Documentation
¶
Index ¶
- Constants
- func CheckForbidden(err error) error
- func ContextWithUser(ctx context.Context, userID uu.ID) context.Context
- func Handler(wrappedHandler http.Handler) http.HandlerFunc
- func HandlerWithUserIDAsMuxVar(muxVarName string, wrappedHandler http.Handler) http.HandlerFunc
- func IsOtherThanErrForbidden(err error) bool
- func TransactionAsUser(ctx context.Context, userID uu.ID, txFunc func(ctx context.Context) error) (err error)
- func TransactionAsUserFromContext(ctx context.Context, txFunc func(ctx context.Context) error) (err error)
- func UserFromContext(ctx context.Context) (userID uu.ID, err error)
- type SameSite
- type Session
- type SessionCookie
Constants ¶
const ErrForbidden = errs.Sentinel("forbidden")
Variables ¶
This section is empty.
Functions ¶
func CheckForbidden ¶
CheckForbidden checks if the error is the internal Postgres database row-level security policy violation exception or a permission denied exception due to insufficient grants and returns ErrForbidden.
If the error is not a Postgres forbidden error, the passed error will be returned instead.
func HandlerWithUserIDAsMuxVar ¶
func HandlerWithUserIDAsMuxVar(muxVarName string, wrappedHandler http.Handler) http.HandlerFunc
func IsOtherThanErrForbidden ¶
IsOtherThanErrForbidden returns true if the error is present and is not ErrForbidden.
func TransactionAsUser ¶
Types ¶
type SameSite ¶
type SameSite string
SameSite attribute of the Set-Cookie HTTP response header allows you to declare if your cookie should be restricted to a first-party or same-site context.
const ( // Cookies will only be sent in a first-party context and not be sent along with requests // initiated by third party websites. SameSiteStrict SameSite = "strict" // Cookies are not sent on normal cross-site subrequests (for example to load images // or frames into a third party site), but are sent when a user is navigating to the // origin site (i.e., when following a link). // This is the default cookie value if SameSite has not been explicitly specified in // recent browser versions. // Note: Lax replaced None as the default value in order to ensure that users have // reasonably robust defense against some classes of cross-site request forgery (CSRF) // attacks. SameSiteLax SameSite = "lax" // Cookies will be sent in all contexts, i.e. in responses to both first-party and cross-origin // requests. If SameSite=None is set, the cookie Secure attribute must also be set (or the cookie // will be blocked). SameSiteNone SameSite = "none" )
func (SameSite) HTTPSameSite ¶
func (*SameSite) UnmarshalJSON ¶
UnmarshalJSON implements encoding/json.Unmarshaler
type Session ¶
type Session struct {
ID uu.ID `db:"id,pk"`
UserID uu.ID `db:"user_id"`
Cookie *SessionCookie `db:"cookie"`
Data interface{} `db:"data"`
ExpiresAt time.Time `db:"expires_at"`
UpdatedAt time.Time `db:"updated_at"`
CreatedAt time.Time `db:"created_at"`
}
Session is the user cookie session stored. See database/schema/private/session.sql@private.session
type SessionCookie ¶
type SessionCookie struct {
Domain string `json:"domain"`
Path string `json:"path"`
Secure bool `json:"secure"`
MaxAge int `json:"maxAge"`
HTTPOnly bool `json:"httpOnly"`
SameSite SameSite `json:"sameSite"`
}
SessionCookie is the session cookie and it matches the SessionCookie in graphql/src/session.ts@SessionCookie
func (*SessionCookie) Scan ¶
func (v *SessionCookie) Scan(value interface{}) error
Source Files