The highest tagged major version is
Documentation
¶
Index ¶
- Variables
- type ConsumeRefreshTokenRequest
- type ConsumeRefreshTokenService
- type ConsumeRefreshTokenSource
- type ConsumeShortCodeRequest
- type ConsumeShortCodeService
- type ConsumeShortCodeSource
- type CreateShortCodeRequest
- type CreateShortCodeService
- type CreateShortCodeSource
- type EmailExistsRequest
- type EmailExistsService
- type EmailExistsSource
- type ListUsersRequest
- type ListUsersService
- type ListUsersSource
- type LoginAnonService
- type LoginAnonSource
- type LoginRequest
- type LoginService
- type LoginSource
- type RefreshTokenClaimsVerifier
- type RegisterRequest
- type RegisterService
- type RegisterSource
- type RequestEmailUpdateRequest
- type RequestEmailUpdateService
- type RequestEmailUpdateSource
- type RequestPasswordResetRequest
- type RequestPasswordResetService
- type RequestPasswordResetSource
- type RequestRegisterRequest
- type RequestRegisterService
- type RequestRegisterSource
- type SelectUserRequest
- type SelectUserService
- type SelectUserSource
- type UpdateEmailRequest
- type UpdateEmailResponse
- type UpdateEmailService
- type UpdateEmailSource
- type UpdatePasswordRequest
- type UpdatePasswordService
- type UpdatePasswordSource
- type UpdateRoleRequest
- type UpdateRoleService
- type UpdateRoleSource
Constants ¶
This section is empty.
Variables ¶
var ( ErrMismatchRefreshClaims = errors.New("refresh token and access token do not match") ErrTokenIssuedWithDifferentRefreshToken = errors.New("access token was not issued with the provided refresh token") )
var ( ErrUpdateToHigherRole = errors.New("user is not allowed to upgrade users to a higher role than its own") ErrMustDowngradeLowerRole = errors.New("user cam only downgrade users from a lower role") ErrUnknownRole = errors.New("unknown role") ErrSelfRoleUpdate = errors.New("user is not allowed to update its own role") )
var ErrInvalidShortCode = errors.New("invalid short code")
var ErrMissingShortCodeAndCurrentPassword = errors.New("missing short code and current password")
var SMTPTimeout = 10 * time.Second
Functions ¶
This section is empty.
Types ¶
type ConsumeRefreshTokenRequest ¶
type ConsumeRefreshTokenRequest struct {
// The last valid access token must be provided as an extra security measure. It may be expired, but must still
// be signed by an active key. Information in the access token is checked against the refresh token claims, and
// used to populate the new access token claims.
AccessToken string
RefreshToken string
}
type ConsumeRefreshTokenService ¶
type ConsumeRefreshTokenService struct {
// contains filtered or unexported fields
}
func NewConsumeRefreshTokenService ¶
func NewConsumeRefreshTokenService(source ConsumeRefreshTokenSource) *ConsumeRefreshTokenService
func (*ConsumeRefreshTokenService) ConsumeRefreshToken ¶
func (service *ConsumeRefreshTokenService) ConsumeRefreshToken( ctx context.Context, request ConsumeRefreshTokenRequest, ) (string, error)
type ConsumeRefreshTokenSource ¶
type ConsumeRefreshTokenSource interface {
SelectCredentials(ctx context.Context, id uuid.UUID) (*dao.CredentialsEntity, error)
SignClaims(ctx context.Context, usage jkmodels.KeyUsage, claims any) (string, error)
VerifyClaims(
ctx context.Context, usage jkmodels.KeyUsage, accessToken string, options *jkpkg.VerifyClaimsOptions,
) (*models.AccessTokenClaims, error)
VerifyRefreshTokenClaims(
ctx context.Context, usage jkmodels.KeyUsage, accessToken string, options *jkpkg.VerifyClaimsOptions,
) (*models.RefreshTokenClaims, error)
}
func NewConsumeRefreshTokenServiceSource ¶ added in v0.5.0
func NewConsumeRefreshTokenServiceSource( selectCredentialsDAO *dao.SelectCredentialsRepository, issueTokenService *jkpkg.ClaimsSigner, accessTokenService *jkpkg.ClaimsVerifier[models.AccessTokenClaims], refreshTokenService *jkpkg.ClaimsVerifier[models.RefreshTokenClaims], ) ConsumeRefreshTokenSource
type ConsumeShortCodeRequest ¶
type ConsumeShortCodeRequest struct {
// Information about the resource the short code grants access to.
Usage models.ShortCodeUsage
// The target that is allowed to access the resource. Only this target can retrieve the short code.
