auth

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 4, 2025 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetProviderUserEmail 

func GetProviderUserEmail(oauthUser *account.OAuthUser) string

GetProviderUserEmail retrieves the email from a provider user profile

func GetProviderUserName 

func GetProviderUserName(oauthUser *account.OAuthUser) string

GetProviderUserName retrieves the name from a provider user profile

func GetProviderUserPicture 

func GetProviderUserPicture(oauthUser *account.OAuthUser) *string

GetProviderUserPicture retrieves the picture URL from a provider user profile

func IsOriginTrusted 

func IsOriginTrusted(origin string, staticOrigins []string, dynamicOrigins func(*http.Request) []string, r *http.Request) bool

IsOriginTrusted checks if the given origin is trusted. It supports static origins, dynamic origins via callback, and wildcard patterns. Returns true if the origin is trusted, false otherwise.

func MergeProviderProfiles 

func MergeProviderProfiles(profiles ...*account.OAuthUser) *account.OAuthUser

MergeProviderProfiles merges multiple provider profiles, preferring non-empty fields Providers are processed in order, later providers override earlier ones only for empty fields

func NormalizeOrigin 

func NormalizeOrigin(origin string) (string, error)

NormalizeOrigin normalizes an origin URL for comparison. It ensures consistent formatting by parsing and reconstructing the URL.

Types

type ChangeEmailRequest 

type ChangeEmailRequest struct {
	UserID      string `json:"user_id" validate:"required"`
	NewEmail    string `json:"new_email" validate:"required,email"`
	CallbackURL string `json:"callback_url"`
}

ChangeEmailRequest contains the request data for requesting an email change

type ChangeEmailResponse 

type ChangeEmailResponse struct {
	Status  bool   `json:"status"`
	Message string `json:"message"`
}

ChangeEmailResponse contains the response data for requesting an email change

type CustomPasswordHasher 

type CustomPasswordHasher struct {
	// contains filtered or unexported fields
}

CustomPasswordHasher implements PasswordHasher using custom functions from config

func (*CustomPasswordHasher) Hash 

func (h *CustomPasswordHasher) Hash(password string) (string, error)

func (*CustomPasswordHasher) Verify 

func (h *CustomPasswordHasher) Verify(password, hash string) (bool, error)

type DefaultPasswordHasher 

type DefaultPasswordHasher struct{}

DefaultPasswordHasher implements PasswordHasher using the default crypto functions

func (*DefaultPasswordHasher) Hash 

func (h *DefaultPasswordHasher) Hash(password string) (string, error)

func (*DefaultPasswordHasher) Verify 

func (h *DefaultPasswordHasher) Verify(password, hash string) (bool, error)

type DeleteUserRequest 

type DeleteUserRequest struct {
	UserID string
}

DeleteUserRequest contains the request data for deleting a user

type DeleteUserResponse 

type DeleteUserResponse struct {
	Success bool
}

DeleteUserResponse contains the response data for deleting a user

type GetMeRequest 

type GetMeRequest struct {
	UserID string
}

GetMeRequest contains the request data for getting user information

type GetMeResponse 

type GetMeResponse struct {
	User *user.User
}

GetMeResponse contains the response data for getting user information

type LinkOAuthAccountRequest 

type LinkOAuthAccountRequest struct {
	UserID       string
	ProviderID   account.ProviderType
	AccountID    string
	AccessToken  string
	RefreshToken *string
	IDToken      *string
	Scope        *string
}

LinkOAuthAccountRequest represents a request to link an OAuth account to a user

type LinkOAuthAccountResponse 

type LinkOAuthAccountResponse struct {
	Account *account.Account `json:"account"`
}

LinkOAuthAccountResponse represents the response from linking an OAuth account

type OAuthSignInRequest 

type OAuthSignInRequest struct {
	ProviderID  account.ProviderType `validate:"required"`
	OAuthUser   *account.OAuthUser   `validate:"required"`
	OAuthTokens *account.OAuthTokens `validate:"required"`
}

OAuthSignInRequest represents a request to sign in via OAuth

type OAuthSignInResponse 

type OAuthSignInResponse struct {
	User      *user.User       `json:"user"`
	Session   *session.Session `json:"session"`
	Account   *account.Account `json:"account"`
	IsNewUser bool             `json:"is_new_user"`
}

OAuthSignInResponse represents the response from OAuth sign in

type PasswordHasher 

type PasswordHasher interface {
	Hash(password string) (string, error)
	Verify(password, hash string) (bool, error)
}

PasswordHasher provides password hashing and verification functionality

type PasswordLengthRequirementOptions 

type PasswordLengthRequirementOptions struct {
	MinLength int
	MaxLength int
}

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	SessionToken string
	IPAddress    string
	UserAgent    string
}

RefreshTokenRequest contains the request data for refreshing a session token

func (*RefreshTokenRequest) Validate 

func (req *RefreshTokenRequest) Validate() error

Validate validates the refresh token request

type RefreshTokenResponse 

type RefreshTokenResponse struct {
	Session *session.Session
}

RefreshTokenResponse contains the response data for refreshing a session token

type RequestPasswordResetRequest 

type RequestPasswordResetRequest struct {
	Email       string
	CallbackURL string
}

