Documentation
¶
Index ¶
- Constants
- func APIKeyMiddleware(userRepo *database.UserRepository) fiber.Handler
- func AuthMiddleware(tokenService *token.Service, userRepo *database.UserRepository, ...) fiber.Handler
- func CombinedAuthMiddleware(tokenService *token.Service, userRepo *database.UserRepository, ...) fiber.Handler
- func CreateClaimsFromUser(ctx context.Context, user *database.User) token.Claims
- func GetUserFromContext(c *fiber.Ctx) *database.User
- func HashAPIKey(apiKey string) string
- func JWTMiddleware(tokenService *token.Service, userRepo *database.UserRepository) fiber.Handler
- func OptionalAPIKeyMiddleware(userRepo *database.UserRepository) fiber.Handler
- func RequireAdmin(tokenService *token.Service, userRepo *database.UserRepository) fiber.Handler
- func RequireAuth(tokenService *token.Service, userRepo *database.UserRepository) fiber.Handler
- func RequireAuthWithSkip(tokenService *token.Service, userRepo *database.UserRepository, ...) fiber.Handler
- type Config
- type Service
- func (s *Service) AuthService() *auth.Service
- func (s *Service) AuthenticateUser(ctx context.Context, username, password string) (*database.User, error)
- func (s *Service) CreateOrUpdateUser(ctx context.Context, claims token.Claims) (*database.User, error)
- func (s *Service) GetConfig() *Config
- func (s *Service) GetUserFromToken(ctx context.Context, tokenStr string) (*database.User, error)
- func (s *Service) HashPassword(password string) (string, error)
- func (s *Service) IsUserAdmin(ctx context.Context, userID string) (bool, error)
- func (s *Service) RegisterUser(ctx context.Context, username, email, password string) (*database.User, error)
- func (s *Service) SetupProviders(config *Config) error
- func (s *Service) TokenService() *token.Service
Constants ¶
const UserContextKey contextKey = "user"
Variables ¶
This section is empty.
Functions ¶
func APIKeyMiddleware ¶
func APIKeyMiddleware(userRepo *database.UserRepository) fiber.Handler
APIKeyMiddleware provides API key authentication middleware for This middleware checks for API key in query params or headers
func AuthMiddleware ¶
func AuthMiddleware(tokenService *token.Service, userRepo *database.UserRepository, skipPaths []string) fiber.Handler
AuthMiddleware is a flexible auth middleware that can skip certain paths
func CombinedAuthMiddleware ¶
func CombinedAuthMiddleware(tokenService *token.Service, userRepo *database.UserRepository, requireAuth bool) fiber.Handler
CombinedAuthMiddleware combines JWT and API key authentication Tries JWT first, then falls back to API key
func CreateClaimsFromUser ¶
CreateClaimsFromUser creates JWT claims from a database user
func GetUserFromContext ¶
GetUserFromContext extracts user from context
func HashAPIKey ¶
HashAPIKey generates a SHA256 hash of the API key for secure comparison.
func JWTMiddleware ¶
JWTMiddleware provides JWT authentication middleware for (soft auth - optional) This middleware adds user to context if valid token exists, but doesn't require it
func OptionalAPIKeyMiddleware ¶
func OptionalAPIKeyMiddleware(userRepo *database.UserRepository) fiber.Handler
OptionalAPIKeyMiddleware provides optional API key authentication This middleware adds user to context if valid API key exists, but doesn't require it
func RequireAdmin ¶
RequireAdmin middleware requires admin privileges for protected routes
func RequireAuth ¶
RequireAuth middleware requires authentication for protected routes (hard auth - required)
func RequireAuthWithSkip ¶
func RequireAuthWithSkip(tokenService *token.Service, userRepo *database.UserRepository, skipPaths []string) fiber.Handler
RequireAuthWithSkip requires auth but skips certain paths
Types ¶
type Config ¶
type Config struct {
// JWT configuration
JWTSecret string // JWT signing secret
TokenDuration time.Duration // JWT token duration
CookieDomain string // Cookie domain
CookieSecure bool // Secure cookie flag (used only when CookieSecureAutoDetect is false)
CookieSecureAutoDetect bool // When true, derive Secure flag from request protocol at runtime
CookieSameSite http.SameSite // SameSite cookie attribute
// Direct authentication
DirectAuthEnabled bool // Enable direct username/password authentication
DirectAuthSalt string // Salt for direct authentication
// Application settings
Issuer string // JWT issuer
Audience string // JWT audience
Host string // Host for auth service
Port int // Port for auth service
}
Config represents authentication service configuration
func DefaultConfig ¶
func DefaultConfig() *Config
DefaultConfig returns default authentication configuration
func LoadConfigFromEnv ¶
LoadConfigFromEnv loads configuration from environment variables. Returns an error if JWT_SECRET is not set, as a missing secret is a security risk.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service handles authentication operations using go-pkgz/auth
func NewService ¶
func NewService(config *Config, userRepo *database.UserRepository) (*Service, error)
NewService creates a new authentication service
func (*Service) AuthService ¶
AuthService returns the underlying auth service
func (*Service) AuthenticateUser ¶
func (s *Service) AuthenticateUser(ctx context.Context, username, password string) (*database.User, error)
AuthenticateUser verifies username/password and returns user
func (*Service) CreateOrUpdateUser ¶
func (s *Service) CreateOrUpdateUser(ctx context.Context, claims token.Claims) (*database.User, error)
CreateOrUpdateUser creates or updates a user based on token claims
func (*Service) GetUserFromToken ¶
GetUserFromToken extracts user information from JWT token
func (*Service) HashPassword ¶
HashPassword hashes a password using bcrypt
func (*Service) IsUserAdmin ¶
IsUserAdmin checks if a user has admin privileges
func (*Service) RegisterUser ¶
func (s *Service) RegisterUser(ctx context.Context, username, email, password string) (*database.User, error)
RegisterUser creates a new user with username and password
func (*Service) SetupProviders ¶
SetupProviders configures authentication providers
func (*Service) TokenService ¶
TokenService returns the token service for JWT operations
Source Files