Documentation
¶
Overview ¶
Package models holds the canonical GORM entities owned by the goravel-authkit package: the single User table backing authentication and the AuditLog table.
The User model is intentionally Auth.js-shaped (nullable Name/Image/ EmailVerified, nullable PasswordHash) so a project can later add OAuth/ passwordless flows without a schema change. PasswordChangedAt is stamped on every password change and compared on each request to invalidate other sessions.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditLog ¶
type AuditLog struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey" json:"id"`
ActorID *uuid.UUID `gorm:"type:uuid;index" json:"actor_id,omitempty"`
ActorEmail string `gorm:"type:varchar(255)" json:"actor_email,omitempty"`
Action string `gorm:"type:varchar(255);not null" json:"action"`
ResourceType string `gorm:"type:varchar(255)" json:"resource_type,omitempty"`
ResourceID *string `gorm:"type:varchar(255)" json:"resource_id,omitempty"`
Metadata JSONMap `gorm:"type:jsonb" json:"metadata,omitempty"`
IP string `gorm:"type:varchar(64)" json:"ip,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
AuditLog records who did what to which resource. It is written through the audit service, the single chokepoint for audit entries. The shape mirrors a future event payload so audit can move to an event/queue pipeline later without changing callers.
type AuthSession ¶
type AuthSession struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey" json:"id"`
SessionID string `gorm:"type:varchar(255);not null;uniqueIndex" json:"-"`
UserID uuid.UUID `gorm:"type:uuid;not null;index" json:"userId"`
IP string `gorm:"type:varchar(64)" json:"ip,omitempty"`
UserAgent string `gorm:"type:text" json:"userAgent,omitempty"`
CreatedAt time.Time `json:"createdAt"`
LastActiveAt time.Time `gorm:"type:timestamptz;not null" json:"lastActiveAt"`
}
AuthSession tracks one active login so a user can see and terminate their sessions (Goravel's session store is not indexed by user). SessionID holds authkit's stable per-guard tracking token (NOT the Goravel session id, which rotates on every login) and is never serialized; the public ID is used to address a session for termination. A request whose session has no row is treated as terminated.
func (AuthSession) TableName ¶
func (AuthSession) TableName() string
type RememberToken ¶
type RememberToken struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey" json:"id"`
UserID uuid.UUID `gorm:"type:uuid;not null;index" json:"userId"`
Selector string `gorm:"type:varchar(64);not null;uniqueIndex" json:"selector"`
ValidatorHash string `gorm:"type:varchar(64);not null" json:"-"`
// PreviousValidatorHash is the validator superseded by the most recent
// rotation. It is accepted for a short grace window (RotatedAt + grace) so
// concurrent requests carrying the just-rotated-away validator are not
// mistaken for theft. Empty before the first rotation.
PreviousValidatorHash string `gorm:"type:varchar(64);not null;default:''" json:"-"`
RotatedAt *time.Time `gorm:"type:timestamptz" json:"-"`
ExpiresAt time.Time `gorm:"type:timestamptz;not null" json:"expiresAt"`
CreatedAt time.Time `json:"createdAt"`
}
RememberToken is a persistent "remember me" login token. It implements the selector-validator pattern (OWASP persistent-login best practice): the cookie carries "selector:validator", the DB stores the selector in clear (for an indexed lookup) and only a hash of the validator. The validator is rotated on every use, which both limits the theft window and enables theft detection (a stale validator presented for a known selector revokes the whole family).
func (RememberToken) TableName ¶
func (RememberToken) TableName() string
type User ¶
type User struct {
ID uuid.UUID `gorm:"type:uuid;primaryKey" json:"id"`
Name *string `gorm:"type:text" json:"name,omitempty"`
Email string `gorm:"uniqueIndex;not null" json:"email"`
EmailVerified *time.Time `gorm:"type:timestamptz" json:"emailVerified,omitempty"`
Image *string `gorm:"type:text" json:"image,omitempty"`
PasswordHash *string `gorm:"type:text" json:"-"`
PasswordChangedAt time.Time `gorm:"type:timestamptz;not null;autoCreateTime" json:"passwordChangedAt"`
// Role has no DB-level default: the service always sets it explicitly so a
// created row can never silently become "admin" (privilege escalation).
Role string `gorm:"type:text;not null" json:"role"`
// DisabledAt, when set, locks the account: login is refused and any live
// session / remember cookie is rejected on its next request. nil = active.
DisabledAt *time.Time `gorm:"type:timestamptz" json:"disabledAt,omitempty"`
// Two-factor (TOTP). Secret + recovery codes are stored encrypted (Crypt
// facade) and never serialized. TwoFactorConfirmedAt is set once the user
// confirms enrollment; nil means 2FA is not active.
TwoFactorSecret *string `gorm:"type:text" json:"-"`
TwoFactorRecoveryCodes *string `gorm:"type:text" json:"-"`
TwoFactorConfirmedAt *time.Time `gorm:"type:timestamptz" json:"-"`
// Start time of the last accepted TOTP step; rejects replay within a code's
// validity window (single-use TOTP).
TwoFactorLastUsedAt *time.Time `gorm:"type:timestamptz" json:"-"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
}
User is the account record owned by goravel-authkit. Apps that adopt the package share this exact shape (table "users"); the package's repositories and services operate on it directly. PasswordHash is never serialized to JSON.
func (*User) IsDisabled ¶
IsDisabled reports whether the account is locked (DisabledAt set).
func (*User) TwoFactorEnabled ¶
TwoFactorEnabled reports whether the user has confirmed TOTP two-factor auth.
Source Files