Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

auth

package module

Go to main page

Versions in this module

v0

v0.1.0

Apr 19, 2026

Changes in this version

+ const TagUnauthenticated

+ const TagUnauthorized

+ var ErrCannotCreateAccessToken = errors.New("cannot create access token")

+ var ErrCannotCreateRefreshToken = errors.New("cannot create refresh token")

+ var ErrCannotHashPassword = errors.New("cannot hash password")

+ var ErrIdentityIsBlocked = errors.New("identity is blocked")

+ var ErrInvalidIdentity = errors.New("invalid identity")

+ var ErrInvalidPassword = errors.New("invalid password")

+ var ErrInvalidToken = translation.WithDomain(erruser.New("invalid access token", "Please provide a valid access token"), ...)

+ var ErrTokenIsExpired = errors.New("token is expired")

+ var ErrTokenIsRevoked = errors.New("token is revoked")

+ var ErrUnauthenticated = translation.WithDomain(errors.WithAddedTags(erruser.New("unauthenticated", ...), TagUnauthenticated), ...)

+ var ErrUnauthorized = translation.WithDomain(...)

+ func AddHttpCode() errhttp.ErrorProcessor

+ func GetPerformerID(ctx context.Context) uuid.UUID

+ func GetRefreshToken(ctx context.Context) string

+ func NewManifesto() module.Manifesto

+ func NewModule(options ...module.Option) *module.Module

+ func OverrideAccountRepository[T repository.AccountRepository](authModule *module.Module) *module.Module

+ func OverrideCredentialRepository[T repository.CredentialRepository](authModule *module.Module) *module.Module

+ func OverrideIdentityRepository[T repository.IdentityRepository](authModule *module.Module) *module.Module

+ func OverrideMiddlewareAuthenticator[T Authenticator](authModule *module.Module) *module.Module

+ func OverrideResetPasswordRequestRepository[T repository.ResetPasswordRequestRepository](authModule *module.Module) *module.Module

+ func OverrideTokenHashStrategy[T hash.TokenHashStrategy](authModule *module.Module) *module.Module

+ func OverrideTokenRepository[T repository.TokenRepository](authModule *module.Module) *module.Module

+ func RemoveRefreshToken(ctx context.Context)

+ func SendRefreshToken(ctx context.Context, token string)

+ func WithPerformer(ctx context.Context, performer Performer) context.Context

+ func WithRefreshToken(ctx context.Context, refreshToken string) context.Context

+ type Authenticator interface

+ Authenticate func(ctx context.Context, token string) (Performer, error)

+ type Middleware struct

+ func NewMiddleware(authenticator Authenticator, config *MiddlewareConfig, ...) *Middleware

+ func (a *Middleware) HTTPMiddleware() mHttp.Middleware

+ func (a *Middleware) Middleware(next http.Handler) errhttp.Handler

+ type MiddlewareConfig struct

+ func NewMiddlewareConfig() (*MiddlewareConfig, error)

+ type ModuleConfig struct

+ AccessTokenTTL time.Duration

+ RefreshTokenTTL time.Duration

+ type PasswordAuthenticator struct

+ func NewPasswordAuthenticator(accountRepository repository.AccountRepository, ...) *PasswordAuthenticator

+ func (a *PasswordAuthenticator) Authenticate(ctx context.Context, identity, password string) (Performer, error)

+ func (a *PasswordAuthenticator) Register(ctx context.Context, accountID uuid.UUID, identity, password string, ...) (repository.Account, error)

+ func (a *PasswordAuthenticator) RemoveIdentity(ctx context.Context, identity string) error

+ type Performer struct

+ ID uuid.UUID

+ IdentityID uuid.UUID

+ Roles []string

+ SessionID uuid.UUID

+ func GetPerformer(ctx context.Context) Performer

+ type PlainTokenAuthenticator struct

+ func NewPlainTokenAuthenticator(accountRepository repository.AccountRepository, ...) *PlainTokenAuthenticator

+ func (a *PlainTokenAuthenticator) Authenticate(ctx context.Context, token string) (Performer, error)

+ func (a *PlainTokenAuthenticator) IssueNewAccessToken(ctx context.Context, refreshToken string, ...) (repository.AccessToken, error)

+ func (a *PlainTokenAuthenticator) IssueTokens(ctx context.Context, identityID uuid.UUID, ...) (TokenPair, error)

+ func (a *PlainTokenAuthenticator) RefreshAccessToken(ctx context.Context, refreshToken string, ...) (repository.AccessToken, error)

+ type RefreshTokenConfig struct

+ CookieDomain string

+ CookieName string

+ CookieSecure bool

+ TTL time.Duration

+ type TokenPair struct

+ AccessToken repository.AccessToken

+ RefreshToken repository.RefreshToken