Documentation ¶
Overview ¶
Package auth includes the collection of authentication solutions
Index ¶
- Constants
- type APIKey
- type APIKeys
- type APIKeysGetter
- type AccessToken
- type AccessTokenOption
- type Account
- type AccountManager
- func (am AccountManager) As(providerType AuthProviderType) *AccountManager
- func (am *AccountManager) ChangeAllProvidersPassword(providers []AccountProvider, password string) error
- func (am *AccountManager) ChangePassword(id string, currentPassword string, newPassword string, isAdmin bool) error
- func (am *AccountManager) ChangeProviderPassword(uid string, newPassword string) error
- func (am *AccountManager) CreateAccountWithProvider(input *CreateAccountInput, extraFields map[string]any, ...) (*Account, error)
- func (am *AccountManager) CreateActivity(sessionVariables map[string]string, accountID string, ...) error
- func (am *AccountManager) CreateProvider(input AccountProvider) error
- func (am *AccountManager) CreateProviderAccount(input *CreateAccountInput) (*Account, error)
- func (am *AccountManager) DeleteUser(id string, softDelete bool) error
- func (am *AccountManager) DeleteUsers(where map[string]any, softDelete bool) (int, error)
- func (am *AccountManager) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
- func (am *AccountManager) FindAccountByEmail(id string) (*Account, error)
- func (am *AccountManager) FindAccountByID(id string) (*Account, error)
- func (am *AccountManager) FindAccountByProviderEmail(email string, accountBoolExp map[string]any) (*Account, error)
- func (am *AccountManager) FindAll(where map[string]interface{}) ([]Account, error)
- func (am *AccountManager) FindOne(where map[string]interface{}) (*Account, error)
- func (am *AccountManager) Generate2FaOTP(sessionVariables map[string]string, accountID string, phoneCode int, ...) OTPOutput
- func (am *AccountManager) GenerateOTP(sessionVariables map[string]string, input GenerateOTPInput) OTPOutput
- func (am *AccountManager) GetDefaultRole() string
- func (am AccountManager) GetProviderName() AuthProviderType
- func (am *AccountManager) InsertAccount(input map[string]interface{}) (string, error)
- func (am *AccountManager) PromoteAnonymousUser(accountID string, input *CreateAccountInput) (*Account, error)
- func (am *AccountManager) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
- func (am *AccountManager) SetCustomClaims(uid string, values map[string]interface{}) error
- func (am *AccountManager) SetDefaultRole(role string)
- func (am *AccountManager) SignInWithEmailAndPassword(email string, password string) (*Account, error)
- func (am *AccountManager) SignInWithPhoneAndPassword(phoneCode int, phoneNumber string, password string) (*Account, error)
- func (am *AccountManager) Verify2FaOTP(sessionVariables map[string]string, accountID string, otp string, ...) error
- func (am *AccountManager) VerifyOTP(sessionVariables map[string]string, input VerifyOTPInput) (*Account, error)
- func (am *AccountManager) VerifyPassword(providerUserID string, password string) error
- func (am *AccountManager) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
- func (am *AccountManager) VerifyToken(token string, accountBoolExp map[string]any, extraFields map[string]any) (*Account, map[string]interface{}, error)
- type AccountManagerConfig
- type AccountProvider
- type ActivityType
- type ApiKeyAuth
- type Auth2FAType
- type AuthOTPConfig
- type AuthProvider
- type AuthProviderType
- type AuthScope
- type BaseAccount
- type CreateAccountInput
- type CreateUserOutput
- type FirebaseAuth
- func (fa *FirebaseAuth) ChangePassword(uid string, newPassword string) error
- func (fa *FirebaseAuth) CreateUser(input *CreateAccountInput) (*Account, error)
- func (fa *FirebaseAuth) DeleteUser(uid string) error
- func (fa *FirebaseAuth) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
- func (fa FirebaseAuth) GetName() AuthProviderType
- func (fa *FirebaseAuth) GetOrCreateUserByPhone(input *CreateAccountInput) (*Account, error)
- func (fa *FirebaseAuth) GetUserByEmail(email string) (*Account, error)
- func (fa *FirebaseAuth) GetUserByID(id string) (*Account, error)
- func (fa *FirebaseAuth) PromoteAnonymousUser(uid string, input *CreateAccountInput) (*Account, error)
- func (fa *FirebaseAuth) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
- func (fa *FirebaseAuth) SetCustomClaims(uid string, input map[string]interface{}) error
- func (fa *FirebaseAuth) SignInWithEmailAndPassword(email string, password string) (*Account, error)
- func (fa *FirebaseAuth) SignInWithPhoneAndPassword(phoneCode int, phoneNumber string, password string) (*Account, error)
- func (fa *FirebaseAuth) UpdateUser(uid string, input UpdateAccountInput) (*Account, error)
- func (fa *FirebaseAuth) VerifyPassword(providerUserId string, password string) error
- func (fa *FirebaseAuth) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
- func (fa *FirebaseAuth) VerifyToken(token string) (*AccountProvider, map[string]interface{}, error)
- type GenerateOTPInput
- type GeoPoint
- type JWTAuth
- func (ja *JWTAuth) ChangePassword(uid string, newPassword string) error
- func (ja *JWTAuth) CreateUser(input *CreateAccountInput) (*Account, error)
- func (ja *JWTAuth) DeleteUser(uid string) error
- func (ja *JWTAuth) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
- func (ja JWTAuth) GetName() AuthProviderType
- func (ja *JWTAuth) GetOrCreateUserByPhone(input *CreateAccountInput) (*Account, error)
- func (ja *JWTAuth) GetUserByEmail(email string) (*Account, error)
- func (ja *JWTAuth) GetUserByID(id string) (*Account, error)
- func (ja *JWTAuth) PromoteAnonymousUser(providerID string, input *CreateAccountInput) (*Account, error)
- func (ja *JWTAuth) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
- func (ja *JWTAuth) SetCustomClaims(uid string, input map[string]interface{}) error
- func (ja *JWTAuth) SignInWithEmailAndPassword(email string, password string) (*Account, error)
- func (ja *JWTAuth) SignInWithPhoneAndPassword(phoneCode int, phoneNumber string, password string) (*Account, error)
- func (ja *JWTAuth) UpdateUser(uid string, input UpdateAccountInput) (*Account, error)
- func (ja *JWTAuth) VerifyPassword(providerUserId string, password string) error
- func (ja *JWTAuth) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
- func (ja *JWTAuth) VerifyToken(token string) (*AccountProvider, map[string]interface{}, error)
- type JWTAuthConfig
- type OTPOutput
- type UpdateAccountInput
- type VerifyOTPInput
Constants ¶
const ( AuthorizationHeader = "authorization" AuthBearer AuthProviderType = "Bearer" AuthJWT AuthProviderType = "jwt" AuthFirebase AuthProviderType = "firebase" ActivityLogin ActivityType = "L" ActivityLoginFailure ActivityType = "LF" ActivityLogout ActivityType = "LO" ActivityOTP ActivityType = "O" ActivityOTPFailure ActivityType = "OF" ActivityOTP2FA ActivityType = "O2" ActivityOTP2FASuccess ActivityType = "O2S" Auth2FASms Auth2FAType = "sms" HasuraClaims = "https://hasura.io/jwt/claims" XHasuraDefaultRole = "x-hasura-default-role" XHasuraAllowedRoles = "x-hasura-allowed-roles" XHasuraUserID = "x-hasura-user-id" XHasuraUserEmail = "x-hasura-user-email" XHasuraDisplayName = "x-hasura-display-name" XHasuraRequestIP = "x-hasura-request-ip" XHasuraLatitude = "x-hasura-latitude" XHasuraLongitude = "x-hasura-longitude" OTPTestCodeName = "test_code" )
const ( ErrCodeUnsupported = "unsupported" ErrCodeTokenExpired = "token_expired" ErrCodeJWTInvalidIssuer = "jwt_invalid_issuer" ErrCodeTokenMismatched = "token_mismatched" ErrCodeTokenAudienceMismatched = "token_audience_mismatched" ErrCodeRefreshTokenAudienceMismatched = "refresh_token_audience_mismatched" ErrCodePasswordRequired = "required_password" ErrCodeCurrentPasswordRequired = "required_current_password" ErrCodeNewPasswordRequired = "required_new_password" ErrCodeNewPasswordEqualCurrentPassword = "new_pw_equal_current_pw" ErrCodeEmailRequired = "required_email" ErrCodePhoneRequired = "required_phone" ErrCodePhoneNotRegistered = "phone_not_registered" ErrCodeInvalidPhone = "invalid_phone" ErrCodePasswordNotMatch = "password_not_match" ErrCodeCurrentPasswordNotMatch = "current_password_not_match" ErrCodeAccountNotFound = "account_not_found" ErrCodeAccountNotAnonymous = "account_not_anonymous" ErrCodeAccountTemporarilyLocked = "account_temporarily_locked" ErrCodeAccountDisabled = "account_disabled" ErrCodeAccountExisted = "account_existed" ErrCodeAccountNoProvider = "account_no_provider" ErrCodeAccountInsertZero = "account_insert_zero" ErrCodeAccountProviderInsertZero = "account_provider_insert_zero" ErrCodeAPIKeyInvalidIP = "api_key_invalid_ip" ErrCodeAPIKeyInvalidFQDN = "api_key_invalid_fqdn" ErrCodeAPIKeyExpired = "api_key_expired" ErrCodeAPIKeyRequired = "api_key_required" ErrCodeAPIKeyNotFound = "api_key_not_found" ErrCodeUpdateProviderNonExistentAccount = "update_provider_nonexistent_account" ErrCodeUpdatePasswordNonExistentAccount = "update_password_nonexistent_account" ErrCodeOTPAlreadySent = "otp_already_sent" ErrCodeInvalidOTP = "invalid_otp" ErrCodeInvalidAuthProvider = "invalid_auth_provider" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIKey ¶
type APIKey struct { ID string `graphql:"id" json:"id"` Type string `graphql:"type" json:"type"` AllowedFQDN []string `graphql:"allowed_fqdn" json:"allowed_fqdn"` AllowedIPs []string `graphql:"allowed_ips" json:"allowed_ips"` ExpiredAt time.Time `graphql:"expired_at" json:"expired_at"` HasuraRoles []string `graphql:"hasura_roles" json:"hasura_roles"` PermissionID string `graphql:"permission_id" json:"permission_id"` }
APIKey represents an API key model
type APIKeysGetter ¶
type APIKeysGetter interface {
Get() []APIKey
}
APIKeyGetter abstracts an API key model with getter
type AccessToken ¶
type AccessTokenOption ¶
type AccessTokenOption interface { Type() string Value() interface{} }
AccessTokenOption the extensible interface for token encoding
func NewTokenClaims ¶
func NewTokenClaims(claims map[string]interface{}) AccessTokenOption
NewTokenClaims create the access token option for custom claims
type Account ¶
type Account struct { BaseAccount Password string `json:"password,omitempty" graphql:"password"` AccountProviders []AccountProvider `json:"account_providers" graphql:"account_providers"` }
type AccountManager ¶
type AccountManager struct {
// contains filtered or unexported fields
}
AccountManager account business method
func NewAccountManager ¶
func NewAccountManager(config AccountManagerConfig) (*AccountManager, error)
NewAccountManager create new AccountManager instance
func (AccountManager) As ¶
func (am AccountManager) As(providerType AuthProviderType) *AccountManager
As create new account manager with target provider
func (*AccountManager) ChangeAllProvidersPassword ¶
func (am *AccountManager) ChangeAllProvidersPassword(providers []AccountProvider, password string) error
ChangeAllProvidersPassword change all providers's password of current user
func (*AccountManager) ChangePassword ¶
func (am *AccountManager) ChangePassword(id string, currentPassword string, newPassword string, isAdmin bool) error
ChangePassword change all providers's password of current user
func (*AccountManager) ChangeProviderPassword ¶
func (am *AccountManager) ChangeProviderPassword(uid string, newPassword string) error
ChangeProviderPassword change account password with provider
func (*AccountManager) CreateAccountWithProvider ¶
func (am *AccountManager) CreateAccountWithProvider(input *CreateAccountInput, extraFields map[string]any, extraFilters map[string]any) (*Account, error)
CreateAccountWithProvider get or create account with provider
func (*AccountManager) CreateActivity ¶
func (am *AccountManager) CreateActivity(sessionVariables map[string]string, accountID string, activityType ActivityType, metadata map[string]interface{}) error
CreateActivity insert an user activity record into the database
func (*AccountManager) CreateProvider ¶
func (am *AccountManager) CreateProvider(input AccountProvider) error
CreateProvider insert account provider to the database
func (*AccountManager) CreateProviderAccount ¶
func (am *AccountManager) CreateProviderAccount(input *CreateAccountInput) (*Account, error)
CreateProviderAccount create account with provider
func (*AccountManager) DeleteUser ¶
func (am *AccountManager) DeleteUser(id string, softDelete bool) error
DeleteUser delete user by id
func (*AccountManager) DeleteUsers ¶
DeleteUsers delete accounts from database if softDelete mode is enabled, disable the account and remove auth providers
func (*AccountManager) EncodeToken ¶
func (am *AccountManager) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
func (*AccountManager) FindAccountByEmail ¶
func (am *AccountManager) FindAccountByEmail(id string) (*Account, error)
FindAccountByEmail find account by id
func (*AccountManager) FindAccountByID ¶
func (am *AccountManager) FindAccountByID(id string) (*Account, error)
FindAccountByID find account by id
func (*AccountManager) FindAccountByProviderEmail ¶
func (am *AccountManager) FindAccountByProviderEmail(email string, accountBoolExp map[string]any) (*Account, error)
FindAccountByProviderEmail find account by email
func (*AccountManager) FindAll ¶
func (am *AccountManager) FindAll(where map[string]interface{}) ([]Account, error)
func (*AccountManager) FindOne ¶
func (am *AccountManager) FindOne(where map[string]interface{}) (*Account, error)
func (*AccountManager) Generate2FaOTP ¶
func (am *AccountManager) Generate2FaOTP(sessionVariables map[string]string, accountID string, phoneCode int, phoneNumber string) OTPOutput
Generate2FaOTP generate 2FA OTP to the logon user
func (*AccountManager) GenerateOTP ¶
func (am *AccountManager) GenerateOTP(sessionVariables map[string]string, input GenerateOTPInput) OTPOutput
GenerateOTP check if the account exists and generate the authentication otp
func (*AccountManager) GetDefaultRole ¶
func (am *AccountManager) GetDefaultRole() string
GetDefaultRole get default role
func (AccountManager) GetProviderName ¶
func (am AccountManager) GetProviderName() AuthProviderType
GetProviderName get provider name
func (*AccountManager) InsertAccount ¶
func (am *AccountManager) InsertAccount(input map[string]interface{}) (string, error)
func (*AccountManager) PromoteAnonymousUser ¶
func (am *AccountManager) PromoteAnonymousUser(accountID string, input *CreateAccountInput) (*Account, error)
PromoteAnonymousUser promotes the current anonymous user to the default user role
func (*AccountManager) RefreshToken ¶
func (am *AccountManager) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
func (*AccountManager) SetCustomClaims ¶
func (am *AccountManager) SetCustomClaims(uid string, values map[string]interface{}) error
SetCustomClaims set custom claims for JWT token
func (*AccountManager) SetDefaultRole ¶
func (am *AccountManager) SetDefaultRole(role string)
SetDefaultRole set default role
func (*AccountManager) SignInWithEmailAndPassword ¶
func (am *AccountManager) SignInWithEmailAndPassword(email string, password string) (*Account, error)
func (*AccountManager) SignInWithPhoneAndPassword ¶
func (*AccountManager) Verify2FaOTP ¶
func (am *AccountManager) Verify2FaOTP(sessionVariables map[string]string, accountID string, otp string, type2FA Auth2FAType) error
Verify2FaOTP verify 2FA OTP to the current user
func (*AccountManager) VerifyOTP ¶
func (am *AccountManager) VerifyOTP(sessionVariables map[string]string, input VerifyOTPInput) (*Account, error)
VerifyOTP verify if the otp code matches the current account
func (*AccountManager) VerifyPassword ¶
func (am *AccountManager) VerifyPassword(providerUserID string, password string) error
func (*AccountManager) VerifyRefreshToken ¶
func (am *AccountManager) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
type AccountManagerConfig ¶
type AccountManagerConfig struct { FirebaseApp *firebase.App `ignored:"true"` GQLClient *gql.Client `ignored:"true"` JWT *JWTAuthConfig OTP AuthOTPConfig CreateFromToken bool `envconfig:"AUTH_CREATE_FROM_TOKEN" default:"false"` Enabled2FA bool `envconfig:"AUTH_2FA_ENABLED"` DefaultProvider AuthProviderType `envconfig:"DEFAULT_AUTH_PROVIDER" required:"true"` DefaultRole string `envconfig:"DEFAULT_ROLE" required:"true"` DefaultRoleAnonymous string `envconfig:"DEFAULT_ROLE_ANONYMOUS" default:"anonymous"` AutoLinkProvider bool `envconfig:"AUTH_AUTO_LINK_PROVIDER" default:"false"` Logger *zerolog.Logger `ignored:"true"` }
AccountManagerConfig config options for AccountManager
type AccountProvider ¶
type AccountProvider struct { AccountID *string `json:"account_id,omitempty" graphql:"account_id"` Name string `json:"provider_name" graphql:"provider_name"` ProviderUserID string `json:"provider_user_id" graphql:"provider_user_id"` Metadata map[string]any `json:"metadata" graphql:"metadata" scalar:"true"` }
type ActivityType ¶
type ActivityType string
type ApiKeyAuth ¶
type ApiKeyAuth struct {
// contains filtered or unexported fields
}
ApiKeyAuth represents the api key authentication service
func NewAPIKeyAuth ¶
func NewAPIKeyAuth(client *gql.Client) *ApiKeyAuth
NewAPIKeyAuth create new APIKeyAuth instance
func (*ApiKeyAuth) VerifyCustomKey ¶
func (ak *ApiKeyAuth) VerifyCustomKey(input APIKeysGetter, apiKey string, headers http.Header) (*APIKey, error)
VerifyCustomKey verifies a custom API key model
type Auth2FAType ¶
type Auth2FAType string
type AuthOTPConfig ¶
type AuthOTPConfig struct { Enabled bool `envconfig:"AUTH_OTP_ENABLED"` OTPLength uint `envconfig:"AUTH_OTP_LENGTH" default:"6"` LoginLimit uint `envconfig:"AUTH_OTP_LOGIN_LIMIT" default:"3"` LoginDisableLimit uint `envconfig:"AUTH_OTP_DISABLE_LIMIT" default:"9"` LoginLockDuration time.Duration `envconfig:"AUTH_OTP_LOCK_DURATION" default:"10m"` TTL time.Duration `envconfig:"AUTH_OTP_TTL" default:"60s"` DevMode bool `envconfig:"AUTH_OTP_DEV" default:"false"` DevOTPCode string `envconfig:"AUTH_OTP_DEV_CODE" default:"123456"` }
AuthOTPConfig contains authentication configurations from sms otp
type AuthProvider ¶
type AuthProvider interface { GetName() AuthProviderType CreateUser(*CreateAccountInput) (*Account, error) PromoteAnonymousUser(string, *CreateAccountInput) (*Account, error) GetOrCreateUserByPhone(*CreateAccountInput) (*Account, error) UpdateUser(string, UpdateAccountInput) (*Account, error) DeleteUser(id string) error GetUserByID(id string) (*Account, error) GetUserByEmail(email string) (*Account, error) SetCustomClaims(uid string, input map[string]interface{}) error EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error) VerifyToken(token string) (*AccountProvider, map[string]interface{}, error) VerifyRefreshToken(refreshToken string) (*AccountProvider, error) VerifyPassword(uid string, password string) error ChangePassword(uid string, newPassword string) error SignInWithEmailAndPassword(email string, password string) (*Account, error) SignInWithPhoneAndPassword(phoneCode int, phoneNumber string, password string) (*Account, error) }
type AuthProviderType ¶
type AuthProviderType string
func GetAuthProviderTypes ¶
func GetAuthProviderTypes() []AuthProviderType
func (AuthProviderType) IsValid ¶
func (apt AuthProviderType) IsValid() bool
type AuthScope ¶
type AuthScope string
AuthScope represents the OAuth Scopes specification https://oauth.net/2/scope/
const ( // openid scope is used to get an ID Token ScopeOpenID AuthScope = "openid" // offline_access is used to get a Refresh Token. ScopeOfflineAccess AuthScope = "offline_access" // email scope is used to add the email info into the ID token ScopeEmail AuthScope = "email" // profile scope is used to add the profile info into the ID token ScopeProfile AuthScope = "profile" )
type BaseAccount ¶
type BaseAccount struct { ID string `json:"id" graphql:"id"` Email string `json:"email" graphql:"email"` PhoneCode int `json:"phone_code" graphql:"phone_code"` PhoneNumber string `json:"phone_number" graphql:"phone_number"` DisplayName string `json:"display_name" graphql:"display_name"` Role string `json:"role" graphql:"role"` Verified bool `json:"verified" graphql:"verified"` EmailEnabled bool `json:"email_enabled" graphql:"email_enabled"` PhoneEnabled bool `json:"phone_enabled" graphql:"phone_enabled"` Disabled bool `json:"disabled" graphql:"disabled"` }
type CreateAccountInput ¶
type CreateAccountInput struct { ID *string `json:"id,omitempty"` DisplayName *string `json:"display_name,omitempty"` Email *string `json:"email,omitempty"` PhoneCode *int `json:"phone_code,omitempty"` PhoneNumber *string `json:"phone_number,omitempty"` Role *string `json:"role,omitempty"` Password *string `json:"password,omitempty"` Verified *bool `json:"verified,omitempty"` AuthProviderType *AuthProviderType `json:"auth_provider_type,omitempty"` EmailEnabled *bool `json:"email_enabled,omitempty"` PhoneEnabled *bool `json:"phone_enabled,omitempty"` }
