Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

core

package

Go to main page

Versions in this module

v1

v1.0.1

Mar 9, 2026

v1.0.0

Mar 9, 2026

Changes in this version

+ var ErrAuditLogFailed = errors.New("Failed to write audit logs")

+ var ErrInvalidCredentials = errors.New("invalid email or password")

+ var ErrInvalidEmail = errors.New("incorrect email format")

+ var ErrInvalidSession = errors.New("invalid or expired token")

+ var ErrInvalidToken = errors.New("invalid or expired token")

+ var ErrPasswordNoLower = errors.New("password must contain a lowercase letter")

+ var ErrPasswordNoNumber = errors.New("password must contain a number")

+ var ErrPasswordNoUpper = errors.New("password must contain an uppercase letter")

+ var ErrPasswordTooLong = errors.New("password execceds maximum lenght")

+ var ErrPasswordTooShort = errors.New("password must be at least 8 characters")

+ var ErrSessionNotFound = errors.New("session not found")

+ var ErrTooManyAttempts = errors.New("too many attempts, please try again later")

+ var ErrUserExists = errors.New("user alredy exists")

+ var ErrUserNotFound = errors.New("user not found")

+ func ValidateEmail(email string) error

+ func ValidatePassword(password string, policy PasswordPolicy) error

+ type AuditAction string

+ const ActionAccountDelete

+ const ActionEmailChange

+ const ActionPasswordChange

+ const ActionRateLimited

+ const ActionSignInFailed

+ const ActionSignInSuccess

+ const ActionSignOut

+ const ActionSignOutAll

+ const ActionSignUp

+ const ActionTokenRefresh

+ type AuditEntry struct

+ Action AuditAction

+ Error string

+ IPAddress string

+ Metadata map[string]interface{}

+ Status string

+ Timestamp time.Time

+ UserAgent string

+ UserID string

+ type AuditLogger interface

+ Close func() error

+ Log func(ctx context.Context, entry AuditEntry) error

+ type BcryptHasher struct

+ Cost int

+ func NewBcryptHasher(cost int) *BcryptHasher

+ func (h *BcryptHasher) Compare(password, hash string) error

+ func (h *BcryptHasher) Hash(password string) (string, error)

+ type Claims struct

+ UserID string

+ type Config struct

+ AccessTokenTTL time.Duration

+ Issuer string

+ JWTSecret string

+ PasswordPolicy PasswordPolicy

+ RefreshTokenTTL time.Duration

+ TokenExpiry time.Duration

+ func DefautConfig() Config

+ type ConsoleAuditLogger struct

+ func NewConsoleAuditLogger() *ConsoleAuditLogger

+ func (l *ConsoleAuditLogger) Close() error

+ func (l *ConsoleAuditLogger) Log(ctx context.Context, entry AuditEntry) error

+ type Engine struct

+ func New(users UserStore, sessions SessionStore) *Engine

+ func (e *Engine) Authenticate(tokenString string) (string, error)

+ func (e *Engine) ChangeEmail(ctx context.Context, userID, newEmail string) error

+ func (e *Engine) ChangePassword(ctx context.Context, userID, oldPassword, newPassword string) error

+ func (e *Engine) DeleteAccount(ctx context.Context, userID string) error

+ func (e *Engine) GetSessionStore() SessionStore

+ func (e *Engine) GetUser(ctx context.Context, userID string) (*User, error)

+ func (e *Engine) GetUserByEmail(ctx context.Context, email string) (*User, error)

+ func (e *Engine) GetUserStore() UserStore

+ func (e *Engine) ListSessions(ctx context.Context, userID string) ([]Session, error)

+ func (e *Engine) Login(ctx context.Context, email, password string) (*TokenPair, *LimitResult, error)

+ func (e *Engine) Logout(ctx context.Context, refreshToken string) error

+ func (e *Engine) LogoutAll(ctx context.Context, userID string) error

+ func (e *Engine) RefreshToken(ctx context.Context, refreshToken string) (*TokenPair, error)