RequestPasswordResetRequest contains the request data for requesting a password reset

type RequestPasswordResetResponse 

type RequestPasswordResetResponse struct {
	Verification *verification.Verification
}

RequestPasswordResetResponse contains the response data for requesting a password reset

type ResetPasswordRequest 

type ResetPasswordRequest struct {
	Token       string
	NewPassword string
}

ResetPasswordRequest contains the request data for resetting a password

func (*ResetPasswordRequest) Validate 

func (req *ResetPasswordRequest) Validate() error

Validate validates the reset password request

type ResetPasswordResponse 

type ResetPasswordResponse struct {
	Message string `json:"message"`
}

ResetPasswordResponse contains the response data for resetting a password

type SendEmailVerificationRequest 

type SendEmailVerificationRequest struct {
	Email       string `json:"email"`
	CallbackURL string `json:"callback_url,omitempty"`
}

SendEmailVerificationRequest contains the request data for sending an email verification

type SendEmailVerificationResponse 

type SendEmailVerificationResponse struct {
	Status bool `json:"status"`
}

SendEmailVerificationResponse contains the response data for sending email verification

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service provides authentication use cases

func NewService 

func NewService(
	config *domain.Config,
	userRepo user.Repository,
	sessionRepo session.Repository,
	accountRepo account.Repository,
	verificationRepo verification.Repository,
) *Service

NewService creates a new authentication service

func (*Service) ChangeEmail 

func (s *Service) ChangeEmail(ctx context.Context, req *ChangeEmailRequest) (*ChangeEmailResponse, error)

ChangeEmail is the use case for requesting an email change It generates a verification token that must be confirmed before the email is changed

func (*Service) DeleteUser 

func (s *Service) DeleteUser(req *DeleteUserRequest) (*DeleteUserResponse, error)

DeleteUser is the use case for deleting a user and all related data

func (*Service) GetConfig 

func (s *Service) GetConfig() *domain.Config

GetConfig returns the configuration

func (*Service) GetLinkedAccounts 

func (s *Service) GetLinkedAccounts(ctx context.Context, userID string) ([]*account.Account, error)

GetLinkedAccounts returns all OAuth accounts linked to a user

func (*Service) GetMe 

func (s *Service) GetMe(req *GetMeRequest) (*GetMeResponse, error)

GetMe is the use case for retrieving a user's information

func (*Service) HasLinkedAccount 

func (s *Service) HasLinkedAccount(ctx context.Context, userID string, providerID account.ProviderType) (bool, error)

HasLinkedAccount checks if a user has an account linked with a specific provider

func (*Service) LinkOAuthAccount 

func (s *Service) LinkOAuthAccount(ctx context.Context, req *LinkOAuthAccountRequest) (*LinkOAuthAccountResponse, error)

LinkOAuthAccount links an OAuth account to a user

func (*Service) OAuthSignIn 

func (s *Service) OAuthSignIn(ctx context.Context, req *OAuthSignInRequest) (*OAuthSignInResponse, error)

OAuthSignIn handles OAuth signin/signup flow It will: 1. Look up existing user by email from OAuth provider 2. If user exists, link the OAuth account if not already linked 3. If user doesn't exist, create a new user and link the OAuth account 4. Create a new session for the user 5. Sync user profile data from OAuth provider

func (*Service) RefreshToken 

func (s *Service) RefreshToken(req *RefreshTokenRequest) (*RefreshTokenResponse, error)

RefreshToken is the use case for refreshing a user's session token

func (*Service) RequestPasswordReset 

func (s *Service) RequestPasswordReset(ctx context.Context, req *RequestPasswordResetRequest) (*RequestPasswordResetResponse, error)

RequestPasswordReset is the use case for requesting a password reset

func (*Service) ResetPassword 

func (s *Service) ResetPassword(req *ResetPasswordRequest) (*ResetPasswordResponse, error)

ResetPassword is the use case for resetting a user's password

func (*Service) SendEmailVerification 

func (s *Service) SendEmailVerification(ctx context.Context, req *SendEmailVerificationRequest) (*SendEmailVerificationResponse, error)

SendEmailVerification is the use case for sending an email verification

func (*Service) SetBruteForceService 

func (s *Service) SetBruteForceService(service *security_protection.BruteForceService)

SetBruteForceService sets the brute force service for the authentication service

func (*Service) SignIn 

func (s *Service) SignIn(ctx context.Context, req *SignInRequest) (*SignInResponse, error)

SignIn is the use case for user sign in with email and password

func (*Service) SignOut 

func (s *Service) SignOut(req *SignOutRequest) error

SignOut is the use case for user sign out

func (*Service) SignUp 

func (s *Service) SignUp(ctx context.Context, req *SignUpRequest) (*SignUpResponse, error)

