internal/

directory
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 7, 2026 License: MIT

Directories

Path Synopsis
Package abac is the ABAC (Attribute-Based Access Control) policy authoring and persistence model for accesscore.
Package abac is the ABAC (Attribute-Based Access Control) policy authoring and persistence model for accesscore.
Package accountlockout is the typed mediator that drives auto-lockout decisions for sessionlogin.
Package accountlockout is the typed mediator that drives auto-lockout decisions for sessionlogin.
adapters
http
Package http provides HTTP adapter implementations for accesscore's outbound cross-cell calls.
Package http provides HTTP adapter implementations for accesscore's outbound cross-cell calls.
postgres/internal/pgexec
Package pgexec is the sealed PostgreSQL executor funnel for the accesscore adapter.
Package pgexec is the sealed PostgreSQL executor funnel for the accesscore adapter.
Package adminprovision encapsulates the idempotent, race-safe "bring the first admin into existence" domain logic.
Package adminprovision encapsulates the idempotent, race-safe "bring the first admin into existence" domain logic.
Package authzmutate is the single entry point for all authz-field mutations on a User aggregate.
Package authzmutate is the single entry point for all authz-field mutations on a User aggregate.
Package credential is the single sanctioned holder of accesscore password hashing.
Package credential is the single sanctioned holder of accesscore password hashing.
Package credentialauthority is the read-side funnel for "is this user-bound credential authorized to issue or continue using a session?" decisions.
Package credentialauthority is the read-side funnel for "is this user-bound credential authorized to issue or continue using a session?" decisions.
Package credentialinvalidate is the single entry point for credential revocation events: it bumps the user's authz_epoch, revokes all active sessions, and revokes all refresh chains in one ambient transaction.
Package credentialinvalidate is the single entry point for credential revocation events: it bumps the user's authz_epoch, revokes all active sessions, and revokes all refresh chains in one ambient transaction.
Package domain contains the accesscore Cell domain models.
Package domain contains the accesscore Cell domain models.
Package dto contains accesscore's local typed views of cross-cell event payloads.
Package dto contains accesscore's local typed views of cross-cell event payloads.
Package httpcookie delivers the accesscore refresh token as an httpOnly cookie on the session endpoints (login / refresh / logout) and reads it back on refresh.
Package httpcookie delivers the accesscore refresh token as an httpOnly cookie on the session endpoints (login / refresh / logout) and reads it back on refresh.
mem
Package mem provides in-memory repository implementations for accesscore.
Package mem provides in-memory repository implementations for accesscore.
internal/txlock
Package txlock mints un-forgeable, self-invalidating lock-ownership leases for the mem accesscore store.
Package txlock mints un-forgeable, self-invalidating lock-ownership leases for the mem accesscore store.
Package ports defines accesscore's outbound dependency interfaces.
Package ports defines accesscore's outbound dependency interfaces.
conformance
Package conformance defines a UserRepository contract acceptance suite shared by all ports.UserRepository implementations (mem, PG, future).
Package conformance defines a UserRepository contract acceptance suite shared by all ports.UserRepository implementations (mem, PG, future).
Package scopedtx funnels every tenant-scoped accesscore write (and tenant-scoped read inside a transaction) through a single tenant.WithScope + RunInTx wrapper.
Package scopedtx funnels every tenant-scoped accesscore write (and tenant-scoped read inside a transaction) through a single tenant.WithScope + RunInTx wrapper.
Package sessionmint centralizes access-JWT issuance so that login, IssueForUser (change-password flow), and refresh share a single fail-closed "fetch roles → sign access" pipeline.
Package sessionmint centralizes access-JWT issuance so that login, IssueForUser (change-password flow), and refresh share a single fail-closed "fetch roles → sign access" pipeline.
Package testutil provides shared test fixtures for cells/accesscore tests.
Package testutil provides shared test fixtures for cells/accesscore tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL