Documentation
¶
Index ¶
- Constants
- Variables
- func HasAuthRoles(session *Session, authRoles ...authrole.Value) bool
- func IsHigherAuthority(session *Session, against ...authrole.Value) bool
- func IsLoggedIn(session *Session) bool
- func Middleware(authService AuthServicer) func(http.Handler) http.Handler
- type AuthConfig
- type AuthService
- func (authService AuthService) Config() *AuthConfig
- func (authService AuthService) CreateAccount(ctx context.Context, input ent.CreateAccountInput) (*CreateAccountPayload, error)
- func (authService AuthService) CreateStaffAccount(ctx context.Context, input ent.CreateStaffAccountInput) (*CreateStaffAccountPayload, error)
- func (authService AuthService) GetSessionFromStore(ctx context.Context, sessionToken SessionToken) (*Session, error)
- func (authService AuthService) LoginToAccount(ctx context.Context, input LoginToAccountInput) (*LoginToAccountPayload, error)
- func (authService AuthService) LoginToStaffAccount(ctx context.Context, input LoginToStaffAccountInput) (*LoginToStaffAccountPayload, error)
- func (authService AuthService) Logout(ctx context.Context) error
- type AuthServicer
- type CreateAccountPayload
- type CreateStaffAccountPayload
- type LoginToAccountInput
- type LoginToAccountPayload
- type LoginToStaffAccountInput
- type LoginToStaffAccountPayload
- type Session
- type SessionToken
Constants ¶
const SessionContextKey sessionContextKey = 0
Variables ¶
var AuthRoleRanking = map[authrole.Value]int{ authrole.ValueDemo: 1, authrole.ValueFree: 1, authrole.ValuePlus: 1, authrole.ValuePro: 1, authrole.ValueEnterprise: 1, authrole.ValueSupport: 50, authrole.ValueAdmin: 99, authrole.ValueSuperAdmin: 100, }
var AuthorizationHeader = "Authorization"
AuthorizationHeader is the name of the HTTP Header which contains the session id. Exported so that it can be changed by developers.
var NonStaffAuthRoles = []authrole.Value{ authrole.ValueDemo, authrole.ValueFree, authrole.ValuePlus, authrole.ValuePro, authrole.ValueEnterprise, }
var SessionRedisKey = "session"
SessionRedisKey represents the key prefix (e.g. <prefix>:<actual key>) of a Session. It is set as a var in case it needs to be changed.
var StaffAuthRoles = []authrole.Value{authrole.ValueSupport, authrole.ValueAdmin, authrole.ValueSuperAdmin}
Functions ¶
func HasAuthRoles ¶
HasAuthRoles checks if any auth roles specified exist on the given Session. It returns true as long as one matching auth role is found.
func IsHigherAuthority ¶
IsHigherAuthority checks that the authenticated user has enough authority over another set of auth roles.
func IsLoggedIn ¶
IsLoggedIn checks if the user is logged in (has a session).
func Middleware ¶
func Middleware(authService AuthServicer) func(http.Handler) http.Handler
Middleware checks for a session ID in the Authorization header and hydrates the context with the session ID of the requester.
Types ¶
type AuthConfig ¶
type AuthConfig struct {
BcryptCost int `env:"BCRYPT_COST" envDefault:"10"`
SessionTimeout time.Duration `env:"SESSION_TIMEOUT" envDefault:"120h"`
}
func (AuthConfig) Validate ¶
func (authConfig AuthConfig) Validate() error
type AuthService ¶
type AuthService struct {
// contains filtered or unexported fields
}
func NewAuthService ¶
func NewAuthService( authConfig AuthConfig, logger logr.Logger, redisService *redis.RedisService, ) *AuthService
func (AuthService) Config ¶
func (authService AuthService) Config() *AuthConfig
func (AuthService) CreateAccount ¶
func (authService AuthService) CreateAccount( ctx context.Context, input ent.CreateAccountInput, ) ( *CreateAccountPayload, error, )
func (AuthService) CreateStaffAccount ¶
func (authService AuthService) CreateStaffAccount( ctx context.Context, input ent.CreateStaffAccountInput, ) (*CreateStaffAccountPayload, error)
func (AuthService) GetSessionFromStore ¶
func (authService AuthService) GetSessionFromStore(ctx context.Context, sessionToken SessionToken) (*Session, error)
GetSessionFromStore retrieves a Session from Redis given the key and session ID. It also resets the expiry time of the session.
func (AuthService) LoginToAccount ¶
func (authService AuthService) LoginToAccount( ctx context.Context, input LoginToAccountInput, ) ( *LoginToAccountPayload, error, )
LoginToAccount logs in an account. TODO: Make sure an already logged in account from the same IP and device can't login again.
func (AuthService) LoginToStaffAccount ¶
func (authService AuthService) LoginToStaffAccount( ctx context.Context, input LoginToStaffAccountInput, ) (*LoginToStaffAccountPayload, error)
type AuthServicer ¶
type AuthServicer interface {
Config() *AuthConfig
GetSessionFromStore(ctx context.Context, sessionToken SessionToken) (*Session, error)
CreateAccount(
ctx context.Context, input ent.CreateAccountInput,
) (*CreateAccountPayload, error)
CreateStaffAccount(
ctx context.Context, input ent.CreateStaffAccountInput,
) (*CreateStaffAccountPayload, error)
LoginToAccount(ctx context.Context, input LoginToAccountInput) (
*LoginToAccountPayload, error,
)
LoginToStaffAccount(
ctx context.Context, input LoginToStaffAccountInput,
) (*LoginToStaffAccountPayload, error)
Logout(ctx context.Context) error
}
type CreateAccountPayload ¶
type CreateStaffAccountPayload ¶
type CreateStaffAccountPayload struct {
StaffAccount *ent.StaffAccount
Session *Session
}
type LoginToAccountInput ¶
type LoginToAccountPayload ¶
type LoginToStaffAccountPayload ¶
type LoginToStaffAccountPayload struct {
StaffAccount *ent.StaffAccount
Session *Session
}
type Session ¶
type Session struct {
Token SessionToken // Session ID of the logged-in user.
UserID pulid.PULID // ID of the user.
AuthRoles []authrole.Value // Auth roles of the user.
}
Session represents an authentication session on the server side, containing the user ID and their authorization roles.
func GetSessionFromContext ¶
GetSessionFromContext returns the Session from a provided context, or nil if it is not found.
type SessionToken ¶
type SessionToken string
func NewSessionToken ¶
func NewSessionToken() (SessionToken, error)
NewSessionToken returns a new SessionToken.
func ParseSessionToken ¶
func ParseSessionToken(sessionTokenStr string) (SessionToken, error)
ParseSessionToken parses a session ID string and verifies that it is correct.
func (SessionToken) MarshalGQL ¶
func (sessionToken SessionToken) MarshalGQL(w io.Writer)
MarshalGQL implements graphql.Marshaler interface.
func (SessionToken) String ¶
func (sessionToken SessionToken) String() string
String implements fmt.Stringer interface.
func (*SessionToken) UnmarshalGQL ¶
func (sessionToken *SessionToken) UnmarshalGQL(val interface{}) error
UnmarshalGQL implements graphql.Unmarshaler interface.
Source Files