auth

package

v1.0.21 Latest Latest Go to latest Published: Feb 20, 2026 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/specledger/specledger

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func DeleteCredentials() error
func GetCredentialsPath() string
func GetSupabaseAnonKey() string
func GetSupabaseURL() string
func GetValidAccessToken() (string, error)
func OpenBrowser(url string) error
func SaveCredentials(creds *Credentials) error
type CallbackResult
type CallbackServer
- func NewCallbackServer(frontendURL string) (*CallbackServer, error)
- func NewCallbackServerWithPort(port int, frontendURL string) (*CallbackServer, error)
type Credentials
- func LoadCredentials() (*Credentials, error)
- func RefreshAccessToken(refreshToken string) (*Credentials, error)
type RefreshTokenResponse

Constants ¶

View Source

const (
	// ProductionAPIURL is the production API base URL
	ProductionAPIURL = "https://app.specledger.io"
	// DevAPIURL is the development API base URL
	DevAPIURL = "http://localhost:3000"

	// SupabaseURL is the Supabase project URL
	SupabaseURL = "https://iituikpbiesgofuraclk.supabase.co"
	// SupabaseAnonKey is the public anon key for Supabase (safe to expose)
	SupabaseAnonKey = "sb_publishable_KpaZ2lKPu6eJ5WLqheu9_A_J9dYhGQb"
)

View Source

const (
	// DefaultCallbackPort is the default port for the CLI callback server
	DefaultCallbackPort = 2026
)

Variables ¶

This section is empty.

Functions ¶

func DeleteCredentials ¶

func DeleteCredentials() error

DeleteCredentials removes the credentials file

func GetCredentialsPath ¶

func GetCredentialsPath() string

GetCredentialsPath returns the path to the credentials file

func GetSupabaseAnonKey ¶

func GetSupabaseAnonKey() string

GetSupabaseAnonKey returns the Supabase anon key

func GetSupabaseURL ¶

func GetSupabaseURL() string

GetSupabaseURL returns the Supabase project URL

func GetValidAccessToken ¶

func GetValidAccessToken() (string, error)

GetValidAccessToken returns a valid access token, refreshing if needed

func OpenBrowser ¶

func OpenBrowser(url string) error

OpenBrowser opens the specified URL in the default browser Returns an error if the browser could not be opened

func SaveCredentials ¶

func SaveCredentials(creds *Credentials) error

SaveCredentials saves credentials to disk with secure permissions

Types ¶

type CallbackResult ¶

type CallbackResult struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"`
	UserEmail    string `json:"user_email"`
	UserID       string `json:"user_id"`
	Error        string `json:"error"`
}

CallbackResult contains the authentication result from the browser

type CallbackServer ¶

type CallbackServer struct {
	// contains filtered or unexported fields
}

CallbackServer handles the OAuth callback from the browser

func NewCallbackServer ¶

func NewCallbackServer(frontendURL string) (*CallbackServer, error)

NewCallbackServer creates a new callback server on port 2026

func NewCallbackServerWithPort ¶

func NewCallbackServerWithPort(port int, frontendURL string) (*CallbackServer, error)

NewCallbackServerWithPort creates a new callback server on the specified port

func (*CallbackServer) CallbackURL ¶

func (cs *CallbackServer) CallbackURL() string

CallbackURL returns the URL that should be used for OAuth redirect

func (*CallbackServer) Port ¶

func (cs *CallbackServer) Port() int

Port returns the port the server is listening on

func (*CallbackServer) Shutdown ¶

func (cs *CallbackServer) Shutdown() error

Shutdown gracefully shuts down the server

func (*CallbackServer) Start ¶

func (cs *CallbackServer) Start()

Start starts the callback server in the background

func (*CallbackServer) WaitForCallback ¶

func (cs *CallbackServer) WaitForCallback(timeout time.Duration) (*CallbackResult, error)

WaitForCallback waits for the authentication callback with a timeout

type Credentials ¶

type Credentials struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"` // seconds until expiry
	CreatedAt    int64  `json:"created_at"` // unix timestamp when saved
	UserEmail    string `json:"user_email"`
	UserID       string `json:"user_id"`
}

Credentials represents the stored authentication tokens

func LoadCredentials ¶

func LoadCredentials() (*Credentials, error)

LoadCredentials loads credentials from disk

func RefreshAccessToken ¶

func RefreshAccessToken(refreshToken string) (*Credentials, error)

RefreshAccessToken uses the refresh token to get a new access token

func (*Credentials) ExpiresAt ¶

func (c *Credentials) ExpiresAt() time.Time

ExpiresAt returns the expiration time

func (*Credentials) IsExpired ¶

func (c *Credentials) IsExpired() bool

IsExpired checks if the access token has expired

func (*Credentials) IsValid ¶

func (c *Credentials) IsValid() bool

IsValid checks if credentials exist and have required fields

type RefreshTokenResponse ¶

type RefreshTokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"`
	Email        string `json:"email"`
	UserID       string `json:"user_id"`
	Error        string `json:"error"`
	ErrorMessage string `json:"error_description"`
}

RefreshTokenResponse represents the response from token refresh

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL