Documentation ¶
Index ¶
- Constants
- Variables
- func GenerateToken(bytes int) (string, error)
- type Group
- type GroupPermission
- type GroupPermissions
- type GroupRepo
- func (r *GroupRepo) Add(g *Group) error
- func (r *GroupRepo) AddPermission(gid, pid int64, value int) error
- func (r *GroupRepo) AddUser(uid int64, gid int64) error
- func (r *GroupRepo) ByID(id int64) (*Group, error)
- func (r *GroupRepo) ByName(name string) (*Group, error)
- func (r *GroupRepo) ByUser(uid int64) (Groups, error)
- func (r *GroupRepo) List() (Groups, error)
- func (r *GroupRepo) Permissions(gid int64) (GroupPermissions, error)
- func (r *GroupRepo) Remove(gid int64) error
- func (r *GroupRepo) RemovePermission(gid, pid int64) error
- func (r *GroupRepo) RemoveUser(uid int64, gid int64) error
- func (r *GroupRepo) Seed(groups []Group) error
- func (r *GroupRepo) Update(g *Group) error
- func (r *GroupRepo) UserCount(gid int64) (int, error)
- func (r *GroupRepo) UserPermissions(uid int64) (GroupPermissions, error)
- func (r *GroupRepo) Users(gid int64) ([]User, error)
- type Groups
- type Limiter
- type PasswordReset
- type PasswordResetToken
- type Permission
- type PermissionRepo
- func (s *PermissionRepo) Add(p *Permission) error
- func (s *PermissionRepo) ByID(id int64) (*Permission, error)
- func (s *PermissionRepo) ByName(name string) (*Permission, error)
- func (s *PermissionRepo) Clear() error
- func (s *PermissionRepo) List() (Permissions, error)
- func (s *PermissionRepo) Remove(id int64) error
- func (s *PermissionRepo) RemoveByName(name string) error
- func (r *PermissionRepo) Seed(permissions []Permission) error
- func (s *PermissionRepo) Update(p *Permission) error
- type PermissionType
- type Permissions
- type RedisLimiter
- type RegistrationRequest
- type RegistrationResponse
- type RegistrationToken
- type Service
- type Session
- func (s *Session) ClearFlash()
- func (s *Session) Expired() bool
- func (s *Session) Flash(msgtype, msg string)
- func (s *Session) Get(key string) any
- func (s *Session) GroupName() string
- func (s *Session) HasFlash() bool
- func (s Session) IsAnonymous() bool
- func (s Session) IsAuthorized() bool
- func (s Session) MarshalBinary() ([]byte, error)
- func (s *Session) Set(key string, data any)
- func (s *Session) UnmarshalBinary(data []byte) error
- func (s *Session) UserID() *int64
- type SessionRepo
- func (s *SessionRepo) ByID(sessionID string) (*Session, error)
- func (s *SessionRepo) ByUserID(uid int64) ([]Session, error)
- func (s *SessionRepo) Drop() error
- func (s *SessionRepo) RemoveByEmails(emails []string) error
- func (s *SessionRepo) RemoveByID(id string) error
- func (s *SessionRepo) RemoveByUserID(uid int64) error
- func (s *SessionRepo) RemoveExpired() error
- func (s *SessionRepo) Save(sess *Session) error
- type User
- type UserRepo
- func (r *UserRepo) Authenticate(email, pass string) (*User, error)
- func (r *UserRepo) ByEmail(email string) (*User, error)
- func (r *UserRepo) ByID(id int64) (*User, error)
- func (r *UserRepo) ConfirmPasswordReset(reset *PasswordReset) (*User, error)
- func (r *UserRepo) ConfirmRegistration(tok string) (*User, error)
- func (r *UserRepo) Paginate(page int, q string) ([]User, *orm.PaginationResults, error)
- func (UserRepo) PasswordHash(pass string) (string, error)
- func (r *UserRepo) Register(req *RegistrationRequest) (*RegistrationResponse, error)
- func (r *UserRepo) RenewRegistration(uid int64) (*RegistrationToken, error)
- func (r *UserRepo) RequestPasswordReset(email string) (*PasswordResetToken, error)
- func (r *UserRepo) ResetPassword(uid int64, pass string) error
- func (UserRepo) SanitizeEmail(email string) string
- func (r *UserRepo) UpdateInfo(u *User) error
Constants ¶
const ( SessionDuration = time.Hour * 3 SessionLongDuration = time.Hour * 24 * 30 )
const (
PageSize = 25
)
const PasswordHashCost = 10
const TokenDuration = time.Hour
Variables ¶
var ( ErrGroupNotFound = errors.New("group not found") ErrEmailRequired = errors.New("email is required") ErrInvalidToken = errors.New("invalid token") ErrNameRequired = errors.New("name is required") ErrPasswordRequired = errors.New("password is required") ErrPermissionNotFound = errors.New("permission not found") ErrSessionNotFound = errors.New("session not found") ErrSessionExpired = errors.New("session expired") ErrTokenExpired = errors.New("token expired") ErrTokenNotFound = errors.New("token not found") ErrUserExists = errors.New("user exists") ErrUserNotFound = errors.New("user not found") )
package wide errors go here
var (
ErrLimitReached = errors.New("limit reached")
)
Functions ¶
func GenerateToken ¶
Types ¶
type Group ¶
func (*Group) NewPermission ¶
func (g *Group) NewPermission(p *Permission, v int) *GroupPermission
type GroupPermission ¶
type GroupPermission struct { GroupID int64 PermissionID int64 Priority int `db:"-"` // group priority value Name string `db:"-"` // permission name Value int }
GroupPermission represents the union between a group and a permission it can contains a value for use in application logic
func (*GroupPermission) TableName ¶
func (*GroupPermission) TableName() string
type GroupPermissions ¶
type GroupPermissions []GroupPermission
func (GroupPermissions) Has ¶
func (gps GroupPermissions) Has(name string) bool
func (GroupPermissions) Value ¶
func (gps GroupPermissions) Value(name string) int
Value returns the value associated with the permission of a given name. it takes into account conflicting permissions and takes the one with higher priority
type GroupRepo ¶
type GroupRepo struct {
// contains filtered or unexported fields
}
GroupRepo us a group repository using pgx
func NewGroupRepo ¶
func (*GroupRepo) AddPermission ¶
func (*GroupRepo) AddUser ¶
AddUser adds a user to a group. No error will occur if a user is already part of the group
func (*GroupRepo) Permissions ¶
func (r *GroupRepo) Permissions(gid int64) (GroupPermissions, error)
Permissions returns group permissions for a group by group id
func (*GroupRepo) RemovePermission ¶
func (*GroupRepo) RemoveUser ¶
RemoveUser removes a user from a group
func (*GroupRepo) Seed ¶
Seed seeds groups to the database. If they already exist it will not return an error
func (*GroupRepo) UserPermissions ¶
func (r *GroupRepo) UserPermissions(uid int64) (GroupPermissions, error)
type Limiter ¶
type Limiter interface { // Limit increases the hit count for a given key. // When count value reaches max within window duration, MaxAttemptsError is returned until window has elapsed. Limit(key string, max int, window time.Duration) error // TTL returns the time to live for the limit block. // Returns 0 duration if limit has not yet been reached. TTL(key string, max int) (ttl time.Duration) // Reset resets the limit for a given key. Reset(key string) error }
Limiter is the interface implemented by rate limiters
type PasswordReset ¶
type PasswordResetToken ¶
func (PasswordResetToken) TableName ¶
func (PasswordResetToken) TableName() string
type Permission ¶
type Permission struct { ID int64 Name string Description string Type PermissionType }
Permission represents a users access to a resource.
func (*Permission) TableName ¶
func (p *Permission) TableName() string
type PermissionRepo ¶
type PermissionRepo struct {
// contains filtered or unexported fields
}
func NewPermissionRepo ¶
func NewPermissionRepo(db orm.DB) *PermissionRepo
func (*PermissionRepo) Add ¶
func (s *PermissionRepo) Add(p *Permission) error
func (*PermissionRepo) ByID ¶
func (s *PermissionRepo) ByID(id int64) (*Permission, error)
func (*PermissionRepo) ByName ¶
func (s *PermissionRepo) ByName(name string) (*Permission, error)
func (*PermissionRepo) Clear ¶
func (s *PermissionRepo) Clear() error
func (*PermissionRepo) List ¶
func (s *PermissionRepo) List() (Permissions, error)
List lists all permissions
func (*PermissionRepo) Remove ¶
func (s *PermissionRepo) Remove(id int64) error
func (*PermissionRepo) RemoveByName ¶
func (s *PermissionRepo) RemoveByName(name string) error
func (*PermissionRepo) Seed ¶
func (r *PermissionRepo) Seed(permissions []Permission) error
func (*PermissionRepo) Update ¶
func (s *PermissionRepo) Update(p *Permission) error
type PermissionType ¶
type PermissionType = string
const ( Quantity PermissionType = "quantity" Access PermissionType = "access" )
type Permissions ¶
type Permissions []Permission
Permissions is a collection of permission
func (Permissions) Has ¶
func (p Permissions) Has(name string) bool
Has returns true when a permission with a given key is found and it's value is greater than 0
type RedisLimiter ¶
type RedisLimiter struct {
// contains filtered or unexported fields
}
RedisLimiter is the implementation for Limiter using redis as cache
func NewRedisLimiter ¶
func NewRedisLimiter(cl *redis.Client) *RedisLimiter
NewRedisLimiter returns a Limiter implementation using redis as the underlying cache store
func (*RedisLimiter) Limit ¶
Limit is the implementation of Limiter interface. It returns ErrLimitReached when attempts have been exceeded.