CreateAccountInput represents the account insert input
func (CreateAccountInput) ToBaseAccount ¶
func (cai CreateAccountInput) ToBaseAccount() BaseAccount
ToBaseAccount converts to BaseAccount struct
type CreateUserOutput ¶
type CreateUserOutput struct {
ID string `json:"id"`
}
type FirebaseAuth ¶
FirebaseAuth implements the AuthProvider interface for Firebase authentication
func NewFirebaseAuth ¶
func NewFirebaseAuth(app *firebase.App) *FirebaseAuth
NewFirebaseAuth creates a FirebaseAuth instance
func (*FirebaseAuth) ChangePassword ¶
func (fa *FirebaseAuth) ChangePassword(uid string, newPassword string) error
ChangePassword change the password of user
func (*FirebaseAuth) CreateUser ¶
func (fa *FirebaseAuth) CreateUser(input *CreateAccountInput) (*Account, error)
func (*FirebaseAuth) DeleteUser ¶
func (fa *FirebaseAuth) DeleteUser(uid string) error
func (*FirebaseAuth) EncodeToken ¶
func (fa *FirebaseAuth) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
EncodeToken encodes the custom ID Token from Firebase Auth
func (FirebaseAuth) GetName ¶
func (fa FirebaseAuth) GetName() AuthProviderType
GetName gets the authentication provider type enum
func (*FirebaseAuth) GetOrCreateUserByPhone ¶
func (fa *FirebaseAuth) GetOrCreateUserByPhone(input *CreateAccountInput) (*Account, error)
GetOrCreateUserByPhone get or create user by phone number
func (*FirebaseAuth) GetUserByEmail ¶
func (fa *FirebaseAuth) GetUserByEmail(email string) (*Account, error)
func (*FirebaseAuth) GetUserByID ¶
func (fa *FirebaseAuth) GetUserByID(id string) (*Account, error)
func (*FirebaseAuth) PromoteAnonymousUser ¶
func (fa *FirebaseAuth) PromoteAnonymousUser(uid string, input *CreateAccountInput) (*Account, error)
PromoteAnonymousUser promotes the current anonymous user to the default user role
func (*FirebaseAuth) RefreshToken ¶
func (fa *FirebaseAuth) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
RefreshToken verifies and refreshes user token. Firebase Auth doesn't support this
func (*FirebaseAuth) SetCustomClaims ¶
func (fa *FirebaseAuth) SetCustomClaims(uid string, input map[string]interface{}) error
func (*FirebaseAuth) SignInWithEmailAndPassword ¶
func (fa *FirebaseAuth) SignInWithEmailAndPassword(email string, password string) (*Account, error)
func (*FirebaseAuth) SignInWithPhoneAndPassword ¶
func (*FirebaseAuth) UpdateUser ¶
func (fa *FirebaseAuth) UpdateUser(uid string, input UpdateAccountInput) (*Account, error)
func (*FirebaseAuth) VerifyPassword ¶
func (fa *FirebaseAuth) VerifyPassword(providerUserId string, password string) error
func (*FirebaseAuth) VerifyRefreshToken ¶
func (fa *FirebaseAuth) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
VerifyRefreshToken decode, verify signature and checksum of the refresh token Firebase Auth doesn't support this
func (*FirebaseAuth) VerifyToken ¶
func (fa *FirebaseAuth) VerifyToken(token string) (*AccountProvider, map[string]interface{}, error)
VerifyToken verifies the id token
type GenerateOTPInput ¶
type GenerateOTPInput struct { PhoneCode int PhoneNumber string ExtraConditions map[string]any ExtraInputs map[string]any }
GenerateOTPInput represents the otp generation input
type JWTAuth ¶
type JWTAuth struct {
// contains filtered or unexported fields
}
JWTAuth implements the AuthProvider interface for JWT authentication
func NewJWTAuth ¶
func NewJWTAuth(client *gql.Client, config JWTAuthConfig) *JWTAuth
NewJWTAuth creates a new JWTAuth instance
func (*JWTAuth) ChangePassword ¶
func (*JWTAuth) CreateUser ¶
func (ja *JWTAuth) CreateUser(input *CreateAccountInput) (*Account, error)
func (*JWTAuth) DeleteUser ¶
func (*JWTAuth) EncodeToken ¶
func (ja *JWTAuth) EncodeToken(cred *AccountProvider, scopes []AuthScope, options ...AccessTokenOption) (*AccessToken, error)
func (JWTAuth) GetName ¶
func (ja JWTAuth) GetName() AuthProviderType
func (*JWTAuth) GetOrCreateUserByPhone ¶
func (ja *JWTAuth) GetOrCreateUserByPhone(input *CreateAccountInput) (*Account, error)
func (*JWTAuth) PromoteAnonymousUser ¶
func (ja *JWTAuth) PromoteAnonymousUser(providerID string, input *CreateAccountInput) (*Account, error)
PromoteAnonymousUser promotes the current anonymous user to the default user role
func (*JWTAuth) RefreshToken ¶
func (ja *JWTAuth) RefreshToken(refreshToken string, options ...AccessTokenOption) (*AccessToken, error)
RefreshToken verify and generate new tokens
func (*JWTAuth) SetCustomClaims ¶
func (*JWTAuth) SignInWithEmailAndPassword ¶
func (*JWTAuth) SignInWithPhoneAndPassword ¶
func (*JWTAuth) UpdateUser ¶
func (ja *JWTAuth) UpdateUser(uid string, input UpdateAccountInput) (*Account, error)
func (*JWTAuth) VerifyPassword ¶
func (*JWTAuth) VerifyRefreshToken ¶
func (ja *JWTAuth) VerifyRefreshToken(refreshToken string) (*AccountProvider, error)
VerifyRefreshToken decode, verify signature and checksum of the refresh token
func (*JWTAuth) VerifyToken ¶
func (ja *JWTAuth) VerifyToken(token string) (*AccountProvider, map[string]interface{}, error)
VerifyToken decodes and verifies the JWT token
type JWTAuthConfig ¶
type JWTAuthConfig struct { Cost int `envconfig:"JWT_HASH_COST" default:"10"` SessionKey string `envconfig:"SESSION_KEY"` TTL time.Duration `envconfig:"SESSION_TTL" default:"1h"` RefreshTTL time.Duration `envconfig:"SESSION_REFRESH_TTL" default:"0ms"` Issuer string `envconfig:"JWT_ISSUER"` Algorithm string `envconfig:"JWT_ALGORITHM" default:"HS256"` HasChecksum bool `envconfig:"JWT_CHECKSUM" default:"false"` ChecksumLength int `envconfig:"JWT_CHECKSUM_LENGTH" default:"8"` LoginLimit uint `envconfig:"JWT_LOGIN_LIMIT" default:"5"` LoginLockLimit uint `envconfig:"JWT_DISABLE_LIMIT" default:"15"` LoginLockDuration time.Duration `envconfig:"JWT_LOCK_DURATION" default:"10m"` }
func (JWTAuthConfig) Validate ¶
func (jac JWTAuthConfig) Validate() error
type OTPOutput ¶
type OTPOutput struct { Error string LockedDuration uint Code string Expiry time.Time AccountID string }
OTPOutput represents the otp response
type UpdateAccountInput ¶
type UpdateAccountInput struct { DisplayName *string `json:"display_name,omitempty"` Email *string `json:"email,omitempty"` PhoneCode *int `json:"phone_code,omitempty"` PhoneNumber *string `json:"phone_number,omitempty"` Password *string `json:"password,omitempty"` Verified *bool `json:"verified,omitempty"` EmailEnabled *bool `json:"email_enabled,omitempty"` PhoneEnabled *bool `json:"phone_enabled,omitempty"` Role *string `json:"role,omitempty"` Disabled *bool `json:"disabled,omitempty"` }
UpdateAccountInput represents the update account input
func (UpdateAccountInput) GetGraphQLType ¶
func (uai UpdateAccountInput) GetGraphQLType() string
GetGraphQLType returns the graphql schema type
func (UpdateAccountInput) ToBaseAccount ¶
func (uai UpdateAccountInput) ToBaseAccount() BaseAccount
ToBaseAccount converts to BaseAccount struct