+ func (e *Engine) RevokeSession(ctx context.Context, sessionID string) error

+ func (e *Engine) SignUp(ctx context.Context, email, password string) (*User, error)

+ func (e *Engine) VerifyToken(tokenString string) (*Claims, error)

+ func (e *Engine) WithAuditLogger(logger AuditLogger) *Engine

+ func (e *Engine) WithHasher(hasher Hasher) *Engine

+ func (e *Engine) WithJWTSecret(secret string) *Engine

+ func (e *Engine) WithRateLimiter(limiter RateLimiter) *Engine

+ type FileAuditLogger struct

+ func NewFileAuditLogger(filePath string) *FileAuditLogger

+ func (l *FileAuditLogger) Close() error

+ func (l *FileAuditLogger) Log(ctx context.Context, entry AuditEntry) error

+ type Hasher interface

+ Compare func(password, hash string) error

+ Hash func(password string) (string, error)

+ type LimitResult struct

+ Allowed bool

+ Limit int

+ Remaining int

+ Reset time.Duration

+ type MemoryRateLimiter struct

+ func NewMemoryRateLimiter(limit int, window time.Duration) *MemoryRateLimiter

+ func (r *MemoryRateLimiter) Allow(ctx context.Context, key string) (LimitResult, error)

+ func (r *MemoryRateLimiter) Reset(ctx context.Context, key string) error

+ type MockHasher struct

+ func (h *MockHasher) Compare(password, hash string) error

+ func (h *MockHasher) Hash(password string) (string, error)

+ type NoopAuditLogger struct

+ func NewNoopAuditLogger() *NoopAuditLogger

+ func (l *NoopAuditLogger) Close() error

+ func (l *NoopAuditLogger) Log(ctx context.Context, entry AuditEntry) error

+ type NoopRateLimiter struct

+ func (r *NoopRateLimiter) Allow(ctx context.Context, key string) (LimitResult, error)

+ func (r *NoopRateLimiter) Reset(ctx context.Context, key string) error

+ type PasswordPolicy struct

+ MaxLenght int

+ MinLenght int

+ RequireLower bool

+ RequireNumber bool

+ RequireSpecial bool

+ RequireUpper bool

+ func DefaultPasswordPolicy() PasswordPolicy

+ type RateLimiter interface

+ Allow func(ctx context.Context, key string) (LimitResult, error)

+ Reset func(ctx context.Context, key string) error

+ type Session struct

+ CreatedAt time.Time

+ ExpiresAt time.Time

+ ID string

+ RefreshToken string

+ UpdatedAt time.Time

+ UserID string

+ type SessionStore interface

+ Create func(ctx context.Context, userID string) (*Session, error)

+ GetByRefreshToken func(ctx context.Context, refreshToken string) (*Session, error)

+ ListForUser func(ctx context.Context, userID string) ([]Session, error)

+ Revoke func(ctx context.Context, sessionID string) error

+ RevokeAllForUser func(ctx context.Context, userID string) error

+ type TokenPair struct

+ AccessToken string

+ ExpiresIn int64

+ RefreshToken string

+ TokenType string

+ type User struct

+ CreatedAt time.Time

+ Email string

+ ID string

+ PasswordHash string

+ UpdatedAt time.Time

+ type UserStore interface

+ Create func(ctx context.Context, email, passwordHash string) (*User, error)

+ Delete func(ctx context.Context, id string) error

+ GetByEmail func(ctx context.Context, email string) (*User, error)

+ GetByID func(ctx context.Context, id string) (*User, error)

+ UpdateEmail func(ctx context.Context, id, newEmail string) error

+ UpdatePassword func(ctx context.Context, id, newPasswordHash string) error

+ type ValidationError struct

+ Err error

+ Field string

+ Message string

+ func (e *ValidationError) Error() string

+ func (e *ValidationError) Unwrap() error