SignUp is the use case for user sign up with email and password

func (*Service) SyncMultipleProvidersData 

func (s *Service) SyncMultipleProvidersData(ctx context.Context, userID string, providerData map[account.ProviderType]*account.OAuthUser) (*SyncProviderDataResponse, error)

SyncMultipleProvidersData syncs data from multiple linked OAuth providers Returns the latest successful update

func (*Service) SyncProviderData 

func (s *Service) SyncProviderData(ctx context.Context, req *SyncProviderDataRequest) (*SyncProviderDataResponse, error)

SyncProviderData syncs user profile data from an OAuth provider to the user record

func (*Service) UnlinkOAuthAccount 

func (s *Service) UnlinkOAuthAccount(ctx context.Context, req *UnlinkOAuthAccountRequest) (*UnlinkOAuthAccountResponse, error)

UnlinkOAuthAccount unlinks an OAuth account from a user

func (*Service) UpdateLinkedAccountTokens 

func (s *Service) UpdateLinkedAccountTokens(ctx context.Context, userID string, providerID account.ProviderType, accessToken string, refreshToken *string, expiresAt *time.Time) error

UpdateLinkedAccountTokens updates the tokens for a linked OAuth account

func (*Service) UpdateUser 

func (s *Service) UpdateUser(req *UpdateUserRequest) (*UpdateUserResponse, error)

UpdateUser is the use case for updating a user's profile

func (*Service) ValidateSession 

func (s *Service) ValidateSession(req *ValidateSessionRequest) (*ValidateSessionResponse, error)

ValidateSession is the use case for validating a user's session

func (*Service) VerifyEmail 

func (s *Service) VerifyEmail(ctx context.Context, req *VerifyEmailRequest) (*VerifyEmailResponse, error)

VerifyEmail is the unified use case for handling all verification types It uses the strategy pattern to route to the appropriate handler based on verification type

type SignInRequest 

type SignInRequest struct {
	Email       string
	Password    string
	CallbackURL string
	IPAddress   string
	UserAgent   string
}

SignInRequest contains the request data for sign in

func (*SignInRequest) Validate 

func (req *SignInRequest) Validate() error

Validate validates the sign in request

type SignInResponse 

type SignInResponse struct {
	Session *session.Session
	User    *user.User
}

SignInResponse contains the response data for sign in

type SignOutRequest 

type SignOutRequest struct {
	SessionToken string
}

SignOutRequest contains the request data for sign out

type SignUpRequest 

type SignUpRequest struct {
	Email       string
	Password    string
	Name        string
	CallbackURL string
}

SignUpRequest contains the request data for sign up

func (*SignUpRequest) Validate 

func (req *SignUpRequest) Validate(options *PasswordLengthRequirementOptions) error

Validate validates the sign up request

type SignUpResponse 

type SignUpResponse struct {
	Session *session.Session
	User    *user.User
}

SignUpResponse contains the response data for sign up

type SyncProviderDataRequest 

type SyncProviderDataRequest struct {
	UserID     string
	ProviderID account.ProviderType
	OAuthUser  *account.OAuthUser
	UpdateUser bool // Whether to update user profile fields
}

SyncProviderDataRequest represents a request to sync user data from an OAuth provider

type SyncProviderDataResponse 

type SyncProviderDataResponse struct {
	User    *user.User       `json:"user"`
	Account *account.Account `json:"account"`
	Changes map[string]bool  `json:"changes"` // Track what was changed
}

SyncProviderDataResponse represents the response from syncing provider data

type UnlinkOAuthAccountRequest 

type UnlinkOAuthAccountRequest struct {
	UserID     string
	ProviderID account.ProviderType
}

UnlinkOAuthAccountRequest represents a request to unlink an OAuth account from a user

type UnlinkOAuthAccountResponse 

type UnlinkOAuthAccountResponse struct {
	Success bool `json:"success"`
}

UnlinkOAuthAccountResponse represents the response from unlinking an OAuth account

type UpdateUserRequest 

type UpdateUserRequest struct {
	UserID string
	Name   *string
	Image  *string
}

UpdateUserRequest contains the request data for updating a user

type UpdateUserResponse 

type UpdateUserResponse struct {
	User *user.User
}

UpdateUserResponse contains the response data for updating a user

type ValidateSessionRequest 

type ValidateSessionRequest struct {
	SessionToken string `json:"session_token"`
}

ValidateSessionRequest contains the request data for validating a session

type ValidateSessionResponse 

type ValidateSessionResponse struct {
	Session *session.Session `json:"session"`
	Valid   bool             `json:"valid"`
}

ValidateSessionResponse contains the response data for validating a session

type VerifyEmailRequest 

type VerifyEmailRequest struct {
	VerificationToken string `json:"token" validate:"required"`
}

VerifyEmailRequest contains the request data for verifying an email (unified endpoint)

type VerifyEmailResponse 

type VerifyEmailResponse struct {
	Status bool                          `json:"status"`
	Type   verification.VerificationType `json:"type"`
	Token  string                        `json:"token,omitempty"`
}

VerifyEmailResponse contains the response data for verifying an email

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.