auth

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 2, 2025 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidCredentials     = errors.New("无效的凭证")
	ErrInvalidToken           = errors.New("无效的令牌")
	ErrTokenExpired           = errors.New("令牌已过期")
	ErrPermissionDenied       = errors.New("权限被拒绝")
	ErrUserNotFound           = errors.New("用户未找到")
	ErrAuthServiceUnavailable = errors.New("认证服务不可用")
	ErrTokenRevoked           = errors.New("令牌已被撤销")
)

定义常见错误

View Source 
var (
	ErrRoleNotFound       = errors.New("角色未找到")
	ErrPermissionNotFound = errors.New("权限未找到")
)
View Source 
var (
	ErrNoTokenFound = errors.New("未找到令牌")
)

Functions

This section is empty.

Types

type AuthInterceptor 

type AuthInterceptor struct {
	// contains filtered or unexported fields
}

AuthInterceptor 是一个GRPC认证拦截器

func NewAuthInterceptor 

func NewAuthInterceptor(
	tokenExtractor TokenExtractor,
	tokenManager TokenManager,
	authorizer Authorizer,
) *AuthInterceptor

NewAuthInterceptor 创建一个新的认证拦截器

func (*AuthInterceptor) AddPublicMethod added in v0.1.1 

func (i *AuthInterceptor) AddPublicMethod(fullMethodName string)

AddPublicMethod 添加一个不需要认证的方法

func (*AuthInterceptor) AddResourceMapping added in v0.1.1 

func (i *AuthInterceptor) AddResourceMapping(fullMethodName, resource, action string)

AddResourceMapping 添加方法到资源和动作的映射

func (*AuthInterceptor) StreamServerInterceptor 

func (i *AuthInterceptor) StreamServerInterceptor() grpc.StreamServerInterceptor

StreamServerInterceptor 返回一个流服务器拦截器

func (*AuthInterceptor) UnaryServerInterceptor 

func (i *AuthInterceptor) UnaryServerInterceptor() grpc.UnaryServerInterceptor

UnaryServerInterceptor 返回一个一元服务器拦截器

type Authenticator 

type Authenticator interface {
	// Authenticate 验证用户凭证并返回用户信息
	Authenticate(ctx context.Context, credential Credential) (*User, error)
}

Authenticator 定义认证接口

type Authorizer 

type Authorizer interface {
	// CheckPermission 检查用户是否有特定权限
	CheckPermission(ctx context.Context, user *User, resource string, action string) (bool, error)
}

Authorizer 定义授权接口

type CasbinAuthorizer added in v0.1.1 

type CasbinAuthorizer struct {
}

CasbinAuthorizer 使用Casbin的授权器 这里只提供框架代码,实际实现需要导入casbin依赖

type CompositeTokenExtractor added in v0.1.1 

type CompositeTokenExtractor struct {
	// contains filtered or unexported fields
}

CompositeTokenExtractor 组合多个令牌提取器

func NewCompositeTokenExtractor added in v0.1.1 

func NewCompositeTokenExtractor(extractors ...TokenExtractor) *CompositeTokenExtractor

NewCompositeTokenExtractor 创建一个组合令牌提取器

func (*CompositeTokenExtractor) Extract added in v0.1.1 

func (e *CompositeTokenExtractor) Extract(ctx context.Context) (string, error)

Extract 尝试使用所有提取器提取令牌,返回第一个成功提取的结果

type ConstantTokenExtractor added in v0.1.1 

type ConstantTokenExtractor struct {
	// contains filtered or unexported fields
}

ConstantTokenExtractor 始终返回一个常量令牌(主要用于测试)

func NewConstantTokenExtractor added in v0.1.1 

func NewConstantTokenExtractor(token string) *ConstantTokenExtractor

NewConstantTokenExtractor 创建一个常量令牌提取器

func (*ConstantTokenExtractor) Extract added in v0.1.1 

func (e *ConstantTokenExtractor) Extract(ctx context.Context) (string, error)

Extract 返回常量令牌

type ContextKey added in v0.1.1 

type ContextKey string

ContextKey 是上下文中用户信息的键 

const (
	// UserContextKey 是上下文中用户信息的键名
	UserContextKey ContextKey = "user"
)

type Credential added in v0.1.1 

type Credential struct {
	// 用户名或用户标识符
	Username string
	// 密码或令牌
	Password string
	// 其他认证信息
	Extra map[string]string
}

