Documentation
¶
Index ¶
- Constants
- Variables
- func CredentialPathForConfig(configFile string) string
- func RegisterPublicRoutes(v1 *gin.RouterGroup, deps *ServerDependencies)
- func RequireAuthenticated(deps *ServerDependencies) gin.HandlerFunc
- func SessionPathForConfig(configFile string) string
- type AuthCredentialsRequest
- type AuthManager
- func (m *AuthManager) AuthenticateSession(sessionID string) (string, error)
- func (m *AuthManager) IsInitialized() bool
- func (m *AuthManager) Login(username, password string, rememberMe bool) (string, error)
- func (m *AuthManager) Logout(sessionID string)
- func (m *AuthManager) SessionTTL() time.Duration
- func (m *AuthManager) SetDisableRateLimit(disabled bool)
- func (m *AuthManager) Setup(username, password string) error
- func (m *AuthManager) Username() (string, bool)
- type AuthStatusResponse
- type ErrorResponse
- type ServerDependencies
Constants ¶
const DefaultSessionTTL = 24 * time.Hour
DefaultSessionTTL is the default authenticated session lifetime.
Variables ¶
var ( ErrAuthNotInitialized = errors.New("authentication is not initialized") ErrAuthAlreadySet = errors.New("authentication is already initialized") ErrInvalidCredentials = errors.New("invalid username or password") ErrInvalidSession = errors.New("invalid or expired session") ErrInvalidUsername = errors.New("invalid username") ErrWeakPassword = errors.New("weak password") ErrLoginRateLimited = errors.New("too many login attempts") )
Functions ¶
func CredentialPathForConfig ¶
CredentialPathForConfig returns the auth credential file path next to config.
func RegisterPublicRoutes ¶
func RegisterPublicRoutes(v1 *gin.RouterGroup, deps *ServerDependencies)
func RequireAuthenticated ¶
func RequireAuthenticated(deps *ServerDependencies) gin.HandlerFunc
func SessionPathForConfig ¶
Types ¶
type AuthCredentialsRequest ¶
type AuthCredentialsRequest = contracts.AuthCredentialsRequest
type AuthManager ¶
type AuthManager struct {
// contains filtered or unexported fields
}
AuthManager manages single-user credentials and in-memory sessions.
func NewAuthManager ¶
func NewAuthManager(configFile string, sessionTTL time.Duration) (*AuthManager, error)
NewAuthManager creates an auth manager and loads credentials from disk if present.
func (*AuthManager) AuthenticateSession ¶
func (m *AuthManager) AuthenticateSession(sessionID string) (string, error)
AuthenticateSession validates a session and returns its username.
func (*AuthManager) IsInitialized ¶
func (m *AuthManager) IsInitialized() bool
IsInitialized reports whether credentials exist.
func (*AuthManager) Login ¶
func (m *AuthManager) Login(username, password string, rememberMe bool) (string, error)
Login validates credentials and returns a new session ID.
func (*AuthManager) Logout ¶
func (m *AuthManager) Logout(sessionID string)
Logout invalidates a session.
func (*AuthManager) SessionTTL ¶
func (m *AuthManager) SessionTTL() time.Duration
SessionTTL returns the configured session lifetime.
func (*AuthManager) SetDisableRateLimit ¶
func (m *AuthManager) SetDisableRateLimit(disabled bool)
SetDisableRateLimit enables or disables rate limiting on login attempts. Used for e2e testing where rate limiting would interfere with automated logins.
func (*AuthManager) Setup ¶
func (m *AuthManager) Setup(username, password string) error
Setup initializes single-user credentials.
func (*AuthManager) Username ¶
func (m *AuthManager) Username() (string, bool)
Username returns the configured username when initialized.
type AuthStatusResponse ¶
type AuthStatusResponse = contracts.AuthStatusResponse
type ErrorResponse ¶
type ErrorResponse = contracts.ErrorResponse
type ServerDependencies ¶
type ServerDependencies = core.ServerDependencies
Source Files