repository

package
v0.29.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package repository implements data persistence for authentication and authorization entities.

Provides PostgreSQL persistence with transaction support via database.GetTx(). PostgreSQL uses native UUID types.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuditLogRepository added in v0.29.0 

type AuditLogRepository struct {
	// contains filtered or unexported fields
}

AuditLogRepository implements AuditLog persistence for PostgreSQL. Uses native UUID types with transaction support via database.GetTx().

func NewAuditLogRepository added in v0.29.0 

func NewAuditLogRepository(db *sql.DB) *AuditLogRepository

NewAuditLogRepository creates a new PostgreSQL AuditLog repository.

func (*AuditLogRepository) Create added in v0.29.0 

func (p *AuditLogRepository) Create(ctx context.Context, auditLog *authDomain.AuditLog) error

Create inserts a new AuditLog into the PostgreSQL database. Uses transaction support via database.GetTx(). Handles nil metadata as database NULL. Includes cryptographic signature fields (signature, kek_id, is_signed) for tamper detection. Returns an error if metadata marshaling or database insertion fails.

func (*AuditLogRepository) DeleteOlderThan added in v0.29.0 

func (p *AuditLogRepository) DeleteOlderThan(
	ctx context.Context,
	olderThan time.Time,
	dryRun bool,
) (int64, error)

DeleteOlderThan removes audit logs created before the specified timestamp. When dryRun is true, returns count via SELECT COUNT(*) without deletion. When false, executes DELETE and returns affected rows. Uses transaction support via database.GetTx(). All timestamps are expected in UTC.

func (*AuditLogRepository) Get added in v0.29.0 

func (p *AuditLogRepository) Get(ctx context.Context, id uuid.UUID) (*authDomain.AuditLog, error)

Get retrieves a single audit log by ID from the PostgreSQL database. Returns error if the audit log is not found or if database operation fails.

func (*AuditLogRepository) ListCursor added in v0.29.0 

func (p *AuditLogRepository) ListCursor(
	ctx context.Context,
	afterID *uuid.UUID,
	limit int,
	createdAtFrom, createdAtTo *time.Time,
	clientID *uuid.UUID,
) ([]*authDomain.AuditLog, error)

ListCursor retrieves audit logs ordered by created_at descending (newest first) with cursor-based pagination and optional time-based filtering. If afterID is provided, returns logs with ID greater than afterID (UUIDv7 ordering). Accepts createdAtFrom and createdAtTo as optional filters (nil means no filter). Both boundaries are inclusive (>= and <=). Accepts clientID as an optional filter (nil means no filter). All timestamps are expected in UTC. Returns empty slice if no audit logs found. Handles NULL metadata gracefully by returning nil map for those entries. Limit is pre-validated (1-1000).

type ClientRepository added in v0.29.0 

type ClientRepository struct {
	// contains filtered or unexported fields
}

ClientRepository implements Client persistence for PostgreSQL. Uses native UUID types with transaction support via database.GetTx().

func NewClientRepository added in v0.29.0 

func NewClientRepository(db *sql.DB) *ClientRepository

NewClientRepository creates a new PostgreSQL Client repository.

func (*ClientRepository) Create added in v0.29.0 

func (p *ClientRepository) Create(ctx context.Context, client *authDomain.Client) error

Create inserts a new Client into the PostgreSQL database. Uses transaction support via database.GetTx(). Returns an error if policy marshaling or database insertion fails.

func (*ClientRepository) Get added in v0.29.0 

func (p *ClientRepository) Get(
	ctx context.Context,
	clientID uuid.UUID,
) (*authDomain.Client, error)

Get retrieves a Client by ID from the PostgreSQL database. Uses transaction support via database.GetTx(). Returns ErrClientNotFound if the client doesn't exist, or an error if policy unmarshaling or database query fails.

func (*ClientRepository) ListCursor added in v0.29.0 

func (p *ClientRepository) ListCursor(
	ctx context.Context,
	afterID *uuid.UUID,
	limit int,
) ([]*authDomain.Client, error)

ListCursor retrieves clients ordered by ID descending (newest first) with cursor-based pagination. If afterID is provided, returns clients with ID less than afterID (for DESC ordering). Uses transaction support via database.GetTx(). Returns empty slice if no clients found, or an error if policy unmarshaling or database query fails. Limit is pre-validated (1-1000).

func (*ClientRepository) Update added in v0.29.0 

func (p *ClientRepository) Update(ctx context.Context, client *authDomain.Client) error

Update modifies an existing Client in the PostgreSQL database. Uses transaction support via database.GetTx(). Returns an error if policy marshaling or database update fails.

func (*ClientRepository) UpdateLockState added in v0.29.0 

func (p *ClientRepository) UpdateLockState(
	ctx context.Context,
	clientID uuid.UUID,
	failedAttempts int,
	lockedUntil *time.Time,
) error

UpdateLockState atomically updates the failed attempt counter and lock expiry for a client.

type TokenRepository added in v0.29.0 

type TokenRepository struct {
	// contains filtered or unexported fields
}

TokenRepository implements Token persistence for PostgreSQL. Uses native UUID types with transaction support via database.GetTx().

func NewTokenRepository added in v0.29.0 

func NewTokenRepository(db *sql.DB) *TokenRepository

NewTokenRepository creates a new PostgreSQL Token repository.

func (*TokenRepository) Create added in v0.29.0 

func (p *TokenRepository) Create(ctx context.Context, token *authDomain.Token) error

Create inserts a new Token into the PostgreSQL database. Uses transaction support via database.GetTx(). Returns an error if database insertion fails.

func (*TokenRepository) Get added in v0.29.0 

func (p *TokenRepository) Get(ctx context.Context, tokenID uuid.UUID) (*authDomain.Token, error)

Get retrieves a Token by ID from the PostgreSQL database. Uses transaction support via database.GetTx(). Returns ErrTokenNotFound if the token doesn't exist, or an error if database query fails.

func (*TokenRepository) GetByTokenHash added in v0.29.0 

func (p *TokenRepository) GetByTokenHash(
	ctx context.Context,
	tokenHash string,
) (*authDomain.Token, error)

GetByTokenHash retrieves a Token by token hash from the PostgreSQL database. Uses transaction support via database.GetTx(). Returns ErrTokenNotFound if the token doesn't exist, or an error if database query fails.

func (*TokenRepository) PurgeExpiredAndRevoked added in v0.29.0 

func (p *TokenRepository) PurgeExpiredAndRevoked(
	ctx context.Context,
	olderThan time.Time,
) (int64, error)

PurgeExpiredAndRevoked permanently deletes tokens that are either expired or revoked and were created before the specified timestamp. Returns the number of deleted tokens.

func (*TokenRepository) RevokeByClientID added in v0.29.0 

func (p *TokenRepository) RevokeByClientID(ctx context.Context, clientID uuid.UUID) error

RevokeByClientID marks all active tokens for a specific client as revoked.

func (*TokenRepository) RevokeByTokenID added in v0.29.0 

func (p *TokenRepository) RevokeByTokenID(ctx context.Context, tokenID uuid.UUID) error

RevokeByTokenID marks a specific token as revoked by setting its revoked_at timestamp.

func (*TokenRepository) Update added in v0.29.0 

func (p *TokenRepository) Update(ctx context.Context, token *authDomain.Token) error

Update modifies an existing Token in the PostgreSQL database. Uses transaction support via database.GetTx(). Returns an error if database update fails.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.