Target string
// The encrypted code. A clear version of this code is sent to the target.
Code string
}
ConsumeShortCodeRequest is the input used to perform the ConsumeShortCodeService.ConsumeShortCode action.
type ConsumeShortCodeService ¶
type ConsumeShortCodeService struct {
// contains filtered or unexported fields
}
ConsumeShortCodeService is the service used to perform the ConsumeShortCodeService.ConsumeShortCode action.
You may create one using the NewConsumeShortCodeService function.
func NewConsumeShortCodeService ¶
func NewConsumeShortCodeService(source ConsumeShortCodeSource) *ConsumeShortCodeService
func (*ConsumeShortCodeService) ConsumeShortCode ¶
func (service *ConsumeShortCodeService) ConsumeShortCode( ctx context.Context, request ConsumeShortCodeRequest, ) (*models.ShortCode, error)
ConsumeShortCode validates a plain code against an encrypted short code, and expires the short code if the validation is successful.
The plain code may be sent unencrypted, as it is only usable once. The encrypted code is stored in the database and is used to validate the plain code.
Once used with this action, a short code expires and is no longer valid.
type ConsumeShortCodeSource ¶
type ConsumeShortCodeSource interface {
SelectShortCodeByParams(ctx context.Context, data dao.SelectShortCodeByParamsData) (*dao.ShortCodeEntity, error)
DeleteShortCode(ctx context.Context, data dao.DeleteShortCodeData) (*dao.ShortCodeEntity, error)
}
ConsumeShortCodeSource is the source used to perform the ConsumeShortCodeService.ConsumeShortCode action.
You may build one using the NewConsumeShortCodeSource function.
func NewConsumeShortCodeSource ¶
func NewConsumeShortCodeSource( selectShortCode *dao.SelectShortCodeByParamsRepository, deleteShortCode *dao.DeleteShortCodeRepository, ) ConsumeShortCodeSource
type CreateShortCodeRequest ¶
type CreateShortCodeRequest struct {
// Information about the resource the short code grants access to.
Usage models.ShortCodeUsage
// The target that is allowed to access the resource. Only this target can retrieve the short code.
Target string
// Data used for the targeted resource. It can contain any information required to perform a specific action.
Data any
// TTL (Time To Live) of the short code. Past this delay, the short code expires, and can no longer be used.
TTL time.Duration
// Whe true, automatically expires any existing short code with the same target and usage.
// Otherwise, the presence of a duplica will trigger an error.
Override bool
}
CreateShortCodeRequest is the input used to perform the CreateShortCodeService.CreateShortCode action.
type CreateShortCodeService ¶
type CreateShortCodeService struct {
// contains filtered or unexported fields
}
CreateShortCodeService is the service used to perform the CreateShortCodeService.CreateShortCode action.
You may create one using the NewCreateShortCodeService function.
func NewCreateShortCodeService ¶
func NewCreateShortCodeService(source CreateShortCodeSource, config config.ShortCodes) *CreateShortCodeService
func (*CreateShortCodeService) CreateShortCode ¶
func (service *CreateShortCodeService) CreateShortCode( ctx context.Context, request CreateShortCodeRequest, ) (*models.ShortCode, error)
CreateShortCode creates a new short code in the database.
This service automatically generates a random short code, encrypts it, and stores it in the database. The clear value of the short code is returned, and MUST be sent to the target using a private channel (usually mail or phone).
The clear value is URL-safe. If any encoding is performed on it, then it MUST be decoded before being sent back for consumption.
type CreateShortCodeSource ¶
type CreateShortCodeSource interface {
InsertShortCode(ctx context.Context, data dao.InsertShortCodeData) (*dao.ShortCodeEntity, error)
}
CreateShortCodeSource is the source used to perform the CreateShortCodeService.CreateShortCode action.
type EmailExistsRequest ¶
type EmailExistsRequest struct {
Email string
}
type EmailExistsService ¶
type EmailExistsService struct {
// contains filtered or unexported fields
}
func NewEmailExistsService ¶
func NewEmailExistsService(source EmailExistsSource) *EmailExistsService
func (*EmailExistsService) EmailExists ¶
func (service *EmailExistsService) EmailExists(ctx context.Context, request EmailExistsRequest) (bool, error)
type EmailExistsSource ¶
type ListUsersRequest ¶
type ListUsersRequest struct {
Limit int
Offset int
Roles models.CredentialsRoles
}
type ListUsersService ¶
type ListUsersService struct {
// contains filtered or unexported fields
}
func NewListUsersService ¶
func NewListUsersService(source ListUsersSource) *ListUsersService
func (*ListUsersService) ListUsers ¶
func (service *ListUsersService) ListUsers( ctx context.Context, request ListUsersRequest, ) ([]*models.User, error)
type ListUsersSource ¶
type ListUsersSource interface {
ListUsers(ctx context.Context, data dao.ListUsersData) ([]*dao.CredentialsEntity, error)
}
type LoginAnonService ¶
type LoginAnonService struct {
// contains filtered or unexported fields
}
LoginAnonService is the service used to perform the LoginAnonService.LoginAnon action.
