Documentation
¶
Overview ¶
Package identity provides reusable user identity and role management.
Index ¶
- Variables
- func MigrationsFS() (fs.FS, error)
- func MustMigrationsFS() fs.FS
- type Config
- type EnsureInput
- type Repo
- type Service
- func (s *Service) EnsureUser(ctx context.Context, in EnsureInput) (*User, error)
- func (s *Service) Get(ctx context.Context, id string) (*User, error)
- func (s *Service) ReplaceRoles(ctx context.Context, in UpdateRolesInput) (*User, error)
- func (s *Service) UpdateProfile(ctx context.Context, in UpdateProfileInput) (*User, error)
- type UpdateProfileInput
- type UpdateRolesInput
- type User
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalid indicates validation failure. ErrInvalid = errors.New("invalid request") // ErrNotFound indicates no user matched query. ErrNotFound = errors.New("user not found") // ErrConflict indicates write conflicts such as duplicate identities. ErrConflict = errors.New("user conflict") // ErrInternal is used as a defensive fallback for unknown failures. ErrInternal = errors.New("internal error") )
Functions ¶
func MigrationsFS ¶
MigrationsFS returns the embedded identity migrations filesystem.
func MustMigrationsFS ¶
MustMigrationsFS returns the embedded migrations filesystem or panics.
Types ¶
type Config ¶
Config controls identity defaults and validation.
func DefaultConfig ¶
func DefaultConfig() Config
DefaultConfig returns a baseline configuration for identity services.
type EnsureInput ¶
type EnsureInput struct {
Provider string
Subject string
Email string
FirstName string
LastName string
Language string
DefaultRoles []string
}
EnsureInput contains the identity attributes coming from auth tokens.
type Repo ¶
type Repo interface {
Create(ctx context.Context, u *User) error
GetByID(ctx context.Context, id string) (*User, error)
GetByIdentity(ctx context.Context, provider, subject string) (*User, error)
Update(ctx context.Context, u *User) error
ListRoles(ctx context.Context, userID string) ([]string, error)
ReplaceRoles(ctx context.Context, userID string, roles []string, at time.Time) error
}
Repo defines persistence requirements for the identity service.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service encapsulates reusable identity lifecycle logic.
func New ¶
func New(repo Repo, tx ports.TxManager, log ports.Logger, clk ports.Clock, ids ports.IDGen, cfg Config) *Service
New constructs a Service with configurable defaults.
func NewDefault ¶
func NewDefault(repo Repo, tx ports.TxManager, log ports.Logger, clk ports.Clock, ids ports.IDGen) *Service
NewDefault constructs a Service with baseline defaults.
func (*Service) EnsureUser ¶
EnsureUser maps an external identity to a local profile, creating one on first login.
func (*Service) ReplaceRoles ¶
ReplaceRoles overwrites the roles assigned to a user.
func (*Service) UpdateProfile ¶
UpdateProfile mutates allowed profile fields.
type UpdateProfileInput ¶
UpdateProfileInput lists supported profile changes initiated by the user.
type UpdateRolesInput ¶
UpdateRolesInput replaces the roles assigned to a user.
Source Files
Directories