package auth

import "github.com/go-arrower/arrower/contexts/auth"

Package auth is the intraprocess API of what this Context is exposing to other Contexts to use.

Index

Constants

const (
	RouteLogin      = "auth.login"
	RouteLogout     = "auth.logout"
	RouteVerifyUser = "auth.verify_user"
	RouteResetPW    = ""
)
const (
	// TenantIDKey is set in echo.Context to hand over the id from a middleware to a controller.
	TenantIDKey = "auth.tenant_id"
	UserIDKey   = "auth.user_id"
)
const (
	CtxLoggedIn                  ctx2.CTXKey = "auth.pass"
	CtxIsSuperuser               ctx2.CTXKey = "auth.superuser"
	CtxIsSuperuserLoggedInAsUser ctx2.CTXKey = "auth.superuser_logged_in_as_user"
	CtxUserID                    ctx2.CTXKey = "auth.user_id"
	CtxUser                      ctx2.CTXKey = "auth.user"
)
const (
	// FIXME: is redundant and can disappear from the session, use the existance of user_id to set the flag in the ctx middleware.
	SessKeyLoggedIn               = "auth.user_is_logged_in" // FIXME don't export from the context => move internally
	SessKeyUserID                 = "auth.user_id"
	SessKeyIsSuperuser            = "auth.user_is_superuser"
	SessIsSuperuserLoggedInAsUser = "auth.superuser.is_logged_in_as_user"
	SessSuperuserOriginalUserID   = "auth.superuser.original_user_id"
)
const (
	SessionName = "arrower.auth"
)

Variables

var (
	SettingAllowRegistration = setting.NewKey(contextName, "registration", "registration_enabled")
	SettingAllowLogin        = setting.NewKey(contextName, "registration", "login_enabled")
)
var ErrInvalidSessionValue = errors.New("invalid session value")
var ErrSessionStoreFailed = errors.New("creating session store failed")

Functions

func Authenticate

func Authenticate(cred any) (worked bool, validationErrs error)

Authenticate, if develoepr wants to do the auth himself, instead of the web route.

func EnrichCtxWithUserInfoMiddleware

func EnrichCtxWithUserInfoMiddleware(next echo.HandlerFunc) echo.HandlerFunc

EnrichCtxWithUserInfoMiddleware checks if a User is logged in and puts those values into the http request's context, so they are available in other parts of the app. For convenience use the helpers like: IsLoggedIn. If you want to ensure only logged-in users can access a URL use EnsureUserIsLoggedInMiddleware instead.

func EnsureUserIsLoggedInMiddleware

func EnsureUserIsLoggedInMiddleware(next echo.HandlerFunc) echo.HandlerFunc

EnsureUserIsLoggedInMiddleware makes sure the routes can only be accessed by a logged-in user. It does set the User in the same way EnrichCtxWithUserInfoMiddleware does. OR LoginRequired.

func EnsureUserIsSuperuserMiddleware

func EnsureUserIsSuperuserMiddleware(next echo.HandlerFunc) echo.HandlerFunc

func IsLoggedIn

func IsLoggedIn(ctx context.Context) bool

func IsLoggedInAsOtherUser

func IsLoggedInAsOtherUser(ctx context.Context) bool

func IsSuperuser

func IsSuperuser(ctx context.Context) bool

func Logout

func Logout(userID any) bool

Types

type API

type API interface {
	FindUserByID(context.Context, UserID) (User, error)
	SaveUser(context.Context, User) error
}

API is the api of the auth Context.

SHOULD IT BE MORE TYPED? UserID instead of string, Credentials instead of string,string pair?

type APIKey

type APIKey struct{}

type PGSessionStore

type PGSessionStore struct {
	Options *sessions.Options // default configuration
	Codecs  []securecookie.Codec
	// contains filtered or unexported fields
}

func NewPGSessionStore

func NewPGSessionStore(pgx *pgxpool.Pool, keyPairs ...[]byte) (*PGSessionStore, error)

func (*PGSessionStore) Get

func (ss *PGSessionStore) Get(r *http.Request, name string) (*sessions.Session, error)

Get returns a session for the given name after adding it to the registry.

func (*PGSessionStore) New

func (ss *PGSessionStore) New(r *http.Request, name string) (*sessions.Session, error)

New returns a session for the given name without adding it to the registry.

func (*PGSessionStore) Save

func (ss *PGSessionStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error

Save adds a single session to the response.

If the Options.MaxAge of the session is <= 0 then the session will be deleted from the db table. With this process it enforces the proper session cookie handling so no need to trust in the cookie management in the web browser.

type User

type User struct {
	ID        UserID
	CreatedAt time.Time
	UpdatedAt time.Time
	Login     string // UserName

	FirstName         string
	LastName          string
	DisplayName       string
	Birthday          string // make struct to prevent issues with tz or define format? // TYPES OR PLAIN?
	Locale            string
	TimeZone          string
	ProfilePictureURL string
	Data              map[string]string // limit the length of keys & values // { plan: 'silver', team_id: 'a111' }

	RegisteredAt  time.Time
	IsVerified    bool
	VerifiedSince time.Time
	IsBlocked     bool
	BlockedSince  time.Time
}

func CurrentUser

func CurrentUser(ctx context.Context) User

type UserID

type UserID string

func CurrentUserID

func CurrentUserID(ctx context.Context) UserID

Source Files

auth.api.go auth.mw.go pg.session.store.go

Directories

PathSynopsis
contexts/auth/init
contexts/auth/internal
Version
v0.0.0-20250311203644-ab26c1152cb4 (latest)
Published
Mar 11, 2025
Platform
linux/amd64
Imports
17 packages
Last checked
1 week ago

Tools for package owners.