Documentation ¶
Index ¶
- Constants
- Variables
- func GetUserID(ctx context.Context) uuid.UUID
- func IsAuthError(err error) bool
- func NewError(format string, args ...any) error
- func SetClaims(ctx context.Context, claims Claims) context.Context
- func SetUserID(ctx context.Context, userID uuid.UUID) context.Context
- type Auth
- type Claims
- type Config
- type Error
- type KeyLookup
- type Mock
- type Usecase
- type User
Constants ¶
View Source
const ( RuleAuthenticate = "auth" RuleAny = "ruleAny" RuleAdminOnly = "ruleAdminOnly" RuleUserOnly = "ruleUserOnly" RuleAdminOrSubject = "ruleAdminOrSubject" )
Variables ¶
View Source
var ErrForbidden = errors.New("action is not allowed")
ErrForbidden is returned when auth issue is identified.
Functions ¶
func IsAuthError ¶
Types ¶
type Claims ¶
type KeyLookup ¶
type KeyLookup interface { PrivateKeyPEM(kid string) (pem string, err error) PublicKeyPEM(kid string) (pem string, err error) }
KeyLookup declares a method set of behavior for looking up private and public keys for JWT use.
type Usecase ¶
type Usecase struct {
// contains filtered or unexported fields
}
Auth is used to authenticate clients. It can generate a token for a set of user claims and recreate the claims by parsing the token.
func (*Usecase) Authenticate ¶
Authenticate process the token to validate the sender's token is valid.
func (*Usecase) Authorize ¶
func (a *Usecase) Authorize(ctx context.Context, claims Claims, userID uuid.UUID, rule string) error
Authorize attempts to authorize the user with the provided roles, if none of the input roles are within the user's claims, we return an error otherwise the user is authorized.
Click to show internal directories.
Click to hide internal directories.