Documentation
¶
Index ¶
- Constants
- func EncodeOAuthState(s *OAuthState) string
- type OAuthState
- type UserAuth
- func (ua *UserAuth) AuthenticateRequest(r *http.Request) *identity.User
- func (ua *UserAuth) HandleAgentActivity(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleCallback(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleCreateAPIKey(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleDashboardAgents(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleDashboardStats(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleDeleteAPIKey(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleDeleteAgent(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleListAPIKeys(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleLogin(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleLogout(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleMe(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleUpdateAgent(w http.ResponseWriter, r *http.Request)
- func (ua *UserAuth) HandleUpdateMe(w http.ResponseWriter, r *http.Request)
Constants ¶
const ( SessionCookieName = "e2a_session" StateCookieName = "e2a_oauth_state" SessionMaxAge = 7 * 24 * time.Hour )
Variables ¶
This section is empty.
Functions ¶
func EncodeOAuthState ¶
func EncodeOAuthState(s *OAuthState) string
Types ¶
type OAuthState ¶
type OAuthState struct {
Nonce string `json:"n"`
CLICallback string `json:"cb,omitempty"`
CLIState string `json:"cs,omitempty"`
ReturnTo string `json:"rt,omitempty"`
}
OAuthState is encoded into the OAuth state parameter. It carries the CSRF nonce and, for CLI-initiated logins, the callback URL and CLI state token. ReturnTo, if set, is a same-origin server-path the user is bounced back to after callback succeeds — used by the MCP authorize flow to resume after a session is established. Validated at HandleLogin time.
type UserAuth ¶
type UserAuth struct {
// contains filtered or unexported fields
}
func NewUserAuth ¶
func NewUserAuthWithOAuthConfig ¶
func NewUserAuthWithOAuthConfig(cfg *config.OAuthConfig, oauthCfg *oauth2.Config, store *identity.Store, production bool, userInfoURL string) *UserAuth
NewUserAuthWithOAuthConfig creates a UserAuth with a custom oauth2.Config and userinfo URL. This is intended for testing against fake OAuth servers.
func (*UserAuth) AuthenticateRequest ¶
AuthenticateRequest extracts the user from the session cookie. Returns nil if not authenticated.
func (*UserAuth) HandleAgentActivity ¶
func (ua *UserAuth) HandleAgentActivity(w http.ResponseWriter, r *http.Request)
HandleAgentActivity returns recent message activity for an agent owned by the authenticated user.
func (*UserAuth) HandleCallback ¶
func (ua *UserAuth) HandleCallback(w http.ResponseWriter, r *http.Request)
HandleCallback processes the Google OAuth callback and creates a session.
func (*UserAuth) HandleCreateAPIKey ¶
func (ua *UserAuth) HandleCreateAPIKey(w http.ResponseWriter, r *http.Request)
HandleCreateAPIKey creates a new API key for the authenticated user.
func (*UserAuth) HandleDashboardAgents ¶
func (ua *UserAuth) HandleDashboardAgents(w http.ResponseWriter, r *http.Request)
HandleDashboardAgents lists agents owned by the authenticated user.
func (*UserAuth) HandleDashboardStats ¶ added in v0.3.0
func (ua *UserAuth) HandleDashboardStats(w http.ResponseWriter, r *http.Request)
HandleDashboardStats returns the workspace-level aggregates for the redesigned dashboard's stats strip. Accepts ?window=N (days) to vary the lookback for inbound/outbound totals + delivery success — the dashboard at-a-glance strip omits it (defaults to 7), the settings usage card passes ?window=30. Invalid/out-of-range values fall back to the store's defaults (see DashboardDefaultWindowDays / DashboardMaxWindowDays). See identity.GetDashboardStats for the data sources and graceful-degradation behavior when usage tracking is disabled.
func (*UserAuth) HandleDeleteAPIKey ¶
func (ua *UserAuth) HandleDeleteAPIKey(w http.ResponseWriter, r *http.Request)
HandleDeleteAPIKey deletes an API key owned by the authenticated user.
func (*UserAuth) HandleDeleteAgent ¶
func (ua *UserAuth) HandleDeleteAgent(w http.ResponseWriter, r *http.Request)
HandleDeleteAgent deletes an agent owned by the authenticated user.
func (*UserAuth) HandleListAPIKeys ¶
func (ua *UserAuth) HandleListAPIKeys(w http.ResponseWriter, r *http.Request)
HandleListAPIKeys lists API keys for the authenticated user (without key values).
func (*UserAuth) HandleLogin ¶
func (ua *UserAuth) HandleLogin(w http.ResponseWriter, r *http.Request)
HandleLogin redirects the user to Google OAuth. CLI login params (cli_callback, cli_state) are encoded into the OAuth state parameter so they survive the redirect through Google without relying on cookies. return_to (optional) is a same-origin server path the user resumes on after callback success — only paths under /api/oauth/ are permitted, used to bounce MCP OAuth clients back into /api/oauth/authorize after a session is created.
func (*UserAuth) HandleLogout ¶
func (ua *UserAuth) HandleLogout(w http.ResponseWriter, r *http.Request)
HandleLogout deletes the session and clears the cookie.
func (*UserAuth) HandleMe ¶
func (ua *UserAuth) HandleMe(w http.ResponseWriter, r *http.Request)
HandleMe returns the current authenticated user's info.
func (*UserAuth) HandleUpdateAgent ¶
func (ua *UserAuth) HandleUpdateAgent(w http.ResponseWriter, r *http.Request)
HandleUpdateAgent updates an agent owned by the authenticated user.
func (*UserAuth) HandleUpdateMe ¶ added in v0.3.0
func (ua *UserAuth) HandleUpdateMe(w http.ResponseWriter, r *http.Request)
Source Files