Documentation
¶
Overview ¶
Package auth provides authentication services for the application.
Index ¶
- Variables
- type AuthService
- type CredentialStore
- type CredentialUpdateOptions
- type CredentialUpdateResult
- type Service
- func (s *Service) Authenticate(ctx context.Context, username, password string) (*session.User, error)
- func (s *Service) CheckLockout(ctx context.Context, username string) (bool, error)
- func (s *Service) ClearAttempts(ctx context.Context, username string) error
- func (s *Service) RecordFailedAttempt(ctx context.Context, username string) error
- func (s *Service) UpdateCredentials(ctx context.Context, opts CredentialUpdateOptions, store CredentialStore) (*CredentialUpdateResult, error)
- type UserStore
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidCredentials = errors.New("invalid credentials") ErrAccountLocked = errors.New("account locked") ErrUserNotFound = errors.New("user not found") )
Common authentication errors.
Functions ¶
This section is empty.
Types ¶
type AuthService ¶
type AuthService interface {
// Authenticate validates credentials and returns the user if successful.
// Returns ErrInvalidCredentials, ErrAccountLocked, or ErrUserNotFound on failure.
Authenticate(ctx context.Context, username, password string) (*session.User, error)
// CheckLockout returns true if the account is locked.
CheckLockout(ctx context.Context, username string) (bool, error)
// RecordFailedAttempt records a failed login attempt.
RecordFailedAttempt(ctx context.Context, username string) error
// ClearAttempts clears failed login attempts.
ClearAttempts(ctx context.Context, username string) error
// UpdateCredentials validates and updates admin credentials.
UpdateCredentials(ctx context.Context, opts CredentialUpdateOptions, store CredentialStore) (*CredentialUpdateResult, error)
}
AuthService provides authentication operations.
func NewService ¶
func NewService(store UserStore) AuthService
NewService creates a new AuthService with the given UserStore.
type CredentialStore ¶
type CredentialStore interface {
UserStore
// UpdateUsername updates the admin username.
UpdateUsername(ctx context.Context, username string) error
// UpdatePassword updates the admin password hash.
UpdatePassword(ctx context.Context, passwordHash string) error
}
CredentialStore extends UserStore with credential update operations.
type CredentialUpdateOptions ¶
type CredentialUpdateOptions struct {
CurrentUsername string
NewUsername string
CurrentPassword string
NewPassword string
ConfirmPassword string
}
CredentialUpdateOptions contains options for updating credentials.
type CredentialUpdateResult ¶
type CredentialUpdateResult struct {
// ChangingUsername is true if the username is being changed.
ChangingUsername bool
// ChangingPassword is true if the password is being changed.
ChangingPassword bool
// ValidationErrors contains validation errors keyed by field name.
ValidationErrors map[string]string
}
CredentialUpdateResult contains the result of a credential update.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service implements AuthService.
func (*Service) Authenticate ¶
func (s *Service) Authenticate(ctx context.Context, username, password string) (*session.User, error)
Authenticate validates credentials and returns the user if successful.
func (*Service) CheckLockout ¶
CheckLockout returns true if the account is locked.
func (*Service) ClearAttempts ¶
ClearAttempts clears failed login attempts.
func (*Service) RecordFailedAttempt ¶
RecordFailedAttempt records a failed login attempt.
func (*Service) UpdateCredentials ¶
func (s *Service) UpdateCredentials(ctx context.Context, opts CredentialUpdateOptions, store CredentialStore) (*CredentialUpdateResult, error)
UpdateCredentials validates and updates admin credentials. It returns a result containing what changes were made and any validation errors. Returns true if credentials were updated, false if only validation was performed.
type UserStore ¶
type UserStore interface {
// CheckAccountLockout returns true if the account is locked.
CheckAccountLockout(ctx context.Context, username string) (locked bool, err error)
// GetUser retrieves a user by username.
GetUser(ctx context.Context, username string) (*session.User, error)
// RecordFailedLoginAttempt records a failed login attempt.
RecordFailedLoginAttempt(ctx context.Context, username string) error
// ClearLoginAttempts clears failed login attempts for a user.
ClearLoginAttempts(ctx context.Context, username string) error
}
UserStore abstracts user persistence operations needed for authentication.
Source Files