Credential 表示用户凭证

type MetadataTokenExtractor added in v0.1.1 

type MetadataTokenExtractor struct {
	// contains filtered or unexported fields
}

MetadataTokenExtractor 从GRPC元数据中提取令牌

func NewMetadataTokenExtractor added in v0.1.1 

func NewMetadataTokenExtractor(key string, prefix string) *MetadataTokenExtractor

NewMetadataTokenExtractor 创建一个新的元数据令牌提取器

func (*MetadataTokenExtractor) Extract added in v0.1.1 

func (e *MetadataTokenExtractor) Extract(ctx context.Context) (string, error)

Extract 从GRPC上下文元数据中提取令牌

type RBACAuthorizer added in v0.1.1 

type RBACAuthorizer struct {
	// contains filtered or unexported fields
}

RBACAuthorizer 基于角色的访问控制授权器

func NewRBACAuthorizer added in v0.1.1 

func NewRBACAuthorizer() *RBACAuthorizer

NewRBACAuthorizer 创建新的RBAC授权器

func (*RBACAuthorizer) AddPermissionToRole added in v0.1.1 

func (a *RBACAuthorizer) AddPermissionToRole(role string, permission string) error

AddPermissionToRole 向角色添加权限

func (*RBACAuthorizer) AddRole added in v0.1.1 

func (a *RBACAuthorizer) AddRole(role string, permissions []string)

AddRole 添加角色

func (*RBACAuthorizer) CheckPermission added in v0.1.1 

func (a *RBACAuthorizer) CheckPermission(ctx context.Context, user *User, resource string, action string) (bool, error)

CheckPermission 检查用户是否有特定权限

func (*RBACAuthorizer) MapResourceAction added in v0.1.1 

func (a *RBACAuthorizer) MapResourceAction(resource, action, permission string)

MapResourceAction 将资源和动作映射到权限

func (*RBACAuthorizer) RemovePermissionFromRole added in v0.1.1 

func (a *RBACAuthorizer) RemovePermissionFromRole(role string, permission string) error

RemovePermissionFromRole 从角色中移除权限

func (*RBACAuthorizer) RemoveRole added in v0.1.1 

func (a *RBACAuthorizer) RemoveRole(role string)

RemoveRole 删除角色

type ResourceAction added in v0.1.1 

type ResourceAction struct {
	Resource string
	Action   string
}

ResourceAction 表示资源和动作

type TokenExtractor 

type TokenExtractor interface {
	// Extract 从上下文中提取令牌
	Extract(ctx context.Context) (string, error)
}

TokenExtractor 定义令牌提取接口

type TokenInfo added in v0.1.1 

type TokenInfo struct {
	// 访问令牌 (用于验证用户身份)
	AccessToken string
	// 刷新令牌 (用于获取新的访问令牌)
	RefreshToken string
	// 访问令牌有效期
	ExpiresAt time.Time
	// 令牌类型
	TokenType string
	// 令牌作用域
	Scope string
}

TokenInfo 表示令牌信息

type TokenManager 

type TokenManager interface {
	// GenerateToken 生成令牌
	GenerateToken(ctx context.Context, user *User, duration time.Duration) (*TokenInfo, error)
	// ValidateToken 验证令牌
	ValidateToken(ctx context.Context, token string) (*User, error)
	// RefreshToken 刷新令牌
	RefreshToken(ctx context.Context, refreshToken string) (*TokenInfo, error)
	// RevokeToken 撤销令牌
	RevokeToken(ctx context.Context, token string) error
}

TokenManager 定义令牌管理接口

type User 

type User struct {
	// 用户标识符
	ID string
	// 用户名
	Username string
	// 角色列表
	Roles []string
	// 权限列表
	Permissions []string
	// 用户扩展信息
	Metadata map[string]string
}

User 表示认证后的用户信息

func GetUserFromContext added in v0.1.1 

func GetUserFromContext(ctx context.Context) (*User, bool)

GetUserFromContext 从上下文中获取用户信息

Source Files

View all Source files

Directories

Path Synopsis
Package mfa 提供了多因素认证(MFA)的功能支持。
 Package mfa 提供了多因素认证(MFA)的功能支持。

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.