶

This section is empty.

Types ¶

type AuthResponse ¶

type AuthResponse = responses.AuthResponse

AuthResponse represents an authentication response

type ChangePasswordRequest ¶ added in v0.0.6

type ChangePasswordRequest struct {
	OldPassword string `json:"oldPassword" validate:"required"`
	NewPassword string `json:"newPassword" validate:"required,min=8"`
}

ChangePasswordRequest represents a password change request

type Config ¶

type Config struct {
	RequireEmailVerification bool `json:"requireEmailVerification"`
}

Config represents authentication configuration

type ConfirmEmailChangeRequest ¶ added in v0.0.6

type ConfirmEmailChangeRequest struct {
	Token string `json:"token" validate:"required"`
}

ConfirmEmailChangeRequest represents an email change confirmation

type HookExecutor ¶ added in v0.0.3

type HookExecutor interface {
	ExecuteBeforeSignUp(ctx context.Context, req *SignUpRequest) error
	ExecuteAfterSignUp(ctx context.Context, response *responses.AuthResponse) error
	ExecuteBeforeSignIn(ctx context.Context, req *SignInRequest) error
	ExecuteAfterSignIn(ctx context.Context, response *responses.AuthResponse) error
	ExecuteBeforeSignOut(ctx context.Context, token string) error
	ExecuteAfterSignOut(ctx context.Context, token string) error
}

HookExecutor defines the interface for executing auth-related hooks This interface allows the auth service to execute hooks without importing the hooks package, avoiding circular dependencies (hooks package imports auth for request types)

type PasswordResetRepository ¶ added in v0.0.6

type PasswordResetRepository interface {
	CreateVerification(ctx context.Context, verification *schema.Verification) error
	FindVerificationByToken(ctx context.Context, token string) (*schema.Verification, error)
	MarkVerificationAsUsed(ctx context.Context, id xid.ID) error
	DeleteExpiredVerifications(ctx context.Context) error
}

PasswordResetRepository defines verification token operations

type RequestEmailChangeRequest ¶ added in v0.0.6

type RequestEmailChangeRequest struct {
	NewEmail string `json:"newEmail" validate:"required,email"`
}

RequestEmailChangeRequest represents an email change request

type RequestPasswordResetRequest ¶ added in v0.0.6

type RequestPasswordResetRequest struct {
	Email string `json:"email" validate:"required,email"`
}

RequestPasswordResetRequest represents a password reset request

type ResetPasswordRequest ¶ added in v0.0.6

type ResetPasswordRequest struct {
	Token       string `json:"token" validate:"required"`
	NewPassword string `json:"newPassword" validate:"required,min=8"`
}

ResetPasswordRequest represents a password reset confirmation

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service provides authentication operations

func NewService ¶

func NewService(users user.ServiceInterface, session session.ServiceInterface, cfg Config, hookExecutor HookExecutor) *Service

NewService creates a new auth service

func (*Service) ChangePassword ¶ added in v0.0.6

func (s *Service) ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error

ChangePassword changes a user's password after verifying the old password

func (*Service) CheckCredentials ¶

func (s *Service) CheckCredentials(ctx context.Context, email, password string) (*user.User, error)

CheckCredentials validates a user's credentials and returns the user without creating a session

func (*Service) ConfirmEmailChange ¶ added in v0.0.6

func (s *Service) ConfirmEmailChange(ctx context.Context, token string) error

ConfirmEmailChange completes the email change flow

func (*Service) CreateSessionForUser ¶

func (s *Service) CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ip, ua string) (*responses.AuthResponse, error)

CreateSessionForUser creates a session for a given user and returns auth response This is typically used after credentials are already validated (e.g., after 2FA verification)

func (*Service) GetSession ¶

func (s *Service) GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)

GetSession validates and returns session details

func (*Service) RefreshSession ¶ added in v0.0.3

func (s *Service) RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)

