auth/

directory
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2026 License: MIT

README

lib/auth

Namespace de packages utility pour l'authentification. Aucun code Go au root — uniquement des sous-packages purs et des artefacts SQL partagés.

Principe : lib/auth/* ne touche jamais à la DB. Les tests sont des unit-tests, pas d'intégration. La composition (handlers HTTP, persistance, orchestration des flows) vit dans internal/auth/ côté app.

Packages

Package Rôle Tests
passwords bcrypt Hash/Verify, NormalizeEmail, CheckStrength (HIBP) unit (httptest pour HIBP)
sessions tokens random + hash, cookies, host/proto detection, RequestBaseURL unit
magiclinks TTL + Purpose constants pour verify-email & reset-password unit
schema/ artefacts SQL (queries + migrations), pas de Go n/a

Composition côté app

// internal/auth/login.go (composé par chaque app)
import (
    "github.com/AltSoyuz/lib/auth/passwords"
    "github.com/AltSoyuz/lib/auth/sessions"
)

func loginHandler(s *Store) http.HandlerFunc {
    return func(w http.ResponseWriter, r *http.Request) {
        email, _ := passwords.NormalizeEmail(in.Email)
        cred, _ := s.Queries.GetPasswordCredentialByUserID(ctx, user.ID)
        if passwords.Verify(cred.PassHash, pw) != nil { /* 401 */ }
        token, hash, _ := sessions.NewToken()
        // ... store hash, set cookie
        sessions.SetCookie(w, r, token, time.Now().Add(sessions.TTL))
    }
}

SQL partagé (schema/)

Les fichiers SQL ne sont pas embarqués via //go:embed côté lib — ce sont des templates que chaque app copie dans son dossier de migrations + queries propre.

# bootstrap d'une nouvelle app
cp $(go env GOMODCACHE)/github.com/!alt!soyuz/homeapp@<version>/lib/auth/schema/migrations/*.sql \
   ./internal/store/migrations/
cp $(go env GOMODCACHE)/github.com/!alt!soyuz/homeapp@<version>/lib/auth/schema/queries/auth.sql \
   ./internal/auth/queries/

sqlc target côté app :

- engine: "sqlite"
  queries: "lib/auth/schema/queries"
  schema: "lib/auth/schema/migrations"
  gen: { go: { package: "dal", out: "internal/auth/dal" } }

Règles

  • ❌ Pas de DB, pas de SQLite, pas d'intégration dans lib/auth/*
  • ❌ Pas de couplage entre passwords, sessions, magiclinks — chaque package est indépendant
  • ❌ Pas d'//go:embed sur schema/ côté lib
  • ✅ Toute logique pure (crypto, parsing, normalisation, math) → ici
  • ✅ Composition (HTTP, DB, transactions, flows) → internal/auth/ côté app

Directories

Path Synopsis
Package magiclinks holds shared semantics for one-shot email tokens used by the verify-email and password-reset flows: TTL defaults and stable purpose strings used as DB enums.
 Package magiclinks holds shared semantics for one-shot email tokens used by the verify-email and password-reset flows: TTL defaults and stable purpose strings used as DB enums.
Package passwords provides bcrypt password hashing, email normalization, and breach-check via the HaveIBeenPwned k-anonymity API.
 Package passwords provides bcrypt password hashing, email normalization, and breach-check via the HaveIBeenPwned k-anonymity API.
Package sessions provides session token generation, cookie helpers, and request URL/host detection.
 Package sessions provides session token generation, cookie helpers, and request URL/host detection.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.