Documentation
¶
Overview ¶
Package middleware holds the goravel-authkit HTTP middleware: the session guard (Authenticated) and the login rate-limiter (RateLimitAuth).
Index ¶
- func Authenticated(guard string, users repositories.UsersRepository) contractshttp.Middleware
- func FormatPasswordTimestamp(t time.Time) string
- func RateLimitAuth(maxAttempts int, window time.Duration) contractshttp.Middleware
- func RememberLogin(guard, rememberCookieName string, users repositories.UsersRepository, ...) contractshttp.Middleware
- func RequireRole(guard string, users repositories.UsersRepository, allowed ...string) contractshttp.Middleware
- func TrackSession(guard string, sessions *services.Sessions) contractshttp.Middleware
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Authenticated ¶
func Authenticated(guard string, users repositories.UsersRepository) contractshttp.Middleware
Authenticated guards routes behind the named session guard. It:
- resolves the session's user id (401 on no session) and loads the user from the instance's table (401 on a deleted user),
- compares the login-stamped password_changed_at with the DB value — a mismatch means the password changed after this session was issued, so this (older) session is logged out (401),
- injects the user id into the request context (helpers.CtxAuthUserID).
func FormatPasswordTimestamp ¶
FormatPasswordTimestamp renders a password_changed_at value in the canonical form stored in the session. Exported so the login handler stamps it in the same format Authenticated compares against.
func RateLimitAuth ¶
func RateLimitAuth(maxAttempts int, window time.Duration) contractshttp.Middleware
RateLimitAuth limits the login endpoint to maxAttempts per window per IP. Recommended: 5/min. Pass a large maxAttempts in local/dev env to relax it.
Each call builds its OWN limiter, captured in the returned middleware closure, so two authkit instances mounted in one app never share a single IP-keyed bucket (a client login failure must not count against the admin limit).
func RememberLogin ¶
func RememberLogin(guard, rememberCookieName string, users repositories.UsersRepository, remember *services.Remember, audit *services.Audit, sessions *services.Sessions) contractshttp.Middleware
RememberLogin re-establishes a session from a valid "remember me" cookie when the request has no live session. It must run BEFORE Authenticated (so the freshly-logged-in user is seen) and only matters on guarded routes. When the cookie is missing, already-authenticated, or invalid it is a transparent no-op (invalid cookies are cleared). On success it logs the user in via the native session guard, stamps password_changed_at, rotates the session id, re-issues the rotated remember cookie, and audits the silent login. A disabled account is refused and its remember tokens revoked. Pass a nil audit to skip the audit write.
func RequireRole ¶
func RequireRole(guard string, users repositories.UsersRepository, allowed ...string) contractshttp.Middleware
RequireRole rejects authenticated users whose role is not in allowed. It must run AFTER Authenticated. The /users routes are always mounted with a non-empty allow-list (defaulting to "admin", fail-closed), so this gate is real for them. An empty allowed list is a defensive no-op; callers should never pass one for a route that must be protected.
func TrackSession ¶
func TrackSession(guard string, sessions *services.Sessions) contractshttp.Middleware
TrackSession enforces the active-session list: it refreshes the current session's last-active time and, when the row is gone, treats the session as terminated (signs it out). It must run AFTER Authenticated (a live session is assumed). Rows are created at login, not here — so a missing row means the session was terminated remotely (or predates the feature). A DB error fails open so a transient outage doesn't lock everyone out.
Types ¶
This section is empty.