RefreshSession refreshes an access token using a refresh token

func (*Service) RequestEmailChange ¶ added in v0.0.6

func (s *Service) RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)

RequestEmailChange initiates an email change flow

func (*Service) RequestPasswordReset ¶ added in v0.0.6

func (s *Service) RequestPasswordReset(ctx context.Context, email string) (string, error)

RequestPasswordReset initiates a password reset flow

func (*Service) ResetPassword ¶ added in v0.0.6

func (s *Service) ResetPassword(ctx context.Context, token, newPassword string) error

ResetPassword completes the password reset flow

func (s *Service) SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)

SignIn authenticates a user and returns a session

func (*Service) SignOut ¶

func (s *Service) SignOut(ctx context.Context, req *SignOutRequest) error

SignOut revokes a session

func (s *Service) SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)

SignUp registers a new user and returns a session

func (*Service) UpdateUser ¶

func (s *Service) UpdateUser(ctx context.Context, userID xid.ID, req *user.UpdateUserRequest) (*user.User, error)

UpdateUser updates the current user's fields via user service

func (*Service) ValidateEmailChangeToken ¶ added in v0.0.6

func (s *Service) ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)

ValidateEmailChangeToken checks if an email change token is valid

func (*Service) ValidateResetToken ¶ added in v0.0.6

func (s *Service) ValidateResetToken(ctx context.Context, token string) (bool, error)

ValidateResetToken checks if a reset token is valid

type ServiceInterface ¶

type ServiceInterface interface {
	SignUp(ctx context.Context, req *SignUpRequest) (*responses.AuthResponse, error)
	SignIn(ctx context.Context, req *SignInRequest) (*responses.AuthResponse, error)
	SignOut(ctx context.Context, req *SignOutRequest) error
	CheckCredentials(ctx context.Context, email, password string) (*user.User, error)
	CreateSessionForUser(ctx context.Context, u *user.User, remember bool, ipAddress, userAgent string) (*responses.AuthResponse, error)
	GetSession(ctx context.Context, token string) (*responses.AuthResponse, error)
	UpdateUser(ctx context.Context, id xid.ID, req *user.UpdateUserRequest) (*user.User, error)
	RefreshSession(ctx context.Context, refreshToken string) (*responses.RefreshSessionResponse, error)

	// Password management
	RequestPasswordReset(ctx context.Context, email string) (string, error)
	ResetPassword(ctx context.Context, token, newPassword string) error
	ValidateResetToken(ctx context.Context, token string) (bool, error)
	ChangePassword(ctx context.Context, userID xid.ID, oldPassword, newPassword string) error

	// Email change
	RequestEmailChange(ctx context.Context, userID xid.ID, newEmail string) (string, error)
	ConfirmEmailChange(ctx context.Context, token string) error
	ValidateEmailChangeToken(ctx context.Context, token string) (bool, error)
}

ServiceInterface defines the contract for auth service operations This allows plugins to decorate the service with additional behavior

type SignInRequest ¶

type SignInRequest struct {
	Email      string `json:"email" validate:"required,email"`
	Password   string `json:"password" validate:"required,min=8"`
	RememberMe bool   `json:"rememberMe,omitempty"`
	// Optional alternative naming per docs
	IPAddress string `json:"ipAddress,omitempty"`
	UserAgent string `json:"userAgent,omitempty"`
}

SignInRequest represents a signin request

type SignOutRequest ¶

type SignOutRequest struct {
	Token string `json:"token" validate:"required"`
}

SignOutRequest represents a signout request

type SignUpRequest ¶

type SignUpRequest struct {
	Email      string `json:"email" validate:"required,email"`
	Password   string `json:"password" validate:"required,min=8"`
	Name       string `json:"name" validate:"required"`
	RememberMe bool   `json:"rememberMe,omitempty"`
	IPAddress  string `json:"ipAddress,omitempty"`
	UserAgent  string `json:"userAgent,omitempty"`
}

SignUpRequest represents a signup request

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL