auth

package

v0.1.5 Latest Latest Go to latest Published: Oct 28, 2025 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/xraph/forge

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type ConnectionAuthenticator
- func NewConnectionAuthenticator(registry auth.Registry, providers []string) ConnectionAuthenticator
type MessageAuthorizer
- func NewMessageAuthorizer(roomAuth RoomAuthorizer, messageStore MessageStore) MessageAuthorizer
type MessageInfo
type MessageStore
type RoomAuthorizer
- func NewRoomAuthorizer(roomStore streaming.RoomStore) RoomAuthorizer
type TargetType

Constants ¶

View Source

const (
	ActionDelete = "delete"
	ActionMute   = "mute"
	ActionBan    = "ban"
	ActionKick   = "kick"
	ActionManage = "manage"
)

Moderation actions

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ConnectionAuthenticator ¶

type ConnectionAuthenticator interface {
	// AuthenticateConnection verifies the connection on WebSocket/SSE upgrade
	AuthenticateConnection(ctx context.Context, r *http.Request) (*auth.AuthContext, error)

	// RequireAuth enforces auth providers (OR logic)
	RequireAuth(providers ...string) error

	// RequireScopes enforces scopes (AND logic)
	RequireScopes(scopes ...string) error
}

ConnectionAuthenticator authenticates WebSocket/SSE connections.

func NewConnectionAuthenticator ¶

func NewConnectionAuthenticator(registry auth.Registry, providers []string) ConnectionAuthenticator

NewConnectionAuthenticator creates a new connection authenticator.

type MessageAuthorizer ¶

type MessageAuthorizer interface {
	// CanSend checks if user can send message to room/channel
	CanSend(ctx context.Context, userID, targetID string, targetType TargetType) (bool, error)

	// CanDelete checks if user can delete message
	CanDelete(ctx context.Context, userID, messageID string) (bool, error)

	// CanEdit checks if user can edit message
	CanEdit(ctx context.Context, userID, messageID string) (bool, error)

	// CanReact checks if user can react to message
	CanReact(ctx context.Context, userID, messageID string) (bool, error)
}

MessageAuthorizer checks message-level permissions.

func NewMessageAuthorizer ¶

func NewMessageAuthorizer(roomAuth RoomAuthorizer, messageStore MessageStore) MessageAuthorizer

NewMessageAuthorizer creates a new message authorizer.

type MessageInfo ¶

type MessageInfo struct {
	ID        string
	UserID    string
	RoomID    string
	ChannelID string
	Content   any
	Metadata  map[string]any
}

MessageInfo contains basic message information for authorization.

type MessageStore ¶

type MessageStore interface {
	// Get retrieves a message by ID
	Get(ctx context.Context, messageID string) (*MessageInfo, error)
}

MessageStore provides message retrieval for authorization.

type RoomAuthorizer ¶

type RoomAuthorizer interface {
	// CanJoin checks if user can join room
	CanJoin(ctx context.Context, userID, roomID string) (bool, error)

	// CanLeave checks if user can leave room
	CanLeave(ctx context.Context, userID, roomID string) (bool, error)

	// CanInvite checks if user can invite others
	CanInvite(ctx context.Context, userID, roomID string) (bool, error)

	// CanModerate checks moderation permissions
	CanModerate(ctx context.Context, userID, roomID string, action string) (bool, error)

	// GetUserRole returns user's role in room
	GetUserRole(ctx context.Context, userID, roomID string) (string, error)
}

RoomAuthorizer checks room-level permissions.

func NewRoomAuthorizer ¶

func NewRoomAuthorizer(roomStore streaming.RoomStore) RoomAuthorizer

NewRoomAuthorizer creates a new room authorizer.

type TargetType ¶

type TargetType string

TargetType defines message target types.

const (
	TargetTypeRoom    TargetType = "room"
	TargetTypeChannel TargetType = "channel"
	TargetTypeDirect  TargetType = "direct"
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL