Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ContextWithUser ¶
ContextWithUser returns a new context carrying the service's user entity. The auth middleware sets it after authentication; handlers read it with UserFromContext.
func UserFromContext ¶
UserFromContext returns the service's user entity from the context, or nil if none is present (e.g. service-account requests, or unauthenticated ones).
Types ¶
type Authenticator ¶
type Authenticator[U any] interface { Authenticate(ctx context.Context, token string) (*authorization.Actor, *U, error) EnsureRoles(ctx context.Context, token string, actor *authorization.Actor) (*authorization.Actor, error) }
Authenticator validates a bearer token and returns the resolved actor and the service's user entity. The user is nil for service-account actors.
EnsureRoles completes the actor's realm roles for routes that need them (admin routes), fetching from the identity provider only when the token omitted roles. It is a no-op when roles are already present or when the driver embeds them in the credential, so it is safe to call on any actor.
type UserInfo ¶
type UserInfo struct {
ID string `json:"id"`
Email string `json:"email"`
PhoneNumber *string `json:"phone_number"`
Username string `json:"username"`
FirstName *string `json:"first_name"`
LastName *string `json:"last_name"`
CountryISO string `json:"country_iso"`
Locale string `json:"locale"`
}
UserInfo holds the basic user information used by authentication services.