Documentation
¶
Overview ¶
Package auth provides authentication for GoSPA projects. Includes OAuth2 (Google, Facebook, GitHub, Microsoft, Discord), JWT sessions, and TOTP/OTP.
Index ¶
- func GenerateBackupCodes(count int) ([]string, error)
- func HashBackupCode(code string) string
- func VerifyOTP(secret, code string) bool
- type AuthPlugin
- func (p *AuthPlugin) Commands() []plugin.Command
- func (p *AuthPlugin) Dependencies() []plugin.Dependency
- func (p *AuthPlugin) GenerateOTPSecret() (string, error)
- func (p *AuthPlugin) GenerateOTPURL(secret, account, issuer string) string
- func (p *AuthPlugin) GetConfig() *Config
- func (p *AuthPlugin) Init() error
- func (p *AuthPlugin) Name() string
- func (p *AuthPlugin) OnHook(hook plugin.Hook, ctx map[string]interface{}) error
- type BackupCode
- type Config
- type OAuthProvider
- type OTPConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GenerateBackupCodes ¶
GenerateBackupCodes generates backup codes.
func HashBackupCode ¶
HashBackupCode hashes a backup code using SHA256.
Types ¶
type AuthPlugin ¶
type AuthPlugin struct {
// contains filtered or unexported fields
}
AuthPlugin provides authentication capabilities.
func (*AuthPlugin) Commands ¶
func (p *AuthPlugin) Commands() []plugin.Command
Commands returns custom CLI commands.
func (*AuthPlugin) Dependencies ¶
func (p *AuthPlugin) Dependencies() []plugin.Dependency
Dependencies returns required dependencies.
func (*AuthPlugin) GenerateOTPSecret ¶
func (p *AuthPlugin) GenerateOTPSecret() (string, error)
GenerateOTPSecret generates a new OTP secret.
func (*AuthPlugin) GenerateOTPURL ¶
func (p *AuthPlugin) GenerateOTPURL(secret, account, issuer string) string
GenerateOTPURL generates the otpauth:// URL.
func (*AuthPlugin) GetConfig ¶
func (p *AuthPlugin) GetConfig() *Config
GetConfig returns the current configuration.
type BackupCode ¶
BackupCode represents a backup code for 2FA.
type Config ¶
type Config struct {
// JWTSecret is the secret key for JWT signing.
JWTSecret string `yaml:"jwt_secret" json:"jwtSecret"`
// JWTExpiry is the JWT token expiry duration in hours.
JWTExpiry int `yaml:"jwt_expiry" json:"jwtExpiry"`
// Issuer is the JWT issuer.
Issuer string `yaml:"issuer" json:"issuer"`
// OAuthProviders is a list of enabled OAuth providers.
OAuthProviders []string `yaml:"oauth_providers" json:"oauthProviders"`
// Google OAuth config.
GoogleClientID string `yaml:"google_client_id" json:"googleClientId"`
GoogleClientSecret string `yaml:"google_client_secret" json:"googleClientSecret"`
// Facebook OAuth config.
FacebookClientID string `yaml:"facebook_client_id" json:"facebookClientId"`
FacebookClientSecret string `yaml:"facebook_client_secret" json:"facebookClientSecret"`
// GitHub OAuth config.
GitHubClientID string `yaml:"github_client_id" json:"githubClientId"`
GitHubClientSecret string `yaml:"github_client_secret" json:"githubClientSecret"`
// Microsoft OAuth config.
MicrosoftClientID string `yaml:"microsoft_client_id" json:"microsoftClientId"`
MicrosoftClientSecret string `yaml:"microsoft_client_secret" json:"microsoftClientSecret"`
// Discord OAuth config.
DiscordClientID string `yaml:"discord_client_id" json:"discordClientId"`
DiscordClientSecret string `yaml:"discord_client_secret" json:"discordClientSecret"`
// Telegram OAuth config.
TelegramBotToken string `yaml:"telegram_bot_token" json:"telegramBotToken"`
// Twitter/X OAuth config.
TwitterClientID string `yaml:"twitter_client_id" json:"twitterClientId"`
TwitterClientSecret string `yaml:"twitter_client_secret" json:"twitterClientSecret"`
// OTP config.
OTPEnabled bool `yaml:"otp_enabled" json:"otpEnabled"`
OTPIssuer string `yaml:"otp_issuer" json:"otpIssuer"`
OTPDigits int `yaml:"otp_digits" json:"otpDigits"`
OTPPeriod int `yaml:"otp_period" json:"otpPeriod"`
BackupCodeCount int `yaml:"backup_code_count" json:"backupCodeCount"`
// OutputDir is where generated auth code is written.
OutputDir string `yaml:"output_dir" json:"outputDir"`
}
Config holds auth plugin configuration.
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns the default auth configuration. JWTSecret is generated randomly if not set - this is safer than a hardcoded default.