Documentation
¶
Index ¶
- Variables
- func CountUsers() (int, error)
- func DeleteUser(id string) error
- func HandleCreateUser(w http.ResponseWriter, r *http.Request)
- func HandleDeleteUser(w http.ResponseWriter, r *http.Request)
- func HandleGetUser(w http.ResponseWriter, r *http.Request)
- func HandleListUsers(w http.ResponseWriter, r *http.Request)
- func HandleUnlockUser(w http.ResponseWriter, r *http.Request)
- func HandleUpdateUser(w http.ResponseWriter, r *http.Request)
- func HandleUserAdminEndpoint(w http.ResponseWriter, r *http.Request)
- func SaveTotpSecret(userID, secret string) error
- func UnlockUser(id string) error
- func UpdateUser(id string, req UserUpdateRequest) error
- func ValidateUserCreateRequest(input UserCreateRequest) error
- func ValidateUserUpdateRequest(input UserUpdateRequest) error
- type ApiUserResponse
- type User
- type UserCreateRequest
- type UserResponse
- type UserUpdateRequest
Constants ¶
This section is empty.
Variables ¶
var ErrAccountLocked = errors.New("account is temporarily locked due to too many failed login attempts")
ErrAccountLocked is returned when the account is temporarily locked due to too many failed login attempts.
Functions ¶
func CountUsers ¶ added in v1.0.0
CountUsers returns the total number of users in the database.
func DeleteUser ¶
func HandleCreateUser ¶
func HandleCreateUser(w http.ResponseWriter, r *http.Request)
HandleCreateUser godoc @Summary Create a new user @Description Registers a new user in the system @Tags users @Accept json @Produce json @Param user body UserCreateRequest true "User creation payload" @Success 201 {object} UserResponse @Failure 400 {object} model.ApiError @Failure 500 {object} model.ApiError @Router /users/create [post]
func HandleDeleteUser ¶ added in v1.0.0
func HandleDeleteUser(w http.ResponseWriter, r *http.Request)
HandleDeleteUser handles DELETE /user/{id}
func HandleGetUser ¶ added in v1.0.0
func HandleGetUser(w http.ResponseWriter, r *http.Request)
HandleGetUser handles GET /user/{id} (read user by ID)
func HandleListUsers ¶ added in v1.0.0
func HandleListUsers(w http.ResponseWriter, r *http.Request)
HandleListUsers handles GET /admin/api/users - lists all active users
func HandleUnlockUser ¶ added in v1.0.0
func HandleUnlockUser(w http.ResponseWriter, r *http.Request)
HandleUnlockUser unlocks a user account after multiple failed login attempts. @Summary Unlock user account @Description Resets the failed login attempts and clear the lockout time for a user. @Tags users-admin @Accept json @Produce json @Param id query string true "User ID" @Security BearerAuth @Success 200 {object} UserResponse @Router /admin/api/users/unlock [post]
func HandleUpdateUser ¶ added in v1.0.0
func HandleUpdateUser(w http.ResponseWriter, r *http.Request)
HandleUpdateUser handles PUT /user/{id} (update user)
func HandleUserAdminEndpoint ¶ added in v1.0.0
func HandleUserAdminEndpoint(w http.ResponseWriter, r *http.Request)
HandleUserAdminEndpoint is the combined handler for /admin/api/users Routes requests based on HTTP method @Summary User administration @Description GET: List users or get user by ID. POST: Create user. PUT: Update user. DELETE: Soft-delete user. @Tags users-admin @Accept json @Produce json @Param id query string false "User ID (required for GET/PUT/DELETE single)" @Param user body UserCreateRequest false "User creation/update payload" @Security BearerAuth @Success 200 {object} UserResponse "Single user (GET/PUT)" @Success 200 {array} UserResponse "List of users (GET)" @Success 201 {object} UserResponse "Created user (POST)" @Router /admin/api/users [get] @Router /admin/api/users [post] @Router /admin/api/users [put] @Router /admin/api/users [delete]
func SaveTotpSecret ¶ added in v1.0.0
func UnlockUser ¶ added in v1.0.0
func UpdateUser ¶
func UpdateUser(id string, req UserUpdateRequest) error
func ValidateUserCreateRequest ¶
func ValidateUserCreateRequest(input UserCreateRequest) error
func ValidateUserUpdateRequest ¶ added in v1.0.0
func ValidateUserUpdateRequest(input UserUpdateRequest) error
Types ¶
type ApiUserResponse ¶
type ApiUserResponse struct {
Data *UserResponse `json:"data,omitempty"`
Error *model.ApiError `json:"error,omitempty"`
}
ApiUserResponse is used for Swagger documentation
type User ¶
type User struct {
ID string
Username string
Password string
Email string
CreatedAt time.Time
Role string
FailedLoginAttempts int
LockedUntil *time.Time
TotpSecret string
TotpVerified bool
IsEmailVerified bool
DeactivatedAt *time.Time
}
func AuthenticateUser ¶
AuthenticateUser checks if the provided username and password match a user in the database. It enforces account lockout after repeated failed attempts when configured.
func UserByEmail ¶ added in v1.1.2
UserByEmail returns the user with the given verified email address. Only returns users with is_email_verified = TRUE and no deactivated_at.
func UserByUsername ¶ added in v1.0.0
func (*User) ToResponse ¶ added in v1.0.0
func (u *User) ToResponse() UserResponse
type UserCreateRequest ¶
type UserResponse ¶
type UserResponse struct {
ID string `json:"id"`
Username string `json:"username"`
Email string `json:"email"`
CreatedAt time.Time `json:"created_at"`
Role string `json:"role"`
FailedLoginAttempts int `json:"failed_login_attempts"`
LockedUntil *time.Time `json:"locked_until,omitempty"`
IsEmailVerified bool `json:"is_email_verified"`
TotpVerified bool `json:"totp_verified"`
}
func CreateUser ¶
func CreateUser(username, password, email string) (*UserResponse, error)
type UserUpdateRequest ¶ added in v1.0.0
type UserUpdateRequest struct {
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
Email string `json:"email,omitempty"`
Role string `json:"role,omitempty"`
IsEmailVerified *bool `json:"is_email_verified,omitempty"`
TotpVerified *bool `json:"totp_verified,omitempty"`
}
Source Files