You may create one using the NewLoginAnonService function.
func NewLoginAnonService ¶
func NewLoginAnonService(source LoginAnonSource) *LoginAnonService
func (*LoginAnonService) LoginAnon ¶
func (service *LoginAnonService) LoginAnon(ctx context.Context) (string, error)
LoginAnon creates a new anonymous session. Anonymous sessions grant basic access to public protected resources.
On success, a new access token is returned, so the user can access protected resources.
type LoginAnonSource ¶
type LoginAnonSource interface {
SignClaims(ctx context.Context, usage jkmodels.KeyUsage, claims any) (string, error)
}
LoginAnonSource is the source used to perform the LoginAnonService.LoginAnon action.
type LoginRequest ¶
type LoginRequest struct {
// Email of the user trying to log in.
Email string
// Password of the user trying to log in.
Password string
}
LoginRequest is the request sent by the client to log in.
type LoginService ¶
type LoginService struct {
// contains filtered or unexported fields
}
LoginService is the service used to perform the LoginService.Login action.
You may create one using the NewLoginService function.
func NewLoginService ¶
func NewLoginService(source LoginSource) *LoginService
func (*LoginService) Login ¶
func (service *LoginService) Login(ctx context.Context, request LoginRequest) (*models.Token, error)
Login a user.
On success, a new access token is returned, so the user can access protected resources.
You may also create an anonymous session using the LoginAnonService.
type LoginSource ¶
type LoginSource interface {
SelectCredentialsByEmail(ctx context.Context, email string) (*dao.CredentialsEntity, error)
SignClaims(ctx context.Context, usage jkmodels.KeyUsage, claims any) (string, error)
}
LoginSource is the source used to perform the LoginService.Login action.
You may build one using the NewLoginServiceSource function.
func NewLoginServiceSource ¶
func NewLoginServiceSource( selectCredentialsByEmailDAO *dao.SelectCredentialsByEmailRepository, issueTokenService *jkpkg.ClaimsSigner, ) LoginSource
type RefreshTokenClaimsVerifier ¶ added in v0.6.0
type RefreshTokenClaimsVerifier struct {
// contains filtered or unexported fields
}
func (*RefreshTokenClaimsVerifier) VerifyRefreshTokenClaims ¶ added in v0.6.0
func (verifier *RefreshTokenClaimsVerifier) VerifyRefreshTokenClaims( ctx context.Context, usage jkmodels.KeyUsage, accessToken string, options *jkpkg.VerifyClaimsOptions, ) (*models.RefreshTokenClaims, error)
type RegisterRequest ¶
type RegisterService ¶
type RegisterService struct {
// contains filtered or unexported fields
}
func NewRegisterService ¶
func NewRegisterService(source RegisterSource) *RegisterService
func (*RegisterService) Register ¶
func (service *RegisterService) Register(ctx context.Context, request RegisterRequest) (*models.Token, error)
type RegisterSource ¶
type RegisterSource interface {
InsertCredentials(ctx context.Context, data dao.InsertCredentialsData) (*dao.CredentialsEntity, error)
SignClaims(ctx context.Context, usage jkmodels.KeyUsage, claims any) (string, error)
ConsumeShortCode(ctx context.Context, request ConsumeShortCodeRequest) (*models.ShortCode, error)
}
func NewRegisterSource ¶
func NewRegisterSource( insertCredentialsDAO *dao.InsertCredentialsRepository, issueTokenService *jkpkg.ClaimsSigner, consumeShortCodeService *ConsumeShortCodeService, ) RegisterSource
type RequestEmailUpdateRequest ¶
type RequestEmailUpdateRequest struct {
// ID of the account trying to update its email.
ID uuid.UUID
// New email of the account. This email will receive a link to confirm the email update.
Email string
// Language of the account.
Lang models.Lang
}
RequestEmailUpdateRequest is the input used to perform the RequestEmailUpdateService.RequestEmailUpdate action.
type RequestEmailUpdateService ¶
type RequestEmailUpdateService struct {
// contains filtered or unexported fields
}
RequestEmailUpdateService is the service used to perform the RequestEmailUpdateService.RequestEmailUpdate action.
You may create one using the NewRequestEmailUpdateService function.
func NewRequestEmailUpdateService ¶
func NewRequestEmailUpdateService( source RequestEmailUpdateSource, shortCodesConfig config.ShortCodes, smtpConfig models.SMTPURLsConfig, ) *RequestEmailUpdateService
func (*RequestEmailUpdateService) RequestEmailUpdate ¶
func (service *RequestEmailUpdateService) RequestEmailUpdate( ctx context.Context, request RequestEmailUpdateRequest, ) (*models.ShortCode, error)
RequestEmailUpdate requests an email update for a specific account.
The link to update the email is sent to the new email address provided in the request. This also serves as a validation for the new email address.
func (*RequestEmailUpdateService) Wait ¶
func (service *RequestEmailUpdateService) Wait()
type RequestEmailUpdateSource ¶
type RequestEmailUpdateSource interface {
CreateShortCode(ctx context.Context, request CreateShortCodeRequest) (*models.ShortCode, error)
smtp.Sender
}
RequestEmailUpdateSource is the source used to perform the RequestEmailUpdateService.RequestEmailUpdate action.
func NewRequestEmailUpdateServiceSource ¶ added in v0.4.0
func NewRequestEmailUpdateServiceSource( createShortCode *CreateShortCodeService, smtpSender smtp.Sender, ) RequestEmailUpdateSource
func NewRequestRegisterServiceSource ¶ added in v0.4.0
func NewRequestRegisterServiceSource( createShortCode *CreateShortCodeService, smtpSender smtp.Sender, ) RequestEmailUpdateSource
type RequestPasswordResetRequest ¶
type RequestPasswordResetRequest struct {
// Email of the user trying to reset its password.
Email string
// Language of the account.
Lang models.Lang
}
RequestPasswordResetRequest is the input used to perform the RequestPasswordResetService.RequestPasswordReset action.
type RequestPasswordResetService ¶
type RequestPasswordResetService struct {
// contains filtered or unexported fields
}
RequestPasswordResetService is the service used to perform the RequestPasswordResetService.RequestPasswordReset action.
You may create one using the NewRequestPasswordResetService function.
func NewRequestPasswordResetService ¶
func NewRequestPasswordResetService( source RequestPasswordResetSource, shortCodesConfig config.ShortCodes, smtpConfig models.SMTPURLsConfig, ) *RequestPasswordResetService
func (*RequestPasswordResetService) RequestPasswordReset ¶
func (service *RequestPasswordResetService) RequestPasswordReset( ctx context.Context, request RequestPasswordResetRequest, ) (*models.ShortCode, error)
RequestPasswordReset sends a short code to the user's email, allowing them to register.
This indirect registration method ensures the email is valid on account creation. There is no need to put a new account in stale mode until its email is verified with this method.
Once requested, the user MUST send the register form using the short code it received, otherwise account creation will fail.
func (*RequestPasswordResetService) Wait ¶
func (service *RequestPasswordResetService) Wait()
type RequestPasswordResetSource ¶
type RequestPasswordResetSource interface {
CreateShortCode(ctx context.Context, request CreateShortCodeRequest) (*models.ShortCode, error)
SelectCredentialsByEmail(ctx context.Context, email string) (*dao.CredentialsEntity, error)
smtp.Sender
}
RequestPasswordResetSource is the source used to perform the RequestPasswordResetService.RequestPasswordReset action.
func NewRequestPasswordResetSource ¶
func NewRequestPasswordResetSource( selectCredentials *dao.SelectCredentialsByEmailRepository, createShortCode *CreateShortCodeService, smtpSender smtp.Sender, ) RequestPasswordResetSource
type RequestRegisterRequest ¶
type RequestRegisterRequest struct {
// Email of the user trying to register. This email will receive a link that can be used to register.
Email string
// Language of the account.
Lang models.Lang
}
RequestRegisterRequest is the input used to perform the RequestRegisterService.RequestRegister action.
type RequestRegisterService ¶
type RequestRegisterService struct {
// contains filtered or unexported fields
}
RequestRegisterService is the service used to perform the RequestRegisterService.RequestRegister action.
You may create one using the NewRequestRegisterService function.
func NewRequestRegisterService ¶
func NewRequestRegisterService( source RequestRegisterSource, shortCodesConfig config.ShortCodes, smtpConfig models.SMTPURLsConfig, ) *RequestRegisterService
func (*RequestRegisterService) RequestRegister ¶
func (service *RequestRegisterService) RequestRegister( ctx context.Context, request RequestRegisterRequest, ) (*models.ShortCode, error)
RequestRegister sends a short code to the user's email, allowing them to register.
This indirect registration method ensures the email is valid on account creation. There is no need to put a new account in stale mode until its email is verified with this method.
Once requested, the user MUST send the register form using the short code it received, otherwise account creation will fail.
func (*RequestRegisterService) Wait ¶
func (service *RequestRegisterService) Wait()
type RequestRegisterSource ¶
type RequestRegisterSource interface {
CreateShortCode(ctx context.Context, request CreateShortCodeRequest) (*models.ShortCode, error)
smtp.Sender
}
RequestRegisterSource is the source used to perform the RequestRegisterService.RequestRegister action.
type SelectUserRequest ¶ added in v0.2.2
type SelectUserService ¶ added in v0.2.2
type SelectUserService struct {
// contains filtered or unexported fields
}
func NewSelectUserService ¶ added in v0.2.2
func NewSelectUserService(source SelectUserSource) *SelectUserService
func (*SelectUserService) SelectUser ¶ added in v0.2.2
func (service *SelectUserService) SelectUser( ctx context.Context, request SelectUserRequest, ) (*models.User, error)
type SelectUserSource ¶ added in v0.2.2
type UpdateEmailRequest ¶
type UpdateEmailResponse ¶
type UpdateEmailResponse struct {
NewEmail string
}
type UpdateEmailService ¶
type UpdateEmailService struct {
// contains filtered or unexported fields
}
func NewUpdateEmailService ¶
func NewUpdateEmailService(source UpdateEmailSource) *UpdateEmailService
func (*UpdateEmailService) UpdateEmail ¶
func (service *UpdateEmailService) UpdateEmail( ctx context.Context, request UpdateEmailRequest, ) (*UpdateEmailResponse, error)
type UpdateEmailSource ¶
type UpdateEmailSource interface {
UpdateCredentialsEmail(
ctx context.Context, userID uuid.UUID, data dao.UpdateCredentialsEmailData,
) (*dao.CredentialsEntity, error)
ConsumeShortCode(ctx context.Context, request ConsumeShortCodeRequest) (*models.ShortCode, error)
}
func NewUpdateEmailSource ¶
func NewUpdateEmailSource( updateCredentialsEmail *dao.UpdateCredentialsEmailRepository, consumeShortCode *ConsumeShortCodeService, ) UpdateEmailSource
type UpdatePasswordRequest ¶
type UpdatePasswordService ¶
type UpdatePasswordService struct {
// contains filtered or unexported fields
}
func NewUpdatePasswordService ¶
func NewUpdatePasswordService(source UpdatePasswordSource) *UpdatePasswordService
func (*UpdatePasswordService) UpdatePassword ¶
func (service *UpdatePasswordService) UpdatePassword(ctx context.Context, request UpdatePasswordRequest) error
type UpdatePasswordSource ¶
type UpdatePasswordSource interface {
UpdateCredentialsPassword(
ctx context.Context, userID uuid.UUID, data dao.UpdateCredentialsPasswordData,
) (*dao.CredentialsEntity, error)
SelectCredentials(ctx context.Context, id uuid.UUID) (*dao.CredentialsEntity, error)
ConsumeShortCode(ctx context.Context, request ConsumeShortCodeRequest) (*models.ShortCode, error)
}
func NewUpdatePasswordSource ¶
func NewUpdatePasswordSource( selectCredentialsDAO *dao.SelectCredentialsRepository, updateCredentialsDAO *dao.UpdateCredentialsPasswordRepository, consumeShortCode *ConsumeShortCodeService, ) UpdatePasswordSource
type UpdateRoleRequest ¶
type UpdateRoleService ¶
type UpdateRoleService struct {
// contains filtered or unexported fields
}
func NewUpdateRoleService ¶
func NewUpdateRoleService(source UpdateRoleSource) *UpdateRoleService
func (*UpdateRoleService) UpdateRole ¶
func (service *UpdateRoleService) UpdateRole( ctx context.Context, request UpdateRoleRequest, ) (*models.User, error)
type UpdateRoleSource ¶
type UpdateRoleSource interface {
UpdateCredentialsRole(
ctx context.Context, userID uuid.UUID, data dao.UpdateCredentialsRoleData,
) (*dao.CredentialsEntity, error)
SelectCredentials(ctx context.Context, id uuid.UUID) (*dao.CredentialsEntity, error)
}
func NewUpdateRoleServiceSource ¶
func NewUpdateRoleServiceSource( updateRoleDAO *dao.UpdateCredentialsRoleRepository, selectCredentialsDAO *dao.SelectCredentialsRepository, ) UpdateRoleSource
Source Files
Directories