func (*RedisLimiter) Reset ¶
func (l *RedisLimiter) Reset(key string) error
type RegistrationRequest ¶
type RegistrationResponse ¶
type RegistrationToken ¶
func (RegistrationToken) TableName ¶
func (RegistrationToken) TableName() string
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewService ¶
func (*Service) Permissions ¶
func (s *Service) Permissions() *PermissionRepo
func (*Service) Sessions ¶
func (s *Service) Sessions() *SessionRepo
type Session ¶
type Session struct { ID string `json:"id"` Counter int `json:"counter"` // the amount of times the session has been saved User *User `json:"user,omitempty"` Groups Groups `json:"groups,omitempty"` Permissions GroupPermissions `json:"permissions,omitempty"` ExpiresAt time.Time `json:"expires_at"` UserAgent string `json:"user_agent"` Message string `json:"message"` MessageType string `json:"message_type"` IP string `json:"ip"` // Source IP Address Meta map[string]any `json:"meta"` }
func NewSession ¶
func (*Session) ClearFlash ¶
func (s *Session) ClearFlash()
func (Session) IsAnonymous ¶
func (Session) IsAuthorized ¶
func (Session) MarshalBinary ¶
func (*Session) UnmarshalBinary ¶
type SessionRepo ¶
type SessionRepo struct {
// contains filtered or unexported fields
}
SessionRepo is a postgres backed session store
func NewSessionRepo ¶
func NewSessionRepo(db orm.DB) *SessionRepo
NewSessionRepo returns postgres backed session store
func (*SessionRepo) ByID ¶
func (s *SessionRepo) ByID(sessionID string) (*Session, error)
ByID returns a session by its id
func (*SessionRepo) ByUserID ¶
func (s *SessionRepo) ByUserID(uid int64) ([]Session, error)
ByUserID returns all sessions belonging to a user
func (*SessionRepo) RemoveByEmails ¶
func (s *SessionRepo) RemoveByEmails(emails []string) error
DeleteByUserID deletes all sessions for users in the email list
func (*SessionRepo) RemoveByID ¶
func (s *SessionRepo) RemoveByID(id string) error
Remove session by id
func (*SessionRepo) RemoveByUserID ¶
func (s *SessionRepo) RemoveByUserID(uid int64) error
RemoveByUserID deletes all sessions for a given user
func (*SessionRepo) RemoveExpired ¶
func (s *SessionRepo) RemoveExpired() error
RemoveExpired deletes all sessions which have expired
func (*SessionRepo) Save ¶
func (s *SessionRepo) Save(sess *Session) error
Save upserts session into database
type User ¶
type User struct { ID int64 Name string Email string Phone string Password string `json:"-"` ConfirmedAt *time.Time LastLogin *time.Time CreatedAt *time.Time }
func (*User) IsConfirmed ¶
func (*User) VerifyPassword ¶
type UserRepo ¶
type UserRepo struct {
// contains filtered or unexported fields
}
func NewUserRepo ¶
func (*UserRepo) ConfirmPasswordReset ¶
func (r *UserRepo) ConfirmPasswordReset(reset *PasswordReset) (*User, error)
ConfirmPasswordReset
func (*UserRepo) ConfirmRegistration ¶
ConfirmRegistration confirms a users account if a registration token is found matching tok
func (UserRepo) PasswordHash ¶
PasswordHash performs a bcrypt hash for the password based on PasswordHashCost
func (*UserRepo) Register ¶
func (r *UserRepo) Register(req *RegistrationRequest) (*RegistrationResponse, error)
func (*UserRepo) RenewRegistration ¶
func (r *UserRepo) RenewRegistration(uid int64) (*RegistrationToken, error)
RenewRegistration generates another registration token for the given user. Returns ErrTokenNotFound if a registration token was not available. To issue a renewal, a token must have already been generated
func (*UserRepo) RequestPasswordReset ¶
func (r *UserRepo) RequestPasswordReset(email string) (*PasswordResetToken, error)
func (UserRepo) SanitizeEmail ¶
func (*UserRepo) UpdateInfo ¶
UpdateInfo updates the users